windows firewall rules

Page 2 of 2 FirstFirst 12

  1. readysteady101
    Posts : 23
    windows7
    Thread Starter
       New #11

    Hello UsernameIssues, and thanks for givinig this your time. Firtly would like to apologise for menitioning "exploits", wasnt aware of rules so my bad and hope no damage done. We dont have issues with people logging in locally on the pc's, just across the network, although it wouldnt be a problem for anyone as all credentials are the same. And yes they are all school machines. Everybody in the class is in the manually activated admin accounts with same username and passwords....for convenience. So yes, a real headache. Not ready to escalate this to the next level yet, would really like to nail down some absolute proof and take it from there. Stopping the server service, as metioned by Alejandro might not be the worst idea if there is no better solution, as we could activate/deactivate service with a batch file....does that make sense? Im pretty sure we're on a Domain Network, so changing those settings may be difficult. When I started this thread I was, maybe naively, hoping there might be a simple Firewall setting or failing that an appropriate way to log unwanted connections but its starting to seem a little bit more complicated than that. Thanks again for your time:)
      My Computer
    Quote Quote

  3. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #12

    readysteady101 said:
    ....We dont have issues with people logging in locally on the pc's, just across the network....
    Just to make sure that you understand. If you log on using a local user account and a locally stored password, the pranks from a remote computer can still occur. Even if you create a new local user account and a new local password, the pranks can still occur.



    readysteady101 said:
    ...And yes they are all school machines...
    Then that makes much more sense. The school IT staff can do whatever they want with the school's computers. You could get in trouble by installing stuff to prevent connections because you might prevent good connections too.



    readysteady101 said:
    ....although it wouldnt be a problem for anyone as all credentials are the same....
    Having the local credentials be the same is not that unusual for computers joined to a domain, but hopefully each student has a unique domain username and password.



    readysteady101 said:
    ......Stopping the server service, as metioned by Alejandro might not be the worst idea if there is no better solution, as we could activate/deactivate service with a batch file....does that make sense?...
    There are lots of good things that the server service is used for on a domain. If you know when tutors need to put files on the computer, then I guess that you could turn it back on for a while. But you need to understand that there will be a record of when you turned it off. And depending on what all is being checked by compliance scripts, that record of the service being turned off might be sent to a server.



    readysteady101 said:
    ...Not ready to escalate this to the next level yet, would really like to nail down some absolute proof and take it from there....
    If you stop the server service, you won't be able to know what other computer connected... well, at least not without some real geeky tools.



    readysteady101 said:
    ....Im pretty sure we're on a Domain Network, so changing those settings may be difficult....
    It does not matter much to the pranksters if you are on a domain or not. If students know the local admin account passwords, then this kind of stuff will continue to happen. It does not sound like the IT staff has too much locked down. You can probably disable the service (which will disable other services automatically). I just would not risk doing it to a computer that I did not own.



    readysteady101 said:
    ...Not ready to escalate this to the next level yet, would really like to nail down some absolute proof and take it from there. ~~~~~~~ When I started this thread I was, maybe naively, hoping there might be a simple Firewall setting or failing that an appropriate way to log unwanted connections but its starting to seem a little bit more complicated than that...
    Yes, it is pretty hard to track stuff back to a student when everyone knows local admin credentials.



    readysteady101 said:
    ....... Thanks again for your time:)
    You are welcome.

    Out of curiosity:
    Do these computers have the network type set to Public?


    You might want to put this onto a USB flash drive and do a quick scan of a computer before using it.
      My Computer
    Quote Quote

  4. readysteady101
    Posts : 23
    windows7
    Thread Starter
       New #13

    Hello again. The first thing I wanted to get straight was yes, all students do have the exact login name and password. I know it seems ridiculous but there you have it....its just asking for trouble. This is why my hopes are more about tracing...I would like to be able to block, but that doesnt seem realistic...or is it? Would setting firewall to public be of use? Anyway, thanks again, input is very much appreciated.
      My Computer
    Quote Quote

  6. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #14

    Setting the network type to Public should make it a bit harder on the pranksters:
    Network Location - Set as Home, Work, or Public Network
    As you noted, that automatically changes which firewall rules are in effect.

    Since everyone has the same log in credentials, then remove that one account from the local admin group and it back when you know tutors need access.
      My Computer
    Quote Quote

  7. readysteady101
    Posts : 23
    windows7
    Thread Starter
       New #15

    Thanks again UsernameIssues. Just got this now. Im interested in your comment about "removing from local admin group", so without real knowledge have googled this, but only seem to find results relating to removing the account altogether, Im pretty sure this is not what you mean? Can you point me to a tutorial? Thanks again, and sorry for extra request.
      My Computer
    Quote Quote

  8. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #16

    No, you don't want to remove the account, just change its membership. That said, you really need to know what you are doing before making such changes. I had hoped that you would ask IT for help doing this. It should stop the remote pranks... at least the ones that require admin rights.

    I can tell you how to remove this student group account from the local admin group - that is easy. It is putting the account back in that might not be so easy. I don't know enough about your school's network to give you those steps.

    Again, it is best that you ask IT if you can make these changes. Then let them show you how to make them. They might ask why, so just tell them. You don't have to mention any names of students. Just tell them that you want the pranks to stop. You will probably find that most things work just fine on the school computer(s) that you are using without being an admin.
      My Computer
    Quote Quote

  10. readysteady101
    Posts : 23
    windows7
    Thread Starter
       New #17

    Hello again and thanks for sticking with it. It seems I was not the only person looking for a solution to this issue, and today, IT removed three user accounts fromt the domain, which effectively removed three students from the course for "inappropriate behaviour on the network". The girl I mentioned earlier who had some hacking knowledge but, in my opinion, not the mischievous streak was not among the three and Im really glad about that, but very surprised at two of the others. It seems you dont really know people, or how they will act when they think they can remain anonymous, and although still sorry to see them go, they were acting like jerks of the their own free will. So, I would like to wrap up this thread by thanking you UsernamiIssues, Alejandro and of course Jacee for all your time and support. Best of luck to you all and thankyou, Readysteady:)
      My Computer
    Quote Quote

 
Page 2 of 2 FirstFirst 12

  Related Discussions
I'm setting up my computer so that it back up automatically. For most files I have no problem, but now I want to include my entire firewall configuration in it. Manually, I can just open the firewall advanced configuration and click the link to export the config, which works greatly, but now,...
The firewall's advanced rules all of a sudden don't work anymore. If I tell the firewall to block all incoming connections it does, and Windows says the firewall is working. But all rules, old and new, regarding a particular application, don't work anymore. If I tell the firewall to ...
Hi guys, I'm in a bit of a pickle. My brother, being the brilliant *cough* sarcasm *cough* chap he is, never does any software maintenance on his computer, isn't very careful about what he downloads, and never tells me about anything odd. He simply ignores it all and assumes all will be fine,...
can any one tell me how to write a new rules in windows firewalls ... and how do i change my port no 80 to some other no ?? thanks in advance friends
So my problem is that I deleted several entries in the windows firewall. Now when I open the 'Services' applet, nothing shows and I get the following error message: One or More ActiveX controls could not be displayed because either: 1. Your current security settings prohibit running ActiveX...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 14:42.
Find Us