locked
Core Networking

    Question

  • My question is if Remote Desktop and the network/internet will still work if i remove the Core Networking entry in the windows firewall ? And if i can also remove the Remote Desktop entry and add 3389 as port instead ?
    Tuesday, May 26, 2009 5:08 AM

All replies

  • Cuoco,

    That depends on what you are trying to achieve :-)
    The Remote Desktop (TCP-In) rule is separate from Core Networking and the rule is bound to System .. if you create a rule specifically for 3389 on a port-basis, by default that may infer that "all programs that meet the specified condition" are allowed, not just built-in (System).

    What specifically are you trying to do?

    Regards,
    Mylo 
    Tuesday, May 26, 2009 6:36 PM
  • Well actually my question is:

    If i would remove all firewall entries leaving no entries/empty it.
    And then add port 3389 TCP.

    Would i then still be able to:

    1. Use remote Desktop From a Remote Computer to my Dedicated server
    2. If on the servers side the network/internet ii still work without the "Core networking" entry.
        (if Core Networking is required for Remote Desktop)
    Tuesday, May 26, 2009 6:45 PM
  • hi cuoco,

    why do you want to remove core networking rules ? is there a specific reason


    sainath windows driver development.
    Wednesday, May 27, 2009 11:48 AM
  • Cuoco,

    As the previous poster stated. Why do you want to remove core networking rules?

    If you remove all firewall entries or disable them, then you're going to impact functionality of the server ....

    Unless there's a good reason, leave the default rules as is (and that includes RDP).

    If RDP is not working with the firewall rule enabled, then the probable reason is that Remote Desktop has not been enabled via Control Panel | System | Remote for the selected users or groups that require RDP access.

    Regards,
    Mylo
    Wednesday, May 27, 2009 5:06 PM
  • Because im afraid that the "Core Networking" entry in the firewall will open up more ports inbound/outbound to and from my server.

    Or is that not the case ?

    Cuoco
    Thursday, May 28, 2009 10:50 PM
  • Hi Cuoco,

    microsoft has eased out administrator task by providing default inbound and outbound rules with core networking rule as default. i would suggest you to disable them if you dont need them. so that required ports will be blocked


    sainath windows driver development.
    Wednesday, June 03, 2009 10:30 AM
  • Cuoco,

    Understood.... by default the firewall may block ports/functionality in Win2k8 based upon how interfaces are categorized: Public | Private | Domain, subject to which network interfaces are enabled on the server and the relative "trustworthiness" of those interfaces.... in broad terms (public = untrusted) and (domain = trusted)..  assuming you have a single NIC and the server in question is on the LAN and is a domain member then you're in the domain layer and it's up to you to decide what protocols you wish to allow into the server . As a general rule-of-thumb, the server will only open up ports/services based on decisions you make when enabling/configuring rules/features .... the intention being to lock down the server by default.

    Having said that (in the "Domain"),  File/Print Sharing, for example, is enabled on the Domain interfaces on the basis that the server is in a relatively trusted zone (as a domain member)...as a result you may wish to ping/map drives to the server and this is reflected in the Core Networking rules... If this is not something you want, then disable them and leave the RDP rule enabled.

    Consider though that if you disable some core functionality throught the firewall (E.g  ICMP) then functionality such as Group Policy rules processing for that server may be affected.
    If you're locking down the server, then consider the rule of the interface versus the firewall rule. For example, if you disable NetBIOS on your LAN interface (in Control Panel|TCP/IP) then the firewall settings *** aren't automatically updated  to reflect that change, so the firewall may say it will pass NetBIOS but the interface overrides that decision (because NetBIOS has been disabled)... i.e. remember the firewall sits on top of each network interface and rules can be configured on that basis, depending on the "zoning" defined (Public v Private v Domain).

    Hope that helps rather than complicate things :-)

    Regards,
    Mylo

    *** File and Printer Sharing (NB-Datagram-In, NB-Name-In, NB-Session-In)
    Wednesday, June 03, 2009 11:13 PM