That depends on what you are trying to achieve :-)
The Remote Desktop (TCP-In) rule is separate from Core Networking and the rule is bound to System .. if you create a rule specifically for 3389 on a port-basis, by default that may infer that "all programs that meet the specified condition" are allowed, not just built-in (System).
What specifically are you trying to do?
MyloTuesday, May 26, 2009 6:36 PM
Well actually my question is:
If i would remove all firewall entries leaving no entries/empty it.
And then add port 3389 TCP.
Would i then still be able to:
1. Use remote Desktop From a Remote Computer to my Dedicated server
2. If on the servers side the network/internet ii still work without the "Core networking" entry.
(if Core Networking is required for Remote Desktop)Tuesday, May 26, 2009 6:45 PM
As the previous poster stated. Why do you want to remove core networking rules?
If you remove all firewall entries or disable them, then you're going to impact functionality of the server ....
Unless there's a good reason, leave the default rules as is (and that includes RDP).
If RDP is not working with the firewall rule enabled, then the probable reason is that Remote Desktop has not been enabled via Control Panel | System | Remote for the selected users or groups that require RDP access.
MyloWednesday, May 27, 2009 5:06 PM
microsoft has eased out administrator task by providing default inbound and outbound rules with core networking rule as default. i would suggest you to disable them if you dont need them. so that required ports will be blocked
sainath windows driver development.Wednesday, June 03, 2009 10:30 AM
Understood.... by default the firewall may block ports/functionality in Win2k8 based upon how interfaces are categorized: Public | Private | Domain, subject to which network interfaces are enabled on the server and the relative "trustworthiness" of those interfaces.... in broad terms (public = untrusted) and (domain = trusted).. assuming you have a single NIC and the server in question is on the LAN and is a domain member then you're in the domain layer and it's up to you to decide what protocols you wish to allow into the server . As a general rule-of-thumb, the server will only open up ports/services based on decisions you make when enabling/configuring rules/features .... the intention being to lock down the server by default.
Having said that (in the "Domain"), File/Print Sharing, for example, is enabled on the Domain interfaces on the basis that the server is in a relatively trusted zone (as a domain member)...as a result you may wish to ping/map drives to the server and this is reflected in the Core Networking rules... If this is not something you want, then disable them and leave the RDP rule enabled.
Consider though that if you disable some core functionality throught the firewall (E.g ICMP) then functionality such as Group Policy rules processing for that server may be affected.
If you're locking down the server, then consider the rule of the interface versus the firewall rule. For example, if you disable NetBIOS on your LAN interface (in Control Panel|TCP/IP) then the firewall settings *** aren't automatically updated to reflect that change, so the firewall may say it will pass NetBIOS but the interface overrides that decision (because NetBIOS has been disabled)... i.e. remember the firewall sits on top of each network interface and rules can be configured on that basis, depending on the "zoning" defined (Public v Private v Domain).
Hope that helps rather than complicate things :-)
*** File and Printer Sharing (NB-Datagram-In, NB-Name-In, NB-Session-In)Wednesday, June 03, 2009 11:13 PM