So far, we came to know about the Windows Firewall. In the previous article, we learn about how we can disable windows firewalls using GUI (Graphical User Interface). The objective of this article is to disable Windows Firewall using cmd (command prompt).
How to Enable or Disable Windows Firewall?
As we know Windows Firewall, by default, is enabled on Microsoft Operating System. For many reasons, you may need to disable the Windows Firewall. To disable windows firewall, we can either use the Graphical User Interface (GUI) or use the command prompt (cmd) mode. This article will guide you on how to disable windows firewall using cmd.
Steps to disable Windows Firewall using cmd
- Open cmd using Administrator Privileges as shown in the below picture.
- Then, you can below-mentioned command to disable the windows firewall.
NetSh Advfirewall set allprofiles state off
- Now, you can enable Windows Firewall using the below command.
NetSh Advfirewall set allprofiles state on
- Last, if you want to know the status of the Windows Firewall, you can use the following guide.
Netsh Advfirewall show allprofiles
Advanced netsh configuration of Windows Firewall
So far, we discussed some simple commands to enable or disable windows firewalls. But, the cmd can be used for the advanced configuration of the windows firewall. Now, we will discuss on below topics one by one and learn the complete configurations of the Windows Firewall. Before we start, we need to know about various profiles which are builtin with Operating System:
Disable ICMP Protocol:
ICMP stands for Internet Control Message Protocol and is used to disable or enable PING(Packet InterNet Groper). By default, ICMP is blocked on public network profiles and allowed on private profiles. If we require to block “ping” we have to disable “ICMP” network packets. The following command will show you how to disable or enable “ICMP” packets to disable or enable “ping” requests in the inbound direction on the IPv4 network. After the implementation of this command, your system will drop all packets of ICMP.
netsh advfirewall firewall add rule name=”All ICMP V4″ dir=in action=block protocol=icmpv4
netsh advfirewall firewall add rule name=”All ICMP V4″ dir=in action=allow protocol=icmpv4
Monitor Firewall Logs:
By default, the log of Microsoft Windows Firewall is “\Windows\system32\LogFiles\Firewall\pfirewall.log“, and we can change them to a particular file at a particular location. We must audit firewall logs so that we can identify a particular threat or network which tries to attack our system. We can configure logs using the below command in command prompts:
netsh advfirewall set currentprofile logging filename “C:\pfirewall.log”
Configure Firewall Ports:
As we know ports are virtual paths from source to destination. To secure our network, we must disable or close unused ports. Windows firewalls and other firewalls can be used to disable or enable various ports. To disable or enable particular ports we can use the following commands in the Windows Command prompt:
netsh advfirewall firewall add rule name=”Example Communication Port 80″ dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name=”Example Communication Port 80″ dir=out action=allow protocol=TCP localport=80
Disable or Enable Windows Program:
As we know, a windows firewall can be used to Block or Enable a windows program. A program might reach the internet or not, depending upon the following commands:
netsh advfirewall firewall add rule name=”Your Application” dir=in action=allow program=”C:\ProgramExample.exe”
Note: This is a sample program, you can configure your program by giving the correct directory and correct program name.
Enable RDP (Remote Desktop Protocol):
Remote Desktop Connection commonly known as RDP can be used to take the console of a remote system. That particular user can be in a private network or a public network. We commonly enable RDP on Microsft Server like Windows Server 2012 R2. To enable RDP you can follow the below command:
netsh advfirewall firewall set rule group=”remote desktop connection” new enable=Yes
netsh advfirewall firewall set rule group=”remote desktop connection” new enable=No
Reset Windows Firewall:
If you want to reset all manual settings which are misconfigured on Windows Firewall, you can use your command prompt. To restore default settings you can use given below command:
netsh advfirewall reset
Export/ Import Firewall Configuration:
If you fully configured your firewall with the required configurations, then it’s a good idea to export the current configuration to a file so that you can restore the original configuration whenever required. To export current settings you can follow the below commands:
netsh advfirewall export “C:\temp\WFconfiguration.wfw”
netsh advfirewall import “C:\temp\WFconfiguration.wfw”
In this article, we learn how to disable windows firewalls using the command prompt. First of all, we learn how to disable or enable windows firewalls. We also learn how to check the status of the windows firewall. After all, we come to know about some important commands of netsh utility to manage windows firewall efficiently.