Allow file and print sharing exception - Domain Profile
|ID: oval:gov.nist.USGCB.xpfirewall:def:5005||Date: (C)2012-04-13 (M)2017-07-28|
|Class: COMPLIANCE||Family: windows|
This setting allows file and printer sharing by configuring Windows Firewall to open UDP ports 137 and 138 and TCP ports 139 and 445. If you enable this policy setting, Windows Firewall opens these ports so that the computer can receive print jobs and requests for access to shared files. You must specify the IP addresses or subnets from which these incoming messages are allowed. If you disable this policy setting, Windows Firewall blocks these ports and prevents the computer from sharing files and printers. Because the computers in your environment running Windows XP will not normally be sharing files and printers, this appendix recommends you configure this setting as Disabled in all environments. Note: If any policy setting opens TCP port 445, Windows Firewall allows inbound ICMP echo request messages (such as those sent by the Ping utility), even if the Windows Firewall: Allow ICMP exceptions policy setting would block them. Policy settings that can open
TCP port 445 include Windows Firewall: Allow file and printer sharing exception, Windows Firewall: Allow remote administration exception, and Windows Firewall: Define port exceptions.
|Microsoft Windows XP|