The following are common scenarios for modifying the default configuration of Windows Firewall.
Third Party Firewall Enabled
An original equipment manufacturer (OEM) may choose to provide its customers with a third-party host-based firewall. If this firewall is enabled by default, then it is recommended that Windows Firewall be disabled. This can be done by modifying the Windows Firewall INF file to disable Windows Firewall by default.
Preinstalled Programs
An OEM or enterprise may choose to install a suite of programs by default. Some of these programs may need to receive unsolicited incoming traffic in order to function correctly. Windows Firewall can be configured to allow specific unsolicited incoming traffic by default by adding the programs to the Windows Firewall's exceptions list. This can be done by adding entries for the programs to the Windows Firewall INF file. Only programs that require unsolicited incoming traffic should be added to the exceptions list; programs that do not require unsolicited incoming traffic should not be added to the exceptions list.
Pre-Opened Ports
An enterprise may choose to use various network services and want to ensure that the network traffic for those services are allowed by default through Windows Firewall. For example, an enterprise may use some of the remote management functionality included in Windows XP. Windows Firewall can be configured to open the necessary ports by default by adding them to the Windows Firewall's exceptions list. This can be done by adding entries for the TCP or UDP ports to the Windows Firewall INF file. Statically opening ports does potentially increase a computer's exposure to attack, so the number of ports opened in Windows Firewall by default should be kept to a minimum.
Location of Windows Firewall INF file
On a Windows XP CD image, the location of the Windows Firewall INF file is:
Cd_drive:\I386\Netfw.in_
Note On a Windows XP CD image, the file's name is Netfw.in_ (not Netfw.inf).
After the installation of Windows XP with SP2, the location of the Windows Firewall INF file is:
%WINDIR%\Inf\Netfw.inf
