How to enable and disable Windows XP SP2 firewall, programmatically

• Download source - 22.5 Kb

Introduction

Since the birth of Windows XP, Microsoft is more proud of its OS. XP is really a robust operating system. After service pack 2 of this product, Microsoft introduced a very good thing called Security Center to increase user security, providing firewall, popup blocker, and etc. All these are very useful to all users. For example, firewall can prevent other applications accessing services like FTP service without permission from users. To access firewall, you can use Firewall’s API, but for those that would like to just enable/disable XP’s firewall.

I wrote an application (with just a few lines of code) to do it!!!

Let’s see how a firewall acts in a system: when user selects “turn on” or “turn off”, it saves information as 1 or 0 in the Registry, under this key:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\ 
                            Parameters\FirewallPolicy\StandardProfile

With a REG_DWORD value named EnableFirewall, 0 means turn off and 1 means turn on! But at this time, if you select “turn off” in Security Center, you will be informed by a red notify icon and balloon text that appears in system, trying to give you this message:

This is because at this time, SVCHOST.EXE, after this change in Registry, will load another application named “wscntfy.exe” belonging to XP SP2, in the system root %system32%. And wscntfy.exe notifies users by this message!!!

If you run your own application changing the EnableFirewall value in Registry, then renaming your application file as “wscntfy.exe”, you have successfully disabled the firewall and users will know nothing about it!!!

I tested my application in latest SP2 updated from Microsoft. My source code is in MFC, a very small application.