By default, Windows Firewall’s setting for File and Printer Sharing is set to “subnet” scope: only allow requests from the same subnet as itself. This is generally a good default security policy that balances safety with convenience, but on my home network, I run several different subnets (wired, wireless, VPN, etc.) and this tends to be an issue.
Here’s a very simple VB script that can be run with Windows Scripting Host to expand the scope from “subnet” to “any”:
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
Set colServices = objPolicy.Services
Set objService = colServices.Item(0)
objService.Enabled = TRUE
objService.Scope = 0
I stick that in a file named winfw-smb-scope-any.vbs and run it from a DOS prompt with cscript.exe. Done!
Do you have any other handy scripts you think are really useful? Tell me about them in the comments … thanks!
Tags: Windows Firewall, SMB, file sharing, scripting
Latest comments