FBWF - Allow new network connections to be saved RRS feed

  • Question

  • Hi

    I have a WES 7 system and use FBWF to lock it down, I would like the clients to be able to connect the system to a LAN, either direct or wireless, and have the system remember the network settings, i.e. public, work, passwords etc. after a reboot

    I have read other posts that point me in the right direction and have also used regshot to see keys being modified. I currently have the following keys defined in the registry filter

    HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\NetworkList
    HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\HomeGroup
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

    I also have the following exclusions in the FBWF
    c: \ProgramData\Microsoft\Wlansvc
    c: \windows\System32\Config

    With the above settings, the system successfully saves both wireless and wired network connections.

    My concern, and therefore question is about the 2 FBWF exclusions I have added, in particular the 'c:\windows\system32\config' directory. I am worried this could cause problems if this gets corrupted by say a user installing a program, could this directory get 'out of sync' with the rest of the system which is protected by the FBWF? And if so could this crash the system?

    Is there any other way I should have propogated the network settings after a reboot?

    Any comments/advice appreciated.



    Thursday, December 15, 2016 3:12 PM

All replies

  • The c:\windows\System32\Config directory contains the registry. One of the most important items to protect is the registry files. By opening a hole for c:\windows\System32\Config, the purpose of using FBWF is defeated.

    One trick is to have a batch file that contains the network settings. The file can be in FBWF exclusion. On boot up the  batch file is called and sets the network settings. Basically edit the batch to change network settings.

    Sean Liming - Book Author: Starter Guide SIM - www.annabooks.com / www.seanliming.com

    Friday, December 16, 2016 12:27 AM