|
| View previous topic :: View next topic |
| Author |
Message |
Kris
Joined: 12 May 2010
Posts: 372
|
 Posted: Fri Jun 04, 2021 3:51 am Post subject: PS: Windows Firewall status |
 |
|
The following Powershell code will return a 6 character string, representing the status of the Windows firewall.
For each zone (Domain, Public and Private) there's 2 characters.
The first character shows the status of the zone (1=Enabled, 0=Disabled)
The second character show the Default Action for that zone (1=Blocking, 0=not Blocking)
It executes pretty quick, so if you like you should be able to schedule it even up to every 10 seconds or so for super vulnerable/critical servers.
The test cmd runs like:
| Code: | | powershell.exe %script% %params% |
and takes the target computername as parameter.
Test code:
| Code: |
If (!$args[0])
{
echo ScriptRes:Unknown:"No ComputerName specified"
exit
}
$ComputerName = $args[0]
[string]$FirewallStatus = ""
[string]$bita = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitb = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bitc = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitd = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bite = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitf = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
If ($bita -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitb -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitc -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitd -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bite -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitf -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($FirewallStatus -eq "111111")
{echo ScriptRes:OK:$FirewallStatus}
Else
{echo ScriptRes:Bad:$FirewallStatus}
|
Enjoy!  |
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in
