I am looking to test all of my servers to verify that the Windows Firewall is turned off. I see that there are 3 different registry keys to check (HKLM\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\ and then the three firewall profile keys "DomainProfile" , "PublicProfile" and "StandardProfile" with the Regkey = EnableFirewall=0
The problem with the above is that I would need to setup 3 separate tests for each server to check each firewall profile, which I really don't want to do.
I know that I can run a netsh command line to get the state of the firewall"netsh advfirewall show allprofiles state"
but I am uncertain on how to have Host Monitor report on the active state being On or Off.
I need to verify that all systems have the Firewall turned off and if the firewall is on to alert me.
Any assistance on this would be greatly appreciated
Thanks
Don
Need to Test if Windows Firewall is on/off win 2008 / 2012r2
I have the test setup to call the shell script but its not working correctly.
I need to test if any occurrence of the windows firewall is on. I need to know if any one of the 3 firewall states are on to return a bad result. I tested the script you provided to me but it always returns a status of OK. Script is below.
@echo off
netsh advfirewall show allprofiles state|find /C "ON"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall off
exit
)
)
echo scriptres:Ok:
I need to test if any occurrence of the windows firewall is on. I need to know if any one of the 3 firewall states are on to return a bad result. I tested the script you provided to me but it always returns a status of OK. Script is below.
@echo off
netsh advfirewall show allprofiles state|find /C "ON"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall off
exit
)
)
echo scriptres:Ok:
netsh command allows to specify server, username and password.
But I am afraid "netsh advfirewall" does not work with remote systems (may be this depends on Windows version)
What Windows do you have installed on local and remote system?
You may try to modify script, add -r hostname -u username -p password parameters to netsh command.
We plan to implement new Windows related tests in 2018..
Regards
Alex
But I am afraid "netsh advfirewall" does not work with remote systems (may be this depends on Windows version)
What Windows do you have installed on local and remote system?
You may try to modify script, add -r hostname -u username -p password parameters to netsh command.
We plan to implement new Windows related tests in 2018..
Regards
Alex
I am testing against Windows server 2012R2
I need to verify that Firewall state for all 3 profiles is Off, if any of the 3 profiles is on I need it to return a bad.
I have been testing this against a test box and no matter what the firewall state is set to the test still returns an OK.
What I am looking for is to get alerted if the firewall is turned on for any profile and to return an OK if all the firewall states are Off
I need to verify that Firewall state for all 3 profiles is Off, if any of the 3 profiles is on I need it to return a bad.
I have been testing this against a test box and no matter what the firewall state is set to the test still returns an OK.
What I am looking for is to get alerted if the firewall is turned on for any profile and to return an OK if all the firewall states are Off
Yes, it works fine on Windows 2012 (local system)
Then replace ON with OFF
@echo off
netsh advfirewall show allprofiles state|find /C "OFF"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall on
exit
)
)
echo scriptres:Ok:
So you want to see Ok status when Firewall profiles disabled?I need to verify that Firewall state for all 3 profiles is Off,
Then replace ON with OFF
@echo off
netsh advfirewall show allprofiles state|find /C "OFF"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall on
exit
)
)
echo scriptres:Ok: