Get-FirewallDetails.ps1

1. # Get-FirewallDetails.ps1 
2. # Gets details of Windows Firewall (on Vista and Server 2008 or later) 
3. # Runs on the local machine 
4. # Thomas Lee - tfl@psp.co.uk 
5.  
6. # First create COM object for policy profile and get host name 
7. $profile = (new-object -com HNetCfg.FwMgr).LocalPolicy.CurrentProfile 
8. $Hostname=hostname 
9.  
10. # Is firewall enabled? 
11. if ($profile.FirewallEnabled) { 
12. "Firewall is enabled on system {0}" -f $Hostname 
13. } 
14. else { 
15. "Firewall is NOT enabled on system {0}" -f $Hostname 
16. } 
17.  
18. # Exceptions allowed? 
19. if ($profile.ExceptionsNotAllowed) {"Exceptions NOT allowed"}  
20. else {"Exceptions are allowed"} 
21.  
22. # Notifications? 
23. if ($profile.NotificationsDisabled) {"Notifications are disabled"} 
24. else {"Notifications are not disabled"} 
25.  
26. # Display determine global open ports  
27. $ports = $profile.GloballyOpenPorts  
28. if (!$ports -or $ports.count -eq 0) { 
29. "There are no global open ports" 
30. } 
31. else { 
32. "There are {0} open ports as follows:" -f $ports.count 
33. $ports 
34. } 
35. "" 
36.  
37. # Display ICMP settings 
38. "ICMP Settings:" 
39. $profile.IcmpSettings 
40.  
41. # Display authorised applications 
42. $apps = $profile.AuthorizedApplications  
43. # 
44. if (!$apps) { 
45. "There are no authorised applications" 
46. } 
47. else { 
48. "There are {0} global applications as follows:" -f $apps.count 
49. $apps  
50. } 
51.  
52. # Display authorised services 
53. $services = $profile.services 
54. # 
55. if (!$services) { 
56. "There are no authorised services" 
57. } 
58. else { 
59. "There are {0} authorised services as follows:" -f $services.count 
60. $services 
61. } 

This script produces the following output:

PS C:\foo> .\Get-FirewallDetails.ps1
Firewall is enabled on system Cookham8
Exceptions are allowed
Notifications are disabled
There are no global open ports

ICMP Settings:
AllowOutboundDestinationUnreachable : False
AllowRedirect                       : False
AllowInboundEchoRequest             : True
AllowOutboundTimeExceeded           : False
AllowOutboundParameterProblem       : False
AllowOutboundSourceQuench           : False
AllowInboundRouterRequest           : False
AllowInboundTimestampRequest        : False
AllowInboundMaskRequest             : False
AllowOutboundPacketTooBig           : True

There are 4 global applications as follows:
Name                 : BitTorrent
ProcessImageFileName : C:\Program Files (x86)\BitTorrent\bittorrent.exe
IpVersion            : 2
Scope                : 0
RemoteAddresses      : *
Enabled              : True

Name                 : DNA
ProcessImageFileName : C:\Program Files (x86)\DNA\btdna.exe
IpVersion            : 2
Scope                : 0
RemoteAddresses      : *
Enabled              : True

Name                 : Microsoft Office OneNote
ProcessImageFileName : C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
IpVersion            : 2
Scope                : 0
RemoteAddresses      : *
Enabled              : True

Name                 : Microsoft Office Groove
ProcessImageFileName : C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
IpVersion            : 2
Scope                : 0
RemoteAddresses      : *
Enabled              : True

There are 3 authorised services as follows:
Name              : File and Printer Sharing
Type              : 0
Customized        : False
IpVersion         : 2
Scope             : 0
RemoteAddresses   : *
Enabled           : True
GloballyOpenPorts : System.__ComObject

Name              : Network Discovery
Type              : 1
Customized        : True
IpVersion         : 2
Scope             : 1
RemoteAddresses   : LocalSubnet
Enabled           : True
GloballyOpenPorts : System.__ComObject

Name              : Remote Desktop
Type              : 2
Customized        : False
IpVersion         : 2
Scope             : 0
RemoteAddresses   : *
Enabled           : False
GloballyOpenPorts : System.__ComObject

Technorati Tags: HNetCfg.FwMgr,Windows Firewall,COM