- # Get-FirewallDetails.ps1
- # Gets details of Windows Firewall (on Vista and Server 2008 or later)
- # Runs on the local machine
- # Thomas Lee - tfl@psp.co.uk
- # First create COM object for policy profile and get host name
- $profile = (new-object -com HNetCfg.FwMgr).LocalPolicy.CurrentProfile
- $Hostname=hostname
- # Is firewall enabled?
- if ($profile.FirewallEnabled) {
- "Firewall is enabled on system {0}" -f $Hostname
- }
- else {
- "Firewall is NOT enabled on system {0}" -f $Hostname
- }
- # Exceptions allowed?
- if ($profile.ExceptionsNotAllowed) {"Exceptions NOT allowed"}
- else {"Exceptions are allowed"}
- # Notifications?
- if ($profile.NotificationsDisabled) {"Notifications are disabled"}
- else {"Notifications are not disabled"}
- # Display determine global open ports
- $ports = $profile.GloballyOpenPorts
- if (!$ports -or $ports.count -eq 0) {
- "There are no global open ports"
- }
- else {
- "There are {0} open ports as follows:" -f $ports.count
- $ports
- }
- ""
- # Display ICMP settings
- "ICMP Settings:"
- $profile.IcmpSettings
- # Display authorised applications
- $apps = $profile.AuthorizedApplications
- #
- if (!$apps) {
- "There are no authorised applications"
- }
- else {
- "There are {0} global applications as follows:" -f $apps.count
- $apps
- }
- # Display authorised services
- $services = $profile.services
- #
- if (!$services) {
- "There are no authorised services"
- }
- else {
- "There are {0} authorised services as follows:" -f $services.count
- $services
- }
This script produces the following output:
PS C:\foo> .\Get-FirewallDetails.ps1
Firewall is enabled on system Cookham8
Exceptions are allowed
Notifications are disabled
There are no global open portsICMP Settings:
AllowOutboundDestinationUnreachable : False
AllowRedirect : False
AllowInboundEchoRequest : True
AllowOutboundTimeExceeded : False
AllowOutboundParameterProblem : False
AllowOutboundSourceQuench : False
AllowInboundRouterRequest : False
AllowInboundTimestampRequest : False
AllowInboundMaskRequest : False
AllowOutboundPacketTooBig : TrueThere are 4 global applications as follows:
Name : BitTorrent
ProcessImageFileName : C:\Program Files (x86)\BitTorrent\bittorrent.exe
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : TrueName : DNA
ProcessImageFileName : C:\Program Files (x86)\DNA\btdna.exe
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : TrueName : Microsoft Office OneNote
ProcessImageFileName : C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : TrueName : Microsoft Office Groove
ProcessImageFileName : C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : TrueThere are 3 authorised services as follows:
Name : File and Printer Sharing
Type : 0
Customized : False
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : True
GloballyOpenPorts : System.__ComObjectName : Network Discovery
Type : 1
Customized : True
IpVersion : 2
Scope : 1
RemoteAddresses : LocalSubnet
Enabled : True
GloballyOpenPorts : System.__ComObjectName : Remote Desktop
Type : 2
Customized : False
IpVersion : 2
Scope : 0
RemoteAddresses : *
Enabled : False
GloballyOpenPorts : System.__ComObject
No comments:
Post a Comment