[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7770
  • Last Modified:

Script to check remote computer if windows firewall is running

I need a short cscript that checks if a remote computer has the windows firewall running and turned on.

Thanks!!
0
microfish
Asked:
microfish
  • 3
  • 2
1 Solution
 
ltlbearand3Commented:
Here is a real simple vb script to tell you the status.  Depending on what else you want to see check out all the firewall objects available through the api -

http://msdn2.microsoft.com/en-us/library/aa364720(VS.85).aspx

-Bear
Set firewall = CreateObject("HNetCfg.FwMgr")
Set firewallPolicy = firewall.LocalPolicy.CurrentProfile
Status = firewallPolicy.FirewallEnabled
If Status = 0 then
	wscript.echo "OFF"
else
	wscript.echo "ON"
end if bled

Open in new window

0
 
William ElliottSr Tech GuruCommented:
possibly this can be worked using psexec, but from here
http://www.microsoft.com/technet/scriptcenter/resources/qanda/sept05/hey0916.mspx

"""..the Windows Firewall cannot be managed remotely; that means that this script must run locally on the computer where you need to disable the Firewall. If you need to disable the Firewall on only a few computers you could probably just go around from machine-to-machine and run the script; alternatively, you might want to run this as a computer startup script. Definitely not the most convenient way to do things, but you dont have a lot of choice: there arent even any command-line or GUI tools that can be used to manage the Firewall remotely. Outside of a logon or computer startup script, your only other option for remote management is to use Group Policy."""



if you'd like i can setup a logon script for this
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
 
if objPolicy.FirewallEnabled = FALSE then 
wscript.echo "my firewall is disabled"

Open in new window

0
 
William ElliottSr Tech GuruCommented:
one option may be to read the registry key,....

test this with a few computers.
save the code below to a vbs file..
create a computers.txt file with a short list of computers some with firewall enable, somewith disabled and see if the results are correct.

list should be like this

computer1
computer2
computer3
...

clist = "computers.txt"
 
Const FOR_READING = 1
const HKEY_LOCAL_MACHINE = &H80000002
const	strKeyPath = "SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\"
const	strValueName = "EnableFirewall"
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
If objFSO.FileExists(clist) Then
  Set objTextStream = objFSO.OpenTextFile(clist, FOR_READING)
Else
  WScript.Echo "Input file " & clist & " not found."
  WScript.Quit
End If
 
Do Until objTextStream.AtEndOfStream
	strComputer = objTextStream.ReadLine
	On Error Resume Next
	Set oReg=GetObject( _
	   "winmgmts:{impersonationLevel=impersonate}!\\" &_
		strComputer & "\root\default:StdRegProv")
	if err.number = 0 then 
		oReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
			if dwValue <> 0 then
				WScript.Echo strcomputer & " : " & "Enabled"
			else
				WScript.Echo strcomputer & " : " & "Disabled" 
			end if
	else
		WScript.Echo strcomputer & ": Error#:" & err.number & " : " & err.description
		err.clear
	end if
Loop
objTextStream.Close

Open in new window

1
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
microfishAuthor Commented:
Thanks for the quick response.  I'm looking for a script on run on a nbr of windows 2003 servers that verifies that the local firewall is turned on.  There is an exception rule already created on all servers to allow a certain server to monitor -- this is the server the I plan to run this script from.

There is no other method to remotely create that object and verify the firewall is on ?
0
 
microfishAuthor Commented:
Worked great.  I had to change the reg key to  "SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\" for win 2003 server.  thx!!

 
0
 
microfishAuthor Commented:
thx
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now