batch script required to check for firewall issues

Folks

How can I build a script/batch that logs onto multiple servers and run's a telnet test for 5 different IP's?

I would like to test for firewall issues

i.e.

log onto server 1
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

log onto server 2
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

i would like to see the results in a log file if either successful or fail

all
rutgermonsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

andreasSystem AdminCommented:
#!/bin/bash


ssh user@server1 netcat -z 149.129.111.83 && echo S1 .83 telnet port OK || echo S1 .83 telnet port ERROR > out.log
ssh user@server1 netcat -z 149.129.111.84 && echo S1 .84 telnet port OK || echo S1 .84 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.85 && echo S1 .85 telnet port OK || echo S1 .85 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.86 && echo S1 .86 telnet port OK || echo S1 .86 telnet port ERROR >> out.log

ssh user@server2 netcat -z 149.129.111.83 &&  echo S2 .83 telnet port OK || echo S2 .83 telnet port ERROR >> out.log
...

Open in new window


Assumptions:

1. ssh needts to be running on server 1 and 2 and accept password less logins via kerberos or keys.
2. the tool netcat needs to be installes on both servers
0
rutgermonsAuthor Commented:
thanks Andreas, will this work on windows servers?

is netcat included in the OS aready?
0
andreasSystem AdminCommented:
nope will not run on windows. when I hear server i assume a unixoid OS, you might get it to run with installation of cygwin on all machines, but be aware that you also need to install an ssh service which also can be a security problem if it is not cared properly with. And the cygwin things wont be automatically patched over windows update.

How to realize this on windows Ive no idea.

BTW i hope the mentioned IPs are not accessible via TELNET over the internet. Its a very bad idea.

I overlooked the category the post was filed in, as its only shown very small in the EE pages...
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Netcat has several Windows ports, e.g. at https://eternallybored.org/misc/netcat/, so it can be used and that is my recommendation anyway.
For starting it on remote PCs PsExec from www.sysinternals.com is a good tool. The corresponding batch file looks very similar to the suggested bash script.

Best to have the server names or IPs in a text file servers.txt. Also we will use a batch file performing the test, called testtelnet.cmd. All files should be on a network share \\server\share.
@echo off
REM testtelnet.cmd - test telnet connection to 5 fixed IP addresses
pushd %~dp0
(for /L %%i in (83,1,87) do netcat -z 149.129.111.%%i >nul && echo %computername%: %%i ok || echo %computername%: %%i failed) >> result.log
popd
exit /b

Open in new window

@echo off
REM Run tests
pushd \\server\share
psexec @servers.txt -u MyUser -p MyPassword cmd /c \\server\share\testtelnet.cmd
popd

Open in new window

Note that you need to provide credentials here, otherwise psexec will not be able to access network shares.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rutgermonsAuthor Commented:
qlermo

thanks for this, i realize I missed the ports, how do I add this to this script?

cheers
0
andreasSystem AdminCommented:
just add port number 23 after the IP in the netcat woild look like that:

... do netcat -z 149.129.111.%%i 23 >nul ....

rest of script remains the same. same applies to the bash script i also forgot the port numbers there.
0
rutgermonsAuthor Commented:
andreas

I am getting an error:



PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com

\\myhostname

'netcat' is not recognized as an internal or external command,
operable program or batch file.
'netcat' is not recognized as an internal or external command,
operable program or batch file.
cmd exited on myhostname with error code 0.
Press any key to continue . . .

how exactly do I correctly call up Netcat to run the telnet?
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
The script expects netcat to be on the same location as the batch file.
0
andreasSystem AdminCommented:
Netcat is not a standard windows program. You need to install it first on the machines that need to use it.

You can find it here  http://www.securityfocus.com/tools/139
0
rutgermonsAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for rutgermons's comment #a40460386

for the following reason:

good
0
andreasSystem AdminCommented:
you should distribute the points when closing the topic to the participants according to the usefulness regarding solving your problem.
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
I'm objecting,  as you selected your own comment as answer. Please make sure to use the action buttons above the comment to accept.
0
rutgermonsAuthor Commented:
good
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Batch

From novice to tech pro — start learning today.