Link to home
Start Free TrialLog in
Avatar of Pau Lo
Pau Lo

asked on

test local server powershell status remotely from a client device on same network

Is there any form of easy command/test that could be done to check, say from an internal windows & device joined to the same network, to see if the local firewall on windows servers on an internal network is enabled, without having to remote onto each and check the settings. I know you can do port scans but I was perhaps interested in any basic powershell/cmd prompt tests you could run, and how the output of a port scan/command would differ from a server with a local firewall enabled, vs those without would be useful to learn.
ASKER CERTIFIED SOLUTION
Avatar of DevAdmin
DevAdmin
Flag of Italy image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of footech
footech
Flag of United States of America image
If you're looking for something that can be run as purely external to the target machine, I don't have anything for you.  Testing a port where there is nothing listening I think would give you the same result as if it was blocked by a firewall.
If you have PS Remoting on the targets, then you can use that to run commands on the target machines to query the status of the firewall.

Here's a script I put together some time ago which checks the status of the service, and then values of registry keys for settings.  It just runs locally on its own, but you could use PS Remoting to execute it remotely.
Get-FirewallStatus-Registry.ps1
Avatar of oBdA
oBdA
Tjis uses Remote Cim/Wmi against a list of machines. Try it as posted first. If you run into errors with New-CimSession, remove the two comment hashes in lines 3 and 6, then it will use default WMI. If that doesn't work, either, your firewalls are blocking remote management, which makes it hard to retrieve their settings using said method ...
$computerList = Get-Content -Path 'C:\temp\computers.txt'
$outFile = 'C:\temp\Firewall.csv'
# $sessionOption = New-CimSessionOption -Protocol DCOM
$computerList | ForEach-Object {
	Try {
		$cimSession = New-CimSession -ComputerName $_ -ErrorAction Stop # -SessionOption $sessionOption
		$profiles = Get-NetFirewallProfile -CimSession $cimSession -ErrorAction Stop
		[PSCustomObject]([ordered]@{
			ComputerName =	$_
			Domain =		($profiles | Where-Object {$_.Name -eq 'Domain'}).Enabled
			Private =		($profiles | Where-Object {$_.Name -eq 'Private'}).Enabled
			Public =		($profiles | Where-Object {$_.Name -eq 'Public'}).Enabled
		})
	} Catch {
		$PSCmdlet.WriteError($_)
	}
} | Export-Csv -Path $outFile -NoTypeInformation

Open in new window