Remotely check Windows firewall status

As part of my routine auditing process I wanted to check to ensure that the Windows firewall is enabled and set to use its domain profile on all of our Member servers.

Here’s a script to do just that

' Configuration.
'====================================================================
Dim strFirewallStatus, strComputer, arrComputers
arrComputers = Split("london,brisbane,perth,chicago", ",")


WScript.Echo "-------------------------------------------------------"
WScript.Echo Left("Computer Name" & Space(47),47) & "Status"
WScript.Echo "-------------------------------------------------------"


' Iterate through computers, showing status.
'====================================================================
For Each strComputer in arrComputers


  ' Required so we don't die on permission errors.
  On Error Resume Next


  Set objReg = GetObject( "winmgmts:{impersonationLevel" &_
  "=impersonate}!\\" & strComputer & "\root\default:StdRegProv")


  If err.number = 0 Then
    objReg.GetDWORDValue &H80000002, "SYSTEM\CurrentControlSet\" &_
    "Services\SharedAccess\Parameters\FirewallPolicy\" &_
    "DomainProfile\", "EnableFirewall",dwValue


    If dwValue <> 0 Then
      strFirewallStatus = "Enabled"
    Else
      strFirewallStatus = "Disabled"
    End If


    WScript.Echo Left(strComputer & Space(47),47) & strFirewallStatus


  Else
    WScript.Echo strComputer & " - Error" & err.number & " : " &_
    err.description
    err.clear
  End if
Next

You’ll need to make sure that you’ve got the relevant permissions on the target computers, otherwise you’ll just get errors.

Comments

• Pete Wason says:

  When I try to wscript this in a cmd window, I just get stuff like this:
  —————————
  Windows Script Host
  —————————
  Script: C:\Documents and Settings\mrz\Desktop\FirewallStatus.wsf
  Line: 39
  Char: 2
  Error: Unterminated entity reference – matching ‘;’ not found
  Code: 80040008
  Source: Windows Script Host

  Reply
  • Dave says:

    Hi Peter,

    What have you but in the following line:

    arrComputers = Split(“boh-core-dc01,boh-inf-app02”, “,”)

    It should be a list of hostnames, seperated by a comma.

    I notice you have it saved as ‘.wsf’ – Can you try saving as .vbs and running via cscript?

    So:

    cscript firewallSatus.vbs

    Thanks

    Dave

    Reply

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Δ