Skip to content

Commit 79d8dff

Browse files
COD-TeamCOD-Team
authored
Update FirewallDomainDNS.ps1
Updated for PowerShell 7.2.1 Compatibility
1 parent 4adefba commit 79d8dff

File tree

1 file changed

+26
-20
lines changed

1 file changed

+26
-20
lines changed

FirewallDomainDNS.ps1

+26-20
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,33 @@
1-
<#
1+
<#
22
.DESCRIPTION
33
Script Attempts to communicate with Active Directory and all Windows Computers in the Domain
44
Pull SourceIPs from all computers in the domain, compares to Local DNS Server to identify rogue devices in network.
55
6-
.PARAMETER NAME
7-
No Parameters, but control Functions by commenting or uncommenting Functions under $TASKS (See example Task/Function)
8-
96
.OUTPUTS
10-
Report found under $logPath below, Setup Networkshare for \\SERVERNAME\SHARE\COD-Logs\DOMAINNAME\DATETIME
7+
Report found under $logPath below, default is c:\COD-Logs\COMPUTERNAME\DATETIME
118
129
.EXAMPLE
13-
Option 1
14-
1. Command Prompt (Admin) "powershell -Executionpolicy Bypass -File PATH\FILENAME.ps1"
10+
1. PowerShell 5.1 Command Prompt (Admin)
11+
"powershell -Executionpolicy Bypass -File PATH\FILENAME.ps1"
12+
2. Powershell 7.2.1 Command Prompt (Admin)
13+
"pwsh -Executionpolicy Bypass -File PATH\FILENAME.ps1"
1514
1615
.NOTES
17-
Author Perk
18-
Last Update 12/31/21
16+
Author Perkins
17+
Last Update 1/7/22
18+
Updated 1/7/22 Tested and Validated PowerShell 5.1 and 7.2.1
1919
20-
Powershell 5.1 or higher
20+
Powershell 5 or higher
2121
Run as Administrator
2222
2323
.FUNCTIONALITY
2424
PowerShell Language
2525
Active Directory
2626
2727
.Link
28-
https://github.com/COD-Team
29-
YouTube Channel with this Video https://www.youtube.com/channel/UCWtXSYvBXU6YqzqBqNcH_Kw
30-
28+
https://github.com/COD-Team
29+
YouTube Video https://youtu.be/4LSMP0gj1IQ
30+
3131
Thanks to Twan van Beers - Across my Lab I noticed that two computers were not functioning as intented
3232
All the firewall settings were in place, but there were no logs.
3333
https://neroblanco.co.uk/2017/03/windows-firewall-not-writing-logfiles/
@@ -59,7 +59,10 @@ if ($env:computername -eq $env:userdomain)
5959
}
6060

6161
# Get Domain Name, Creates a DomainName Folder to Store Reports
62-
$DomainName = (Get-WmiObject win32_computersystem).domain
62+
# Added 1/7/21 Powershell 7.2.1 Compatibility Get-WmiObject not compatible with Powershell 7.2.1
63+
#$DomainName = (Get-WmiObject win32_computersystem).domain
64+
$DomainName = (Get-CimInstance Win32_ComputerSystem).Domain
65+
6366

6467
# Get Computer Name
6568
$ComputerName = $env:computername
@@ -74,17 +77,24 @@ $logpath = "\\DC2016\SHARES\COD-Logs\$DomainName\$(get-date -format "yyyyMMdd-hh
7477
#Counter for Write-Progress
7578
$Counter = 0
7679

80+
# Added 1/7/21 PowerShell 7.2.1 Compatibility for Out-File not printing escape characters
81+
if ($PSVersionTable.PSVersion.major -ge 7) {$PSStyle.OutputRendering = 'PlainText'}
82+
7783
# Logfile where all the results are dumped
7884
$OutputFile = "$logpath\Firewall.log"
7985

86+
$FirewallLogFile = 'C:\Windows\system32\LogFiles\Firewall\pfirewall.log'
87+
$DNSServer = @('172.16.32.201','172.16.33.31')
88+
#$DNSServer = "172.16.32.201"
89+
$JobSleep = 2
90+
8091
#Sets Header information for the Reports
8192
Write-Output "[INFO] Running $PSCommandPath" | Out-File -Append $OutputFile
8293
Write-Output (Get-Date) | Out-File -Append $OutputFile
8394
Write-Output "POWERSHELL COD ASSESSMENT SCRIPT RESULTS" | Out-File -Append $OutputFile
8495
Write-Output "Executed Script from $ComputerName on Domain $DomainName" | Out-File -Append $OutputFile
8596
Write-Output "------------------------------------------------------------------------------------------------------------------------" | Out-File -Append $OutputFile
8697

87-
8898
#$DomainControllers = (Get-ADDomainController | Select-Object Name)
8999
$DomainControllers = (Get-ADForest).Domains | ForEach-Object {Get-ADDomain -Identity $_ | Select-Object -ExpandProperty ReplicaDirectoryServers}
90100

@@ -140,10 +150,6 @@ $GetOnline = Invoke-command –ComputerName $DomainComputers.Name -ErrorAction S
140150
$Online | Out-File -Append $OutputFile
141151
}
142152

143-
$FirewallLogFile = 'C:\Windows\system32\LogFiles\Firewall\pfirewall.log'
144-
$DNSServer = @('172.16.32.201','172.16.33.31')
145-
#$DNSServer = "172.16.32.201"
146-
$JobSleep = 2
147153

148154
###################################################################################################################################################################
149155
Function GetFirewallLog
@@ -275,4 +281,4 @@ Foreach ($Task in $Tasks)
275281
Add-Content -Path $OutputFile -Value (Get-Date)
276282
Write-Host " "
277283
Write-Host -fore green "Results saved to: $OutputFile"
278-
write-Host -fore green "Script Completed"
284+
write-Host -fore green "Script Completed"

0 commit comments

Comments
 (0)