Netzwerk

In diesem Bereich stelle ich momentan noch relativ unstrukturiert Skripte aus dem Netzwerkbereich ein.

Beispiel 1: Ping (=ICMP) Erreichbarkeit überprüfen (System.Net.NetworkInformation.Ping)

Set-StrictMode -Version "2.0"
Clear-Host
 
$Computer = "DC01"

Function PingHost ($Computer)
{
   $Ping = New-Object System.Net.NetworkInformation.Ping
   $Return = $Ping.Send($Computer) 
   "{0} mit der IP {1} hat den ICMP-Status '{2}'" -f   $Computer,$($Return.Address),$($Return.Status)
  }

PingHost $Computer

#mögliche Ausgaben

DC01 mit der IP 192.168.178.51 hat den ICMP-Status 'Success'

Moderne Firewalls arbeiten natürlich protokollbasiet und nicht mehr portbasiert!
 

Beispiel 2: einfacher Portscanner

Set-StrictMode -Version "2.0"
Clear-Host
 
$Computers = @("DC01","SRV011","SRV02","PC01")
$Ports = @(135,137,139,389,3268)
 
Function CheckPort{
  Param($Computers,$Ports)
 
  $TcpClient = New-Object Net.Sockets.TcpClient
  Foreach($Computer in $Computers){
    Write-Host "`n$Computer"
    Foreach($Port in $Ports){
        $TcpClient = New-Object Net.Sockets.TcpClient
        Try{
         $Connect = $TcpClient.BeginConnect($Computer,$Port,$null,$null)
         $Null = $TcpClient.Endconnect($connect)
         $Null = $TcpClient.Close()
         "$Port is answering"
       } #Try
         Catch{  Write-Host "$Port is not answering"
       } #Catch
    }#ForEach
  } #ForEach
}
 
Checkport $Computers $Ports 

#mögliche Ausgabe

 

DC01
135 is answering
137 is not answering
139 is answering
389 is answering
3268 is answering
 
SRV011
135 is not answering
137 is not answering
139 is not answering
389 is not answering
3268 is not answering


Beispiel 3: Netzwerkstatistiken - Klasse: System.Net.NetworkInformation.IPGlobalProperties
System.Net.NetworkInformation.IpGlobalProperties

Clear-Host
Set-StrictMode -Version "2.0"

$IPProperties =  [System.Net.NetworkInformation.IPGlobalProperties]::GetIPGlobalProperties()

WrPite-Host "GetTcpIPv4Statistics" -BackgroundColor Red
$IPProperties.GetTcpIPv4Statistics() | Select *
""
Write-Host "GetActiveTcpListeners" -BackgroundColor Red
$IPProperties.GetActiveTcpListeners() | Select -first 3 |  Format-Table * -AutoSize
""
Write-Host "GetActiveTcpConnections" -BackgroundColor Red
$IPProperties.GetActiveTcpConnections() | Select -first 3 | Format-Table * -AutoSize
""
Write-Host "GetIcmpV4Statistics" -BackgroundColor Red
$IPProperties.GetIcmpV4Statistics()
""
Write-Host "GetUdpIPv4Statistics" -BackgroundColor Red
$IPProperties.GetUdpIPv4Statistics()
#mögliche Ausgabe - gekürzt

GetTcpIPv4Statistics


MinimumTransmissionTimeout : 10
MaximumTransmissionTimeout : 4294967295
MaximumConnections         : 4294967295
...

GetActiveTcpListeners

AddressFamily Address Port
------------- ------- ----
 InterNetwork 0.0.0.0  135
 InterNetwork 0.0.0.0  445
 InterNetwork 0.0.0.0  554


GetActiveTcpConnections

      State LocalEndPoint   RemoteEndPoint
      ----- -------------   --------------
Established 127.0.0.1:5354  127.0.0.1:49157
Established 127.0.0.1:5354  127.0.0.1:49162
Established 127.0.0.1:27015 127.0.0.1:54573



GetIcmpV4Statistics

GetUdpIPv4Statistics

MessagesSent                           : 3436
MessagesReceived                       : 3439
ErrorsSent                             : 0
...

DatagramsReceived           : 16048
IncomingDatagramsDiscarded  : 9522
IncomingDatagramsWithErrors : 0
...

die Klasse IPGlobalProperties kann laut MSDN nur auf den lokalen Rechner angewendet werden


Beispiel 4a: DNSClientServerAddresses
 

Set-StrictMode -Version "2.0"
Clear-Host

#identisch cmdlet / CIM
Get-DnsClientServerAddress | Select -Property Elementname,ServerAddresses | FT -auto
Get-CimInstance -Namespace root\StandardCimv2 -Query "Select * from MSFT_DNSClientServerAddress" | Select Elementname,ServerAddresses | FT -auto

#WMI
Get-WmiObject -Namespace root\StandardCimv2 -Query "Select * from MSFT_DNSClientServerAddress" | Select  Elementname,ServerAddresses | FT -auto
#mögliche Ausgabe

Elementname                       ServerAddresses                                       
-----------                       ---------------                                       
Ethernet                          {192.168.178.100, 192.168.178.1}                      
Ethernet                          {}                                                    
isatap.fritz.box                  {192.168.178.100, 192.168.178.1}                      
isatap.fritz.box                  {}                                                    
Loopback Pseudo-Interface 1       {}                                                    
Loopback Pseudo-Interface 1       {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}
Teredo Tunneling Pseudo-Interface {}                                                    
Teredo Tunneling Pseudo-Interface {}


Beispiel 4b: DNSClientServerAddresses
 

Set-StrictMode -Version "2.0"
Clear-Host

$DNSServerAddresses = @()
$DNSServerAddresses = Get-DnsClientServerAddress | ForEach {
   New-Object psobject -Property @{
               ElementName = $_.ElementName
               ServerAddresses = ($_.ServerAddresses) -join(";")
               }
 }
 $DNSServerAddresses | Sort ElementName | Format-Table ElementName,ServerAddresses -Auto
#mögliche Ausgabe

ElementName                       ServerAddresses                                   
-----------                       ---------------                                   
Ethernet                                                                            
Ethernet                          192.168.178.100;192.168.178.1                     
isatap.fritz.box                                                                    
isatap.fritz.box                  192.168.178.100;192.168.178.1                     
Loopback Pseudo-Interface 1       fec0:0:0:ffff::1;fec0:0:0:ffff::2;fec0:0:0:ffff::3
Loopback Pseudo-Interface 1                                                         
Teredo Tunneling Pseudo-Interface                                                   
Teredo Tunneling Pseudo-Interface

Die als Array gelieferten IP-Adressen habe ich im zweiten Beispiel zu CSV-getrennen Strings umgewandelt


Beispiel 5: Auslesen der Rules der WindowsFirewall
Wenn es mit der Connectivity mal nicht so klappt, ist gerne auch mal die Windowsfirewall beteiligt sein:
 

Set-StrictMode -Version "2.0"
Clear-Host

$NameSpace = "root\StandardCimv2"
$Query = "Select * from MSFT_NetFirewallRule"
Get-CimInstance -Namespace $Namespace -Query $Query |  Where { $_.Enabled –eq ‘True’}
#mögliche Ausgabe gekürzt

Name                  : {EA79E092-1077-4426-8B78-BF5EC5019291}
DisplayName           : Microsoft Lync UcMapi
..
Group                 :
Enabled               : True
Profile               : Private
..
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local

Das zugehörige cmdlet lautet: Get-NetFirewallRule