For my first blog, I will give a quick tutorial on how to turn on Windows firewall from a remote machine.
I was looking for a script to do this because my company is preparing for a penetration test and one of our pending action is to turn on the firewall on all of laptops and desktops. The script that I am using turns out to be very simple and quick to execute!
Before you do this, make sure that you have psexec (which is a command-line tool that lets you execute processes on remote systems and redirect console applications’ output to the local systems¹) installed on your computer. If you don’t have the tool already, simply go to: https://technet.microsoft.com/en-us/sysinternals/pxexec.aspx and click on the link at the bottom of the page to download the tool. Once you have unzipped the folder, copy the files and save it to: C:\Windows\System32.
Now, comes the fun part:
- Run your command prompt as Administrator
- Type cd / to go to root (C:\>)
- Type psexec \\hostname or IP address cmd to access remote machine. You will know if you have been successful in accessing the remote machine if it looks like the image below:
- Type netsh advfirewall set allprofiles state on to turn on the remote machine’s firewall.
Other firewall commands that you can use²:
To turn on/off firewall for the current network profiles (domain/private/public network):
netsh advfirewall set currentprofile state on/off
To turn on/off domain network firewall:
netsh advfirewall set domainprofile state on/off
To turn on/off private network firewall:
netsh advfirewall set privateprofile state on/off
To turn on/off public network firewall:
netsh advfirewall set publicprofile state on/off