Windows firewall administration

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Tomorrow morning when I get to work, I will be asked to write a script
that will do a bunch of stuff to servers running the Windows firewall.
I don't know anything about Windows firewalls or Windows networking,
but I was handed a half-inch thick sheaf of papers on the topic
tonight, with these words, 'If we only had Novell all our problems
would be solved.' This project involves over 1,000 servers over a five
state region and apparently will be a real headache to do manually.
I've been told that this involves opening ports, closing ports,
configuring firewalls, and other things, I asked for a requirements
specification but was told there wasn't one..

In addition to the papers I was given, I have an old copy of Dave
Roth's book on Win32 Perl Scripting which I picked up and attempted to
scan through ... not that it's done much good. Also, I was told that
the ideal technology would be Power Shell (this is why they came to
me, I've been going through the Power Shell tutorial and writing some
cute scripts that don't do much except impress the unwashed.)

You now know about as much as I do. Questions:
1. Is this something that Perl can be useful at?
2. Does the Win32 API on the Active State Perl support this?
3. Any pointers of places to look for help?
4. Any repository of scripts? I've checked CPAN but the only module I
say was for reading Windows firewall logs.
5. This isn't my job, but I have a very high incentive to be
successful at this project. Should I cut my losses and beg off from
the beginning?

Thanks to all who care to respond to what must seem a somewhat idiodic


Re: Windows firewall administration

On Thu, 19 Jun 2008 18:11:05 -0700, cartercc wrote:

Quoted text here. Click to load it

Which isn't much, certainly not enough to get started.

Quoted text here. Click to load it

Probably. Then maybe not.

Quoted text here. Click to load it

First find out what interfaces are supported by the firewall. There
probably is a COM or .NET interface, which you can call from any
language, including Perl.

Quoted text here. Click to load it

Just make sure from the beginning that there is a real chance of failure.
If what you have given us is really everything you know, you should first
investigate what they want, only then look at the technology needed to
accomplish it. Don't lock yourself in on Perl, although there is a good
chance it's a good tool for the job.


Site Timeline