HardenedOrNot

Read some registry keys to check if the Windows 2003 server is hardened or not

Function HardenedOrNot()
{
    $hardened = @()
    $regkey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine, $server)
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.SynAttack Protect")) { $hardened += "`"SYN Attack protection`" activated" } else { $hardened += "<font color='red'>`"SYN Attack protection`" not activated</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.TcpMaxPortsExhausted")) { $hardened += "`"SYN Attack Protection after dropped connections`" activated" } else { $hardened += "<font color='red'>`"SYN Attack protection after dropped connections`" not activated</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.EnableDeadGWDetect")) { $hardened += "`"Dead Gateway Protection`" activated" } else { $hardened += "<font color='red'>`"Dead Gateway Protection`" not activated</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.EnablePMTUDiscovery")) { $hardened += "`"Path Maximum Transmission Unit Discovery`" activated" } else { $hardened += "<font color='red'>`"Path Maximum Transmission Unit Discovery`" not activated</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.KeepAliveTime")) { $hardened += "`"Keep Alive Packet Transmission`" defined" } else { $hardened += "<font color='red'>`"Keep Alive Packet Transmission`" not defined</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Netbt\Parameters.NoNameReleaseOnDemand")) { $hardened += "`"External Name Release`" disabled" } else { $hardened += "<font color='red'>`"External Name Release`" enabled</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\Tcpip\Parameters.EnableICMPRedirect") -eq "0") { $hardened += "`"ICMP redirects`" disabled" } else { $hardened += "<font color='red'>`"ICMP redirects`" enabled</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Services\CDRom.Autorun") -eq "0") { $hardened += "`"CDRom autorun`" disabled" } else { $hardened += "<font color='red'>`"CDRom autorun`" enabled</font>" }
    if($regKey.OpenSubKey("System\CurrentControlSet\Control\FileSystem.NtfsDisable8dot3NameCreation") -eq "1") { $hardened += "Support for `"8.3 format filenames`" disabled" } else { $hardened += "<font color='red'>Support for `"8.3 format filenames`" enabled</font>" }
    
    return $hardened
}

PS Fab:\>Get-RelatedPosts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top