Skip to content

Commit

Permalink
Update Update-DomainFirewallBaseline.ps1
Browse files Browse the repository at this point in the history
  • Loading branch information
SteveUnderScoreN authored Jul 31, 2018
1 parent 6d24d1d commit 3dc39b3
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions Domain Root/Update-DomainFirewallBaseline.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ function Version081Updates
$GuidComponent = $PlatformVersion.Split(".-")
$GuidComponent = $GuidComponent[2] + $GuidComponent[3]
Write-Progress -Activity "Applying version 0.8.1 updates - creating new rules" -PercentComplete "1"
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{725a67e5-68cd-4217-a159-48c$GuidComponent}" -DisplayName "Antimalware Service Executable $PlatformVersion (TCP-Out)" -Group "ProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MsMpEng.exe" -ErrorAction SilentlyContinue -ErrorVariable "Version081Updates")
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{725a67e5-68cd-4217-a159-48c$GuidComponent}" -DisplayName "Antimalware Service Executable $PlatformVersion (TCP-Out)" -Group "OutboundProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MsMpEng.exe" -ErrorAction SilentlyContinue -ErrorVariable "Version081Updates")
if ($Version081Updates.Exception.Message -like "Cannot create a file when that file already exists.*")
{
Write-Progress -Activity "Applying version 0.8.1 updates - creating new rules" -Completed
Expand All @@ -213,11 +213,11 @@ function Version081Updates
else
{
Write-Progress -Activity "Applying version 0.8.1 updates - creating new rules" -PercentComplete "50"
New-NetFirewallRule -GPOSession $GpoSession -Name "{e92e00fa-918f-4e62-bd3e-a91$GuidComponent}" -DisplayName "Antimalware Service Executable $PlatformVersion (TCP-Out)" -Direction "Outbound" -Protocol "TCP" -RemotePort "80","443" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MsMpEng.exe"
New-NetFirewallRule -GPOSession $GpoSession -Name "{fabd86d5-92b1-4a15-b733-233$GuidComponent}" -DisplayName "Network Realtime Inspection Service $PlatformVersion (TCP-Out)" -Group "ProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\NisSrv.exe"
New-NetFirewallRule -GPOSession $GpoSession -Name "{4b36d08c-cf11-41e2-8d9d-803$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Group "ProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe"
New-NetFirewallRule -GPOSession $GpoSession -Name "{bd20eef3-283e-4fa1-ab43-471$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Direction "Outbound" -Protocol "TCP" -RemotePort "443" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe"
New-NetFirewallRule -GPOSession $GpoSession -Name "{65c13740-9290-4caf-bd37-ac0$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Group "Wpad_PacFileServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $WPAD_PACFileServers -Protocol "TCP" -RemotePort "80" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe"
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{e92e00fa-918f-4e62-bd3e-a91$GuidComponent}" -DisplayName "Antimalware Service Executable $PlatformVersion (TCP-Out)" -Direction "Outbound" -Protocol "TCP" -RemotePort "80","443" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MsMpEng.exe")
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{fabd86d5-92b1-4a15-b733-233$GuidComponent}" -DisplayName "Network Realtime Inspection Service $PlatformVersion (TCP-Out)" -Group "OutboundProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\NisSrv.exe")
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{4b36d08c-cf11-41e2-8d9d-803$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Group "OutboundProxyServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $ProxyServers -Protocol "TCP" -RemotePort $ProxyServerPorts -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe")
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{bd20eef3-283e-4fa1-ab43-471$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Direction "Outbound" -Protocol "TCP" -RemotePort "443" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe" )
[void](New-NetFirewallRule -GPOSession $GpoSession -Name "{65c13740-9290-4caf-bd37-ac0$GuidComponent}" -DisplayName "Microsoft Malware Protection Command Line Utility $PlatformVersion (TCP-Out)" -Group "OutboundWpad_PacFileServers" -Profile "Domain" -Direction "Outbound" -RemoteAddress $WPAD_PACFileServers -Protocol "TCP" -RemotePort "80" -Program "%ALLUSERSPROFILE%\Microsoft\Windows Defender\Platform\$PlatformVersion\MpCmdRun.exe")
Write-Progress -Activity "Applying version 0.8.1 updates - creating new rules" -Completed
Write-Output "`n`nVersion 0.8.1 update to create new rules has completed"
}
Expand Down

0 comments on commit 3dc39b3

Please sign in to comment.