So last month
I left you hanging on the idea that there are some strong mojo,
super secret miracle approaches to making Windows systems manageable, secure
and reliable. As we go along, the goal we'll be working toward is removing the
mystery and making Windows systems as obvious as they are supposed to be. It's
important to note, though, that we will fail to achieve this goal and that failure
will not be all that important in the long run.
Before you can make decisions with any valuable impact, it's usually important
to get information pertinent to your problem. NT based systems offer a number
of utilities out of the box that can be handy for getting useful information
about any number of system aspects. But instead of showing you how to use utilities
like netstat, nbtstat and ping, let's get involved hip deep in something that
is more flexible and that begins to allow you to develop shell depth similar
to that enjoyed by Unix operators; scripting.
The Tools to Start With
Specifically, the Windows Script Host (WSH) and VBScript will be used to gather
information that will help you make decisions. I'm not going to teach you to
program or to understand WSH. To do so would be a terrible waste of time and
space. The best way to get familiar with WSH and what it can do is to visit
http://msdn.microsoft.com/scripting
and read!! Download the WSH help files and use them as a reference. They actually
are quite useful and have many examples to work from. If you need a paper reference,
allow me to suggest that "Windows Script Host 2.0" by Dino Esposito,
WROX Press is an excellent source. It is well written, has pretty good examples
and is light enough to be used as a pocket reference. Note that it is older
than the current version of WSH but the information it contains is still valid.
Next, read some of Andrew Clinick's work at the above site. Mr. Clinick has
a way of demonstrating some tough ideas in useful ways. He and his crew are
definitely on your side, competing on behalf of administrators to deliver useful
tools and the same respect is delivered to the end user of your systems.
Once you've played with some of the examples there, come back here. What I
write won't be any more or less helpful but it will be different. Once you've
gotten used to the idea of what's going on you can also find more information
from the Microsoft public newsgroups. Using an NNTP newsreader like Forte' Agent
(http://www.forteinc.com)
, you can get answers to your questions about these scripting technologies from
Microsoft Engineers and other users who, believe it or not, have probably already
had to solve your problem for their own efforts.
Put Up or Shut Up, Administrator
Here's an example script that uses another technology, called Windows Management
Instrumentation (WMI) along with WSH and VBScript to determine what the IP characteristics
of each network adapter is on the local computer. Documentation on the WMI interfaces
is available in the WMI SDK available from Microsoft at http://msdn.microsoft.com/downloads/default.asp?URL=/code/sample.asp?url=/msdn-files/027/001/566/msdncompositedoc.xml
and a tutorial is available at http://msdn.microsoft.com/downloads/default.asp?URL=/code/sample.asp?url=/msdn-files/027/001/574/msdncompositedoc.xml.
Here's the code:
'GetNics.vbs
'Support Site: http://www.mousetrax.com
'Author: Greg Chapman
'Date: 5/24/2002
'Force Declaration of Variables
Option Explicit
'Declare Variables
Dim j, NIC1, Nic, StrNic, lngCount, StrIP, i ,objNet,objHost
'If something fails, move on
On Error Resume Next
'Get the Computer's network name
Set objNet=CreateObject("wscript.Network")
objHost=objNet.ComputerName
Wscript.Echo "Analysis of " & objHost & "."
'Get a connection to the WMI NetAdapteConfig object
Set NIC1 = GetObject("winmgmts:").InstancesOf("Win32_NetworkAdapterConfiguration")
'For Each of the NICs in the connection
For Each Nic in NIC1
'Get the Adapter Description
StrNIC = Nic.Description
'If IP is enabled on the NIC then let's find out
about the NIC
IF Nic.IPEnabled THEN
lngCount=UBound(Nic.IPAddress)
For i=0 to lngCount
If i >= 0 Then
wscript.echo "==================================================="
& _
vbNewLine
wscript.echo
StrNic & vbNewLine
StrIP = vbTab
& Nic.IPAddress(i)
If StrIP <>
"" Then
WScript.Echo
vbTab & "IP Address = " & _
StrIP
WScript.Echo vbTab & "MAC Address = " & _
Nic.MACAddress
Wscript.Echo
vbTab & "NIC Service (Short) Name = " & _
Nic.ServiceName
WScript.Echo
vbTab & "IP Subnet(s): "
For j = 0 to UBound(Nic.IPSubnet)
Wscript.Echo
vbTab & vbTab & Nic.IPSubnet(j)
Next
Wscript.Echo vbTab & "Internet Database Files Path = " & _
Nic.DatabasePath
Wscript.Echo
vbTab & "Dead Gateway Detection = " & _
Nic.DeadGWDetectEnabled
Wscript.Echo
vbTab & "IP Gateway(s): "
For j=0 to UBound(Nic.DefaultIPGateway)
Wscript.Echo vbTab & vbTab & Nic.DefaultIPGateway(j)
Next
If
Nic.DHCPEnabled Then
Wscript.Echo
vbTab & "DHCP Assigned IP address = " & _
Nic.DHCPEnabled
Wscript.Echo
vbTab & "DHCP Server = " & _
Nic.DHCPServer
End
If
Wscript.Echo
vbTab & "DNS for WINS Resolution Enabled = " & _
Nic.DNSEnabledforWINSResolution
Wscript.Echo
vbTab & "DNS Host Name = " & _
Nic.DNSHostName
Wscript.Echo
vbTab & "DNS Servers:"
For
j=0 to UBound(Nic.DNSServerSearchOrder)
Wscript.Echo
vbTab & vbTab & Nic.DNSServerSearchOrder(j)
Next
Wscript.Echo
vbTab & "IP Port Filtering Enabled = " & _
Nic.IPFilterSecurityEnabled
If
Nic.IPFilterSecurityEnabled Then
WScript.Echo vbTab & "IP Filtering Enabled."
If Nic.IPSecPermitIPProtocols <> 0 Then
For j=0 to UBound(Nic.IPSecPermitIPProtocols)
Wscript.Echo
vbTab & vbTab & "Protocol: " & _
Nic.IPSecPermitIPProtocols(j)
Next
Else
Wscript.Echo
vbTab & vbTab & "No Protocols Filtered"
End
If
If
Nic.IPSecPermitTCPPorts <> 0 Then
For j=0 to UBound(Nic.IPSecPermitTCPPorts)
WScript.Echo
vbTab & vbTab & "TCP Port: " & _
Nic.IPSecPermitTCPPorts(j)
Next
Else
Wscript.Echo
vbTab & vbTab & "No TCP Ports Filtered"
End
If
If
Nic.IPSecPermitUDPPorts <> 0 Then
For
j=0 to UBound(Nic.IPSecPermitUDPPorts)
Wscript.Echo
vbTab & vbTab & "UDP Port: " & _
Nic.IPSecPermitUDPPorts(j)
Next
Else
WScript.Echo
vbTab & vbTab & "No UDP Ports Filtered"
End
If
End
If
Wscript.Echo
vbTab & "LMHOSTS Lookup Enabled = " & _
Nic.WINSEnableLMHostsLookup
Wscript.Echo
vbTab & "WINS Lookup File = " & _
Nic.WINSHostLookupFile
Wscript.Echo
vbTab & "Primary WINS Server = " & _
Nic.WINSPrimaryServer
Wscript.Echo
vbTab & "Secondary WINS Server = " & _
Nic.WINSSecondaryServer
Wscript.Echo
vbTab & "WINS Scope ID = " & Nic.WINSScopeID
End
If
End
If
Next
END IF
Next
To run the script, copy and paste it to a text document and call it GetNics.vbs.
Then, open a command prompt and type the following:
Cscript <drive>:\<Path>\getnics.vbs
Or, to create a text file from the output, add this to the end of the above command:
>filename.txt
On the screen, the output will resemble that of typing IPConfig /all .
Here's a clip of what my laptop produces when connected to my home network:
Analysis of CHAPPIESLAPPIE.
========================================================
ORiNOCO Wireless LAN PC Card (5 volt) - Cisco Systems VPN Adapter
IP Address = 192.168.0.102
MAC Address = 00:02:2D:2C:A4:77
NIC Service (Short) Name = wlluc48
IP Subnet(s):
255.255.255.0
Internet Database Files Path = %SystemRoot%\System32\drivers\etc
Dead Gateway Detection =
IP Gateway(s):
192.168.0.1
DHCP Assigned IP address = True
DHCP Server = 192.168.0.3
DNS for WINS Resolution Enabled = False
DNS Host Name = chappieslappie
DNS Servers:
192.168.0.5
IP Port Filtering Enabled = False
LMHOSTS Lookup Enabled = False
WINS Lookup File =
Primary WINS Server = 192.168.0.3
Secondary WINS Server =
WINS Scope ID =
========================================================
Yeah, So What's Your Point?
So why is that so valuable? Because you can get this information, as little
or as much as you want for each NIC and log it. With a few modifications, this
script can produce output that can be sent to a central database or to a configuration
log repository to identify all the systems in your network and how your central systems are managing them.
Central database? Configuration log repository?
Remember that we are working on a way to provide accountability and centralized
management comparable to what a Unix administrator expects at his Solaris console.
Those folks love logs and for good reason! Logs are data and that data is a
checkpoint in the history of a network and its systems. This kind of data allows
an administrator to look for inconsistencies in the network or to analyze the
state of the systems on a network.
When the boss comes along and wants a report of how many systems were on the
network on the 4th of January of this year, the administrator has absolutely
no problem determining several pieces of information the boss is really asking
for. For example, the administrator knows how many addresses were consumed in
each subnet, how many machines total were up and running, whether any of them
have incorrect DNS or WINS server assignments and whether any of them have
invalid IP Filter blocks set.
That logging and accountability capability is important and doing it across
the network instead of visiting 4,000 machines spread all over the world is
what ensures that particular administrator will be the one getting promotions and building
job security.
|
