none
How to determine whether a firewall is enabled of a Remote Machine using c# RRS feed

  • Question

  • How to determine whether a firewall is enabled of a Remote Machine using c#

    Thank's in advance

    Regards

    natekar

    Saturday, October 20, 2012 6:41 AM

Answers

  • You need to be in administrators group of remote computer for this to work. (Either as domain user of the same domain, or by creating a user with same username and password on the remote computer if that computer hasn't joined domain.

    Btw, one of the many things I want to naildown if I put the firewall up is to disable group for "File and printer sharing" which means the RPC ports would be inaccessible, which also means this piece of code would not work.

    So the only way to make sure is that, as what Nate said in the first post, to try to connect whatever port you try to access directly and report back whether you can/cannot connect to it. 

    Thursday, October 25, 2012 6:22 AM
    Answerer
  • Hi Natekar,

      You could follow the following steps introduced by Error: 0x80070005 when you try to install updates using Microsoft Update or Windows Update.


    Jason Wang [MSFT]
    MSDN Community Support | Feedback to us

    Thursday, October 25, 2012 5:09 AM
  • Btw, there's a little flaw in your code.

    Windows Firewall never blocks loopback interface, so you should have to test whatever private/public IP assigned to that computer instead of using localhost/127.0.0.1/::1.

    And testing for 1433 is not good if no SQL server is installed. TCP port 135 is a better target to test connection. (It should work even if "Server" service on the target computer is stopped)

    • Marked as answer by Jason Dot Wang Monday, October 29, 2012 8:44 AM
    • Unmarked as answer by Natekar Wednesday, October 31, 2012 4:47 AM
    • Marked as answer by Natekar Wednesday, October 31, 2012 4:47 AM
    Saturday, October 27, 2012 1:53 AM
    Answerer

All replies

  • Something like this:

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Net.Sockets;
    
    namespace CheckPortStatus
    {
        class Program
        {
            static void Main(string[] args)
            {
                try
                {
                    TcpClient tcp = new TcpClient();
                    tcp.Connect("localhost", Convert.ToInt16(1433));
                    Console.WriteLine("online");
                }
                catch (Exception ex)
                {
                    Console.WriteLine("offline");
                    Console.WriteLine(ex.Message);
                }
            }
        }
    }

    Where changing the Port and Host to whatever it is you're testing.

    Alternatively, here is an article that's a little more complicated using COM Interop and C#

    http://www.shafqatahmed.com/2008/01/controlling-win.html


    Saturday, October 20, 2012 7:52 AM
  •  

    Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", "Remote/Local Ipadress", false);
      INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(NetFwMgrType);//Exception Occurs here
     bool Firewallenabled = mgr.LocalPolicy.CurrentProfile.FirewallEnabled;   

     

    I want to do with above code,but am getting an exception  as follows

    Retrieving the COM class factory for remote component with CLSID {304CE942-6E39-40D8-943A-B913C40C9CD4} from machine 10.2.108.6 failed due to the following error: 80070005

    could any  work around for this


    Saturday, October 20, 2012 8:01 AM
  • Hi Natekar,

      You could follow the following steps introduced by Error: 0x80070005 when you try to install updates using Microsoft Update or Windows Update.


    Jason Wang [MSFT]
    MSDN Community Support | Feedback to us

    Thursday, October 25, 2012 5:09 AM
  • You need to be in administrators group of remote computer for this to work. (Either as domain user of the same domain, or by creating a user with same username and password on the remote computer if that computer hasn't joined domain.

    Btw, one of the many things I want to naildown if I put the firewall up is to disable group for "File and printer sharing" which means the RPC ports would be inaccessible, which also means this piece of code would not work.

    So the only way to make sure is that, as what Nate said in the first post, to try to connect whatever port you try to access directly and report back whether you can/cannot connect to it. 

    Thursday, October 25, 2012 6:22 AM
    Answerer
  • Btw, there's a little flaw in your code.

    Windows Firewall never blocks loopback interface, so you should have to test whatever private/public IP assigned to that computer instead of using localhost/127.0.0.1/::1.

    And testing for 1433 is not good if no SQL server is installed. TCP port 135 is a better target to test connection. (It should work even if "Server" service on the target computer is stopped)

    • Marked as answer by Jason Dot Wang Monday, October 29, 2012 8:44 AM
    • Unmarked as answer by Natekar Wednesday, October 31, 2012 4:47 AM
    • Marked as answer by Natekar Wednesday, October 31, 2012 4:47 AM
    Saturday, October 27, 2012 1:53 AM
    Answerer
  • HI,

     Plz do reply .....

    1) If Firewall is Off, then also  I was able to connect to remote machine over the port( 1433 or 135), in that case how is it possible to determine/Conclude ,using following piece of code, that firewall is Enabled/Disabled on remote machine

    tcp.Connect("localhost", Convert.ToInt16(1433));

    or

    tcp.Connect("localhost", Convert.ToInt16(135));

     

    2) I have used  following code, but it requires user to be administrator group of the Remote Machine and also  when I run on 64 bit machine and try to access 34 bit Remote machine ,it throws COM errors

    //Code

     Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", "RemoteMachineIPAddress", false);
                    INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(NetFwMgrType);
                    Firewallenabled = mgr.LocalPolicy.CurrentProfile.FirewallEnabled;



    Natekar


    • Edited by Natekar Sunday, November 11, 2012 7:25 AM
    Saturday, November 10, 2012 4:18 PM
  • If you're only targetting Vista/Win7, you can use System.ServiceProcess.ServiceController.GetServices("remotemachinename") and filter for "MpsSvc" as service name, to determine whether it's running (it won't work on WinXP because the service name is different, and I don't know whether the same changed or not in Win8)

    This enquery doesn't require Administrator right, but you have to still be at least a user on remote machine.

    The downside is, even if you know it's running, you don't know whether the rules afffecting your application is enabled or not.


    Monday, November 12, 2012 2:34 AM
    Answerer