this week I had the problem on a Windows Server 2008 R2 system that I had to recognize if a network connection to specific closed TCP port is tried to established.
The Windows firewall on the machine is running but logs only packets to the firewall logfile for tcp and udp ports an which a process is listen to. Also the parsing of the logfile is frequently necessary.
A better way is to enable the firewall audit option “Filtering Platform Packet Drop”. This generates an EventLog entry with EventID 5152 for each incoming packet which is dropped. Windows provides the abiltiy to trigger an schedule task after an eventlog entry is written and pass some event details as parameter to a script defined in the task. Unfortunataly not with the GUI. Continue reading Windows: Passing parameters to event triggered schedule tasks→
when it is necessary that normal user needs the ability to do some operations on a service, such as starting or stopping, multiple ways exists to grant these permissions. Windows has no GUI or (easy to use) command line tool on board to set these access rights. I will show you 3 ways to set them.
Sysinternals Process Explorer
sc.exe (Service controller)
subinacl.exe (The security swiss knife)
For the following examples I will use the OpenVPN Service with its Service Name openvpnservice and assign the start and stop permissions to a user or group. But its the same procedure for all other services.
The easiest way is to use the sysinternals Process Explorer. It provides a graphical user interface but has the dependency that the service must be in the running state before process explorer is started. If you already have a valid openvpn configuration start the service:
sc start openvpnservice
Then start the process explorer as administrator and locate the openvpn service process openvpnserv.exe.
My Knowledgebase for things about Linux, Windows, VMware, Electronic and so on…
Place for Advertisment to support michlstechblog.info
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.