; Network Compliance Test ; Written 1-21-05 Daryl Sirota of System Source - dsirota@syssrc.com ; ------------------------------------------------------------------- ? "Network Compliance testing underway..." ;? "DialRasEntry $dre" ;? "User $usr" ;? "Domain: $dom" ;? "Tunnel $tunnel" $errcount=0 $ermsg="" ? "Checking Symantec Signatures..." $vdate=readvalue("HKLM\SOFTWARE\Symantec\SharedDefs","DEFWATCH_10") if @error>0 $=LogError("Symantec AntiVirus not installed!") else $dt=right($vdate,12) $dt=left($dt,8) $today=left(@date,4)+substr(@date,6,2)+right(@date,2) $age= val($today) - val($dt) if $age>7 $=LogError("Symantec signatures older than 1 week") endif $wmi = getobject("winmgmts:{impersonationLevel=impersonate}!\\"+@WKSTA) $processname = "rtvscan.exe" $q=0 for each $process in $wmi.execquery("select * from win32_process where name = '$processname'") $q=1 next if $q=0 $=LogError("Symantec Realtime Protection is not loaded") endif if readvalue("HKLM\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Storages\Filesystem\RealTimeScan","OnOff")=0 $=LogError("Symantec Realtime Scanning is not enabled") endif endif ? "Checking Windows Critical Updates" $cmd="mbsacli -hf -o tab -x mssecure.xml -s 1 -nvc -f mbsa.log -sus http://192.168.2.35" shell $cmd if open(1,"mbsa.log",0)=0 $x=readline(1) $x=readline(1) while @error=0 $mbsaline=split($x,chr(9)) $msg=$mbsaline[5] select case $msg="NOT Found" $=LogError("HotFix "+$mbsaline[2]+" for "+$mbsaline[1]+" not found. See Q"+$mbsaline[3]+" for details.") EndSelect $x=readline(1) loop $=close(1) else LogError("Cannot run MBSA check") endif if $errcount=0 ? "Network Compliance testing passed, opening VPN..." $cmd='rqc $dre "$tunnel" 7250 $dom $usr Version1' shell $cmd if @error>0 ? "Error @Error launching R" endif sleep 10 else $=messagebox("Your computer has failed Network Compliance Testing, you will be disconnected from the VPN within a minute.@crlf@crlfExceptions:@crlf"+$ermsg,"Disconnect pending...",16) run "http://192.168.2.35/Quarantine/howtopass.htm" endif Exit Function LogError($msg) $ermsg=$ermsg+" "+$msg+@CRLF $errcount=$errcount+1 $LogError=0 EndFunction