https://blog.seanmcelroy.com/categories/aside/ en Sat, 24 Jun 2017 23:35:28 +0000 https://blog.seanmcelroy.com/2017/06/24/powershell-oneliner-to-find-outbound.html Sat, 24 Jun 2017 23:35:28 +0000 http://seanmcelroy.micro.blog/2017/06/24/powershell-oneliner-to-find-outbound.html <p>In controlled environments, it&rsquo;s useful to know when outbound connectivity is not restricted to a predefined list of required hosts, as many standards like PCI require.  Here&rsquo;s a helpful one-liner that will query your Active Directory instance for computer accounts that are enabled, and then for each of them try to connect to a site from that machine, as orchestrated by WinRM.  If you use this script, just know that you will probably see a sea of errors for machines that connect be reached from your source host via WinRM.  My go-to site for testing non-secure HTTP is asdf.com, but you could use anything target and port you desire based on what should not be allowed in your environment.  I have changed the snippet below to example.com (which will not work) so I don&rsquo;t spam the poor soul who runs asdf.com, but you should replace that with google.com or whatever host to which you wish to verify connectivity.</p> <pre>Invoke-Command -ComputerName (Get-ADComputer -Filter {Enabled -eq "True"} -Property Name,Enabled | foreach { $_.Name }) -ScriptBlock { Test-NetConnection -Port 80 "example.com" | Select TcpTestSucceeded }</pre> <p>The output will be dropped into look something like this:</p> <pre> TcpTestSucceeded PSComputerName RunspaceId ---------------- -------------- ---------- True YOUR-HOST-1 d5fd044c-c268-460e-a274-d3253adc8ce2 True YOUR-HOST-2 98206f71-80c1-4e7e-a467-fec489c542ee False YOUR-HOST-3 d0b6cf57-e833-44a6-a7bb-aebd4d854b5c True YOUR-HOST-4 14af618b-1ca7-4c1f-bb56-ce58dbd4af94</pre> <p>It&rsquo;s a great sanity check before an audit or after major changes to your network architecture or security controls.  Enjoy!</p> <p> </p> <p> </p> <p> </p>