9 Replies Latest reply on Jan 10, 2014 4:48 PM by crackerdan

    Script - McAfee Agent ports and services for Windows

    chares

      Hi There,

       

      i just wanted to share with the community a little something that somebody would probably find useful,

       

      Attached to this post i leave you a script that you can run through GPO or manually on a Windows PC/Server that does the following:

       

      • Allow ICMP (Ping)
      • Open ports 8443, 9443, 8083, 8084, 8441, 8444 (Ports defined for ePO) --> you can change this in the script
      • Open WMI/share related ports (135, 445, 4168, 9256)
      • Enable/Start McAfee Agent needed services (DCOM, Remote registry)
      • Enable/Start Windows Remote Management services (WinRM, RPC, WinMGMT, RPCS)

       

      this works for any NT based Windows higher than 2000, as it checks first for its kernel version before running.

       

      This is quite useful for large environments where you can't have people checking for all this in the machines,

       

      This has been run in 5 infrastructures with more than 1000 Machines each, so its been quite tested,

       

      The script has the descriptions in spanish, if somebody wants it in english, i'll be happy to modify it,

       

      I hope that this can be made sticky, so that everyone can benefit of it

       

      Cheers and happy ePO'ing