Rob van der Woude's Scripting Pages
Powered by GeSHi

Source code for seccheck.kix

(view source code of seccheck.kix as plain text)

  1. ; SecCheck.kix, Version 1.10 for Windows 2000 with KiXtart 4.20 or later
  2. ; Checks password age, virus definitions age, and wether a list of Windows
  3. ; hotfixes are installed; and displays a message if any condition is not met.
  4. ;
  5. ; For detailed help type: KIX32 SECCHECK.KIX $Help=1
  6. ;
  7. ; Written by Rob van der Woude
  8. ; http://www.robvanderwoude.com
  9.  
  10. ; Check if help is requested
  11. If $Help
  12. 	GoTo Syntax
  13. EndIf
  14.  
  15. ; Check KiXtart version (4 required)
  16. $KixMajorVer = SubStr( @KIX, 1, InStr( @KIX, "." ) - 1 )
  17. $KixMinorVer = SubStr( @KIX, InStr( @KIX, "." ) + 1, 2 )
  18. If $KixMajorVer < 4
  19. 	GoTo Syntax
  20. EndIf
  21. If $KixMinorVer < 20
  22. 	GoTo Syntax
  23. EndIf
  24.  
  25. If $Debug
  26. 	? "KiXtart @KIX"
  27. 	? "$$KixMajorVer = $KixMajorVer"
  28. 	? "$$KixMinorVer = $KixMinorVer"
  29. 	?
  30. EndIf
  31.  
  32. ; Initialize variables
  33. Dim $Checked[ 0 ]
  34. Dim $Listed[ 0 ]
  35. Dim $Installed[ 0 ]
  36. $DefsOld = 0
  37. $AVFound = 0
  38. $LogMsg  = ""
  39. $Msg     = ""
  40. $Missing = 0
  41. $Index1  = 0
  42. $Index2  = 0
  43. $Index3  = 0
  44. $Index4  = 0
  45. $FixRoot = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000"
  46. $Title   = "Security Check"
  47. $Warning = 1
  48. $Error   = 0
  49.  
  50. ; Check if optional command line arguments are specified,
  51. ; otherwise use default values
  52. If $MaxDefAge = 0
  53. 	$MaxDefAge = 14
  54. EndIf
  55. If $MaxPwAge = 0
  56. 	$MaxPwAge = 30
  57. EndIf
  58. If $NoWarning = 1
  59. 	$Warning = 0
  60. EndIf
  61. If $List = 0
  62. 	$List = "@SCRIPTDIR\"
  63. 	$List = $List + SubStr( @SCRIPTNAME, 1, InStr( @SCRIPTNAME, "." ) )
  64. 	$List = $List + "fix"
  65. EndIf
  66. If $Log = 0
  67. 	$Log = "@SCRIPTDIR\"
  68. 	$Log = $Log + SubStr( @SCRIPTNAME, 1, InStr( @SCRIPTNAME, "." ) - 1 )
  69. 	$Log = $Log + "_@WKSTA.log"
  70. EndIf
  71.  
  72. ; Display debuging info
  73. If $Debug
  74. 	? "$$MaxDefAge = $MaxDefAge"
  75. 	? "$$MaxPwAge  = $MaxPwAge"
  76. 	? "$$List      = $List"
  77. 	? "$$Log       = $Log"
  78. 	?
  79. EndIf
  80.  
  81. ; Check if hotfix list file exists
  82. If Exist( $List ) = 0
  83. 	? "Hotfix list file not found (" + $List + ").@CRLF"
  84. 	GoTo Syntax
  85. EndIf
  86.  
  87. ; Hide console window unless in debug mode
  88. If $Debug = 0
  89. 	$x = SetConsole( "HIDE" )
  90. EndIf
  91.  
  92. ; Open log file for this computer
  93. $x = Log( $Log, "@WKSTA, @PRODUCTTYPE, @DATE, @TIME" )
  94.  
  95. ;; ;; ;; ;; ;; ;;
  96. ;;  AntiVirus  ;;
  97. ;; ;; ;; ;; ;; ;;
  98.  
  99. ; This registry key specifies the last update
  100. ; of the SAV virus definitions in hexadecimal
  101. $SAVRegKey = "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\DefWatch"
  102. $DefVer    = ReadValue( $SAVRegKey, "DefVersion" )
  103. If $DefVer
  104. 	; If the key has any value, Symantec AntiVirus
  105. 	; Corporate Edition is probably installed
  106. 	$AVType  = "SAV"
  107. 	$AVDescr = "Symantec AntiVirus Corporate Edition"
  108. 	; Extract the day, month & year of the last update
  109. 	$LastUpdYrX = "&" + SubStr( $DefVer, 3, 2 ) + SubStr( $DefVer, 1, 2 )
  110. 	$LastUpdYr  = Val( $LastUpdYrX )
  111. 	$LastUpdMnX = "&" + SubStr( $DefVer, 7, 2 ) + SubStr( $DefVer, 5, 2 )
  112. 	$LastUpdMn  = Val( $LastUpdMnX )
  113. 	$LastUpdDyX = "&" + SubStr( $DefVer, 15, 2 ) + SubStr( $DefVer, 13, 2 )
  114. 	$LastUpdDy  = Val( $LastUpdDyX )
  115. 	$AVFound = 1
  116. Else
  117. 	; Let's try if McAfee is installed.
  118. 	; This registry key specifies the last
  119. 	; update of the McAfee virus definitions
  120. 	$McARegKey = "HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\"
  121. 	$McARegKey = $McARegKey + "Shared Components\VirusScan Engine\4.0.xx"
  122. 	$EngineVer = ReadValue( $McARegKey, "szEngineVer" )
  123. 	If $EngineVer
  124. 		; If this registry key has any value
  125. 		; then McAfee is probably installed
  126. 		$AVType  = "McAfee"
  127. 		$AVDescr = "McAfee VirusScan"
  128. 		; Extract the day, month & year of the last update
  129. 		$DatDate   = ReadValue( $McARegKey, "szDatDate" )
  130. 		$DateArray = Split( "$DatDate", "/")
  131. 		For Each $Element In $DateArray
  132. 			Select
  133. 				Case $LastUpdDy
  134. 					$LastUpdYr = $Element
  135. 				Case $LastUpdMn
  136. 					$LastUpdDy = $Element
  137. 				Case 1
  138. 					$LastUpdMn = $Element
  139. 			EndSelect
  140. 		Next
  141. 		$AVFound = 1
  142. 	Else
  143. 		; We didn't find Symantec AntiVirus, nor McAfee ViruScan
  144. 		$Msg = "Neither Symantec nor McAfee AntiVirus are installed."
  145. 		$x   = Log( $Log, $Msg )
  146. 	EndIf
  147. EndIf
  148.  
  149. If $AVFound
  150. 	; Calculate the total number of days between January
  151. 	; 1st and the last update, ignoring leap years
  152. 	Select
  153. 		Case $LastUpdMn = 1
  154. 			$LastUpdTotDy =   0 + $LastUpdDy
  155. 		Case $LastUpdMn = 2
  156. 			$LastUpdTotDy =  31 + $LastUpdDy
  157. 		Case $LastUpdMn = 3
  158. 			$LastUpdTotDy =  59 + $LastUpdDy
  159. 		Case $LastUpdMn = 4
  160. 			$LastUpdTotDy =  90 + $LastUpdDy
  161. 		Case $LastUpdMn = 5
  162. 			$LastUpdTotDy = 120 + LastUpdDy
  163. 		Case $LastUpdMn = 6
  164. 			$LastUpdTotDy = 151 + $LastUpdDy
  165. 		Case $LastUpdMn = 7
  166. 			$LastUpdTotDy = 181 + $LastUpdDy
  167. 		Case $LastUpdMn = 8
  168. 			$LastUpdTotDy = 212 + $LastUpdDy
  169. 		Case $LastUpdMn = 9
  170. 			$LastUpdTotDy = 243 + $LastUpdDy
  171. 		Case $LastUpdMn = 10
  172. 			$LastUpdTotDy = 273 + $LastUpdDy
  173. 		Case $LastUpdMn = 11
  174. 			$LastUpdTotDy = 304 + $LastUpdDy
  175. 		Case $LastUpdMn = 12
  176. 			$LastUpdTotDy = 334 + $LastUpdDy
  177. 	EndSelect
  178.  
  179. 	; Calculate the number of days between today and the last update
  180. 	$DefsOld = ( 365 * ( @YEAR - $LastUpdYr ) ) + @YDAYNO - $LastUpdTotDy
  181.  
  182. 	; Generate a message to the user if the virus definitions are too old
  183. 	If $DefsOld > $MaxDefAge
  184. 		$LogMsg = "Your $AVDescr virus definitions are "
  185. 		$LogMsg = $LogMsg + $DefsOld + " days old."
  186. 		$Msg    = $Msg + $LogMsg
  187. 		$x      = Log( $Log, $LogMsg )
  188. 	EndIf
  189. EndIf
  190.  
  191. ;; ;; ;; ;; ;; ;; ;;
  192. ;;  Password age  ;;
  193. ;; ;; ;; ;; ;; ;; ;;
  194.  
  195. ; Check password age and generate message if necessary
  196. If @PWAGE > $MaxPwAge
  197. 	$LogMsg = "Your Windows password is @PWAGE days old."
  198. 	$Msg    = $Msg + @CRLF + $LogMsg
  199. 	$x      = Log( $Log, $LogMsg )
  200. EndIf
  201.  
  202. ; Append a blank line to the message
  203. If $Msg
  204. 	$Msg = $Msg + @CRLF
  205. EndIf
  206.  
  207. ;; ;; ;; ;; ;; ;; ;; ;;
  208. ;; Windows hotfixes  ;;
  209. ;; ;; ;; ;; ;; ;; ;; ;;
  210.  
  211. ; Read installed hotfixes from registry and store the results in an array
  212. :Loop1
  213. $KeyName1 = EnumKey( "$FixRoot\", $Index1 )
  214. If @ERROR = 0
  215. 	:Loop2
  216. 	$KeyName2 = EnumKey( "$FixRoot\$KeyName1", $Index2 )
  217. 	If @ERROR = 0
  218. 		$Installed[ $Index3 ] = "$KeyName1\$KeyName2"
  219. 		If $Debug = 1
  220. 			? "$$Installed[$Index3] = $KeyName1\$KeyName2"
  221. 		EndIf
  222. 		$Index2 = $Index2 + 1
  223. 		$Index3 = $Index3 + 1
  224. 		ReDim PRESERVE $Installed[ $Index3 ]
  225. 		GoTo Loop2
  226. 	EndIf
  227. 	$Index1 = $Index1 + 1
  228. 	GoTo Loop1
  229. EndIf
  230.  
  231. ; Read hotfixes from hotfix list file and store the results in an array
  232. If Open( 3, $List ) = 0
  233. 	$x = ReadLine( 3 )
  234. 	While @ERROR = 0
  235. 		$Listed[ $Index4 ] = $x
  236. 		If $Debug = 1
  237. 			? "$$Listed[$Index4] = $x"
  238. 		EndIf
  239. 		$Index4 = $Index4 + 1
  240. 		$x = ReadLine( 3 )
  241. 		ReDim PRESERVE $Listed[ $Index4 ]
  242. 	Loop
  243. 	$x = Close( 3 )
  244. Else
  245. 	? "Hotfix list file not opened, error code: [" + @ERROR + "]"
  246. 	Exit 255
  247. EndIf
  248.  
  249. ; Check if every line from the hotfix list file
  250. ; is found in the array of installed hotfixes
  251. For Each $Element1 In $Listed
  252. 	If Trim( $Element1 ) <> ""
  253. 		$Checked = 0
  254. 		For Each $Element2 In $Installed
  255. 			If $Element1 = $Element2
  256. 				$Checked = 1
  257. 			EndIf
  258. 		Next
  259. 		If $Checked = 0
  260. 			$Missing = $Missing + 1
  261. 			$LogMsg  = "Fix $Element1 is NOT installed"
  262. 			$Msg     = $Msg + @CRLF + $LogMsg
  263. 			$x       = Log( $Log, $LogMsg )
  264. 			If $Debug
  265. 				? "Fix $Element1 is NOT installed"
  266. 			EndIf
  267. 		Else
  268. 			If $Debug
  269. 				? "Fix $Element1 is installed"
  270. 			EndIf
  271. 		EndIf
  272. 	EndIf
  273. Next
  274.  
  275. Select
  276. 	Case $Missing = 1
  277. 		$Msg = $Msg + @CRLF + "1 fix is missing"
  278. 	Case $Missing > 1
  279. 		$Msg = $Msg + @CRLF + "[$Missing Windows hotfixes are missing]"
  280. EndSelect
  281.  
  282. If $Debug
  283. 	? "$$Missing = $Missing"
  284. 	?
  285. EndIf
  286.  
  287. ;; ;; ;; ;; ;; ;; ;; ;; ;; ;;
  288. ;; Display warning message ;;
  289. ;; ;; ;; ;; ;; ;; ;; ;; ;; ;;
  290.  
  291. If $Msg
  292. 	$Msg = $Msg + @CRLF + @CRLF
  293. 	$Msg = $Msg + "Please contact your helpdesk for further instructions!"
  294. EndIf
  295.  
  296. If $Msg
  297. 	$x = Log( $Log, "Security scan result: Intervention required" + @CRLF )
  298. 	If $Warning
  299. 		$x = MessageBox( $Msg, $Title, 64 )
  300. 	EndIf
  301. Else
  302. 	$x = Log( $Log, "Security scan result: Everything seems to be OK" + @CRLF )
  303. EndIf
  304.  
  305.  
  306.  
  307. ; Restore console window
  308. $x = SetConsole( "SHOW" )
  309.  
  310. ; End program
  311. Exit $Error
  312.  
  313.  
  314. Function Log( $LogFile, $Message )
  315. 	$Handle = FreeFileHandle()
  316. 	If Open( $Handle , $LogFile , 5 ) = 0
  317. 		$x = WriteLine( $Handle , $Message + @CRLF )
  318. 		If Close( $Handle )
  319. 			? "Error closing log file!"
  320. 			? @SERROR
  321. 		EndIf
  322. 	Else
  323. 		? "Failed to open log file, error code: [" + @ERROR + "]"
  324. 		? @SERROR
  325. 	EndIf
  326. EndFunction
  327.  
  328.  
  329. :Syntax
  330. ? "SecCheck.kix,  Version 1.10 for Windows 2000 with KiXtart 4.20 or later"
  331. ? "Checks password age, virus definitions age, and wether a list of Windows"
  332. ? "hotfixes are installed, and displays a message if any condition is not met"
  333. ?
  334. ? "Usage: KIX32 SECCHECK.KIX [$$MaxDefAge=n] [$$MaxPwAge=m] [$$NoWarning=1]"
  335. ? "                          [$$List=some_file] [$$Log=some_log] [$$Debug=1]"
  336. ?
  337. ? "   or: KIX32 SECCHECK.KIX $$Help=1"
  338. ?
  339. ? "Where: $$MaxDefAge specifies the maximum age allowed of virus definitions"
  340. ? "       $$MaxPwAge  specifies the maximum age allowed of logon password"
  341. ? "       $$NoWarning if specified, NO warning is shown if conditions aren't met"
  342. ? "       $$List      specifies file containing list of hotfixes to be checked"
  343. ? "       $$Log       specifies file where results will be logged"
  344. ? "       $$Help      if specified, displays this help text"
  345. ?
  346. ? "Written by Rob van der Woude"
  347. ? "http://www.robvanderwoude.com"
  348. ?
  349. If ( $KixMajorVer < 4 OR ( $KixMajorVer = 4 AND $KixMinorVer < 20 ) )
  350. 	? "This script requires KiXtart version 4.20 or later."
  351. 	? "Your current KiXtart version is @KIX."
  352. Else
  353. 	? "Note:   This script and its author are in no way associated with Symantec,"
  354. 	? "        nor with Network Associates."
  355. EndIf
  356. ?
  357. Exit 255
  358.  

page last modified: 2024-02-26; loaded in 0.0285 seconds