Extending Windows Firewall With Powershell

powershell banner

The GUI with Windows Firewall isn't the prettiest & adding multiple rules within the GUI is pretty tiresome ( so why not automate it? ).

A lot of people use custom software firewalls but Windows Firewall is actually pretty good when working on large corporate networks, automating things with Group Policies & Powershell can be fun.

Here are some simple scripts which should help both power users & systems administrators.
The main task I found tiresome is adding IP specific blocks, especially when there are multiple IPs involved.

I first made a script to simply block a single IP.

.\fw-block.ps1 add

I then expanded on this script, adding the ability to use blocklists.

Windows Firewall IP Blocklist Script

This script allows you to block based on a blocklist provided.
The blocklist should be a text file with IP addresses on each line.

The script syntax is pretty

Continue Reading

Fixing Windows Update on Windows 10 Pro


A lot of people have been complaining that Windows 10 has no option within settings to change the way Windows Update works.
This is true in the sense that the GUI only shows 2 options.

You can however use software policies to force these settings, this option is probably included for large companies who don't really want to have hundreds of systems downloading every update as it comes out & prompting the users to reboot.

The registry path we are interested in is:


There are various settings and options, the main one is AUOptions.

AUOptions      : 0 - Default (Uses Settings UI Which Is Limited In WIN10)
                 1 - Never Check
                 2 - Notify
                 3 - Download & Notify
                 4 - Auto Download & Schedule Install

I personally use option 2 as I like windows to notify me of updates so I can

Continue Reading

Tweaking Windows 10 With Powershell


I have been watching over Windows 10 since it's release.
There seem to be a lot of privacy & security concerns caused by a lot of Windows 10 features (eg: cortana search).
note: make sure you use custom install so you can set the correct privacy settings (just like on windows 8.1). here is a windows 10 specific guide

Some basic tweaks for fixing/mitigating information leaking include disabling & blocking telemetry.

Disable Telemetry In Powershell:

mkdir -Force "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection"
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0

A lot of people are also using a HOSTS file to block the servers.

Disabling Services

To save time doing this manually I have coded a powershell script.
The default options disable a lot of services relating to information exposure/leaking.
I have layed out the

Continue Reading

Mail Console

This is a new project which is similar to the mailadm_cli tools but hopefully a lot easier to use.

The mail console idea should be an easier alternative to using arguments.
I'm also looking at the possibility of adding features like live mail statistics.
For now it has the ability of creating and deleting accounts, aliases & domains.

I will hopefully be uploading it to github once it has been tested (currently deployed on my work test server, will hopefully be putting it onto production soon).

Continue Reading
Javascript is turned off or your browser does not support it. The appearance of this site will be affected without javascript.