Is there any support of `osquery tables for windows` command

Question

Is there any support of `osquery tables for windows` command `netsh firewall show state`

Mike Myers · Answer

Trail of Bits has an extension that you might be interested in

Mike Myers · Answer

Zweasta · Answer

< Mike Myers> Thanks for this I am having a problem with building the osquery with the extensions Can you help

Zweasta · Answer

< Mike Myers> Also I used fwctl extension it has 2 tables associated to HOST and PORT blocking However its like using those tables to configure the firewall but the problem is `how can I see all the open ports using fwctl`

Mike Myers · Answer

There may be an issue that needs fixing if you can report it here we will revisit this repo soon <https github com trailofbits osquery extensions issues>

Mike Myers · Answer

I think the design of the extension may not allow you to answer the question `how can I see all the open ports` if that would require interpreting all of the existing firewall rules Our extension might only list the things that are explicitly blocked

Zweasta · Answer

< Mike Myers> Do you guys plan on implementing such a feature like `showing all the open ports by interpreting all the firewall rules`

Mike Myers · Answer

There are no plans for additional development on those extensions at the moment no

Zweasta · Answer

Okay