Radimus
(KiX Supporter)
2006-12-15 06:11 PM
Network (and wireless) disconnector


This initially started as a way of blocking users from connecting to hotspots.

user will probably need local admin, or you could run this under system acct, but that will not have access to the VPN group membership.

Code:
;
;  Script will not run if user is member of VPN group
;  Disconnection is issued as DHCP release
;  Script will provide details for network disconnections to "IT_Staff"
;  All networks that are NOT in DHCP 192.92.0.0 will disconnected
;  All connections, wired and wireless, are subject to disconnection
;

break on

if not ingroup('VPN')

;   **********  To detect an existing connection prior to this script's execution
$objWMIService = GetObject("winmgmts:\\.\root\cimv2")
$colItems = $objWMIService.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")
For Each $objItem in $colItems
	$arrIPAddresses = $objItem.IPAddress
	For Each $strAddress in $arrIPAddresses
		if left($strAddress,6)<>'0.0.0.' and left($strAddress,6)<>'192.92'
			$nul = $objItem.ReleaseDHCPLease()
			$err = @serror + ': Releasing '
			if ingroup("IT_Staff")
				$nul = messagebox($objItem.Description+@crlf+$strAddress+@crlf+$err,'Network Connection Denied',0) 
			endif
			$nul = messagebox("You have attempted to connect to an unauthorized network."+@crlf+"Please contact IT Helpdesk at 866-123-4567 for assistance",'Network Connection Denied',0) 
        EndIf
    Next
Next


;   **********  To detect new connection attempts since this script's execution
$Query = "SELECT * FROM __InstanceOperationEvent WITHIN 5 WHERE TargetInstance ISA 'Win32_NetworkAdapterConfiguration' and targetInstance.IPEnabled = true"
$objEvents = GetObject("winmgmts:\\.\root\cimv2").ExecNotificationQuery($query)
While 1
	$objConnectEvent = $objEvents.nextevent
	$aIPAddress = $objConnectEvent.TargetInstance.IPAddress
	For Each $sAddress in $aIPAddress
		if left($sAddress,6)<>'0.0.0.' and left($sAddress,6)<>'192.92'
			$release = $objConnectEvent.TargetInstance.ReleaseDHCPLease()
			$err = @serror + ': Releasing '
			if ingroup("IT_Staff")
				$nul = messagebox($objConnectEvent.TargetInstance.Description+@crlf+$sAddress+@crlf+$err,'Network Connection Denied',0) 
			endif
			$nul = messagebox("You have attempted to connect to an unauthorized network."+@crlf+"Please contact IT Helpdesk at 866-123-4567 for assistance",'Wireless Network Connection Denied',0) 
		endif
	Next
loop

endif


masken
(MM club member)
2006-12-18 04:39 PM
Re: Network (and wireless) disconnector

Nice \:\)

So how is this executed?

Radimus
(KiX Supporter)
2006-12-18 06:09 PM
Re: Network (and wireless) disconnector

run it with wkix at logon...

I wrapped it with iexpress and call it from HKLM\...\run

the second part loops and checks for new connections every 5 seconds