search

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
https://hotcakex.github.io
MIT License
1.87k stars 148 forks source link

[Bug]: Confirm-SystemCompliance i get Invoke-RestMethod: No connection could be made because the target machine actively refused it #254

Closed markuslosco closed 6 months ago

markuslosco commented 6 months ago

Tools category

Harden Windows Security Module

Does your system meet the requirements?

Is your Windows installation genuine?

Please explain the bug

If i try to execute "Confirm-SystemCompliance" then i get the message "Invoke-RestMethod: No connection could be made because the target machine actively refused it"... do you have a idea? latest module version 0.4.1...

HotCakeX commented 6 months ago

Hi, You need to check your Internet connection. It's trying to fetch this number which is 1kb and it's failing because your machine either has no Internet connectivity or it's failing to reach GitHub servers.

Do you need to run it in environments where there is no Internet? I can add an offline switch just like Protect-WindowsSecurity -Offline. That number fetching is to make sure you're using the latest version of the module.

HotCakeX commented 6 months ago

Actually it's not a bad idea, I will add -offline switch to Confirm-SystemCompliance cmdlet. Soon I'm adding Windows Server 2025 support for it too and that increases the chance of people wanting to run it in environments that have no Internet connectivity.

P.S the compliance checking will soon be added to the GUI experience too.

markuslosco commented 6 months ago

I have added not existing proxies with exceptions... ok i understand... i can create a exception ;-)

netsh winhttp set proxy proxy-server="127.0.0.2:8080" bypass-list=".office.com;.office365.com;.office.net;.onedrive.com;.sharepoint.com;.optimizely.com;.microsoftonline.com;.production.us.trafficmanager.net;.microsoft.com;.live.com;.oneclient.sfx.ms;.sharepointonline.com;.spoprod-a.akamaihd.net;.prod.msocdn.com;.svc.ms;.lync.com;.broadcast.skype.com;.skypeforbusiness.com;.sfbassets.com;.skypemaprdsitus.trafficmanager.net;.windows.net;.msecnd.net;.aspnetcdn.com;.live.net;.aka.ms;.azure.net;.windows.com;.windows.net;.msedge.net;.mstea.ms;.skypeassets.com;.azureedge.net;.tenor.com;.microsoftstream.com;.assets-yammer.com;.azureedge.net;.onenote.com;.onenote.net;.aspnetcdn.com;.optimizely.com;.msappproxy.net;.msftidentity.com;.msidentity.com;.windowsazure.com;.microsoftazuread-sso.com;.microsoftonline-p.net;.msauth.net;.msauthimages.net;.msftauth.net;.msftauthimages.net;.phonefactor.net;.visualstudio.com;.cloudapp.net;.staffhub.ms;.gfx.ms;.appex.bing.com;.appex-rf.msn.com;.getmicrosoftkey.com;.atdmt.com;.yammer.com;.yammerusercontent.com;.sway-cdn.com;.sway-extensions.com;.sway.com;.azure.com;.powershellgallery.com"

end like this: Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable"=dword:00000001 "ProxyServer"="127.0.0.2:8080" "ProxyOverride"=".office.com;.office365.com;.office.net;.onedrive.com;.sharepoint.com;.optimizely.com;.microsoftonline.com;.production.us.trafficmanager.net;.microsoft.com;.live.com;.oneclient.sfx.ms;.sharepointonline.com;.spoprod-a.akamaihd.net;.prod.msocdn.com;.svc.ms;.lync.com;.broadcast.skype.com;.skypeforbusiness.com;.sfbassets.com;.skypemaprdsitus.trafficmanager.net;.windows.net;.msecnd.net;.aspnetcdn.com;.live.net;.aka.ms;.azure.net;.windows.com;.windows.net;.msedge.net;.mstea.ms;.skypeassets.com;.azureedge.net;.tenor.com;.microsoftstream.com;.assets-yammer.com;.azureedge.net;.onenote.com;.onenote.net;.aspnetcdn.com;.optimizely.com;.msappproxy.net;.msftidentity.com;.msidentity.com;.windowsazure.com;.microsoftazuread-sso.com;.microsoftonline-p.net;.msauth.net;.msauthimages.net;.msftauth.net;.msftauthimages.net;.phonefactor.net;.visualstudio.com;.cloudapp.net;.staffhub.ms;.gfx.ms;.appex.bing.com;.appex-rf.msn.com;.getmicrosoftkey.com;.atdmt.com;.yammer.com;.yammerusercontent.com;.sway-cdn.com;.sway-extensions.com;.sway.com;.azure.com;.powershellgallery.com" "AutoDetect"=dword:00000000

HotCakeX commented 6 months ago

Interesting setup :) I see lots of Microsoft domains there, if you're ever looking for a big list of those domains I've got it here

But yes I'll add offline feature so you won't have to make exceptions anymore๐Ÿ™‚

markuslosco commented 6 months ago

Thanks, with offline mode or without proxy everything works as expected. Thanks for your support

markuslosco commented 6 months ago

Thanks, with offline mode or without proxy everything works as expected. Thanks for your support

HotCakeX commented 6 months ago

No problem, have a good one!

HotCakeX commented 6 months ago

Just added offline switch to the Confirm-SystemCompliance cmdlet. https://github.com/HotCakeX/Harden-Windows-Security/releases/tag/Hardening-Module-v.0.4.2