# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.109554");
script_version("2023-08-22T05:06:00+0000");
script_tag(name:"last_modification", value:"2023-08-22 05:06:00 +0000 (Tue, 22 Aug 2023)");
script_tag(name:"creation_date", value:"2018-08-16 14:08:29 +0200 (Thu, 16 Aug 2018)");
script_tag(name:"cvss_base", value:"0.0");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:S/C:N/I:N/A:N");
script_tag(name:"qod", value:"97");
script_name("Microsoft Windows Firewall: Domain: Outbound connections");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("Policy");
script_dependencies("compliance_tests.nasl", "smb_reg_service_pack.nasl");
script_mandatory_keys("Compliance/Launch");
script_add_preference(name:"Value", type:"radio", value:"0;1", id:1);
script_xref(name:"Policy", value:"CIS Microsoft Windows 10 Enterprise (Release 22H2) Benchmark v2.0.0: 9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'");
script_xref(name:"Policy", value:"CIS Microsoft Windows 10 Enterprise (Release 2004) Benchmark v1.9.1: 9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'");
script_xref(name:"Policy", value:"CIS Microsoft Windows Server 2019 RTM (Release 1809) Benchmark v1.1.0: 9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'");
script_xref(name:"Policy", value:"CIS Controls Version 7: 9.4 Apply Host-based Firewalls or Port Filtering");
script_xref(name:"Policy", value:"CIS Controls Version 7: 11.2 Document Traffic Configuration Rules");
script_xref(name:"Policy", value:"CIS Controls Version 7: 11.3 Use Automated Tools to Verify Standard Device Configurations and Detect Changes");
script_tag(name:"summary", value:"This setting determines the behavior for outbound connections
that do not match an outbound firewall rule.");
exit(0);
}
include("smb_nt.inc");
include("policy_functions.inc");
include("host_details.inc");
include("version_func.inc");
target_os = "Microsoft Windows 7 or later";
win_min_ver = "6.1";
title = "Domain Profile: Outbound connections";
solution = "Set following UI path accordingly:
Computer Configuration/Windows Settings/Security Settings/Windows Firewall with Advanced Security/
Windows Firewall with Advanced Security/Windows Firewall Properties/" + title;
type = "HKLM";
key = "SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile";
item = "DefaultOutboundAction";
reg_path = type + "\" + key + "!" + item;
test_type = "RegKey";
default = script_get_preference("Value");
if(!policy_verify_win_ver(min_ver:win_min_ver))
results = policy_report_wrong_os(target_os:target_os);
else
results = policy_match_exact_reg_dword(key:key, item:item, type:type, default:default);
value = results["value"];
comment = results["comment"];
compliant = results["compliant"];
policy_reporting(result:value, default:default, compliant:compliant, fixtext:solution,
type:test_type, test:reg_path, info:comment);
policy_set_kbs(type:test_type, cmd:reg_path, default:default, solution:solution, title:title,
value:value, compliant:compliant);
exit(0);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation