This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

PowerShell script to email for packet drops?

Question
0

Sign in to vote

Is there a way to email a report that summarizes dropped packets that a PC receives via PowerShell? This would be to keep an eye on if someone were trying to breach the computer.

Thursday, October 26, 2017 6:31 PM

All replies

0

Sign in to vote

You can just look at the IP stats. PowerShell is not required. Dropped packets are not caused by a breakin. They are caused by other issues.

netstat -e
netstat -s -p

The event logs are the best place to see break in attempts.

\_(ツ)_/

Thursday, October 26, 2017 6:46 PM
0

Sign in to vote

I am also working on the same

test-connection IPaddress -count 5 will ping it 5 times

i will create one soon too
Thanks & Regards Ramandeep Singh

Friday, October 27, 2017 12:41 PM
0

Sign in to vote

jrv,

Thanks for the info.

What event logs would you recommend looking for to pinpoint break in attempts?

Also is it possible to run netstat -e or netstat -s -p on a remote computer?

Finally the remote computer I am investigating is on a segmented network with different firewall rules so I don't think I can run netstat on that remote computer so that is why I wondered if I could have PowerShell send an email of drop activity from the remote computer to my office computer.

thanks,
Fufighter

Monday, October 30, 2017 7:54 PM
0

Sign in to vote
What do you mean by "packet drop"?

I think what you are looking for is a network sniffer. There are also third party tools that can analyze IP communications and report the statistics.

You can also post in the security forum for reference to tools that will do what you ask.

Please read this first: https://social.technet.microsoft.com/Forums/scriptcenter/en-US/c47b1bc2-f7fd-4d2e-8ff2-e8a81ce090d4/this-forum-is-for-scripting-questions-rather-than-script-requests?forum=ITCG

Also find scripts here: http://gallery.technet.microsoft.com/

Learn PowerShell: https://mva.microsoft.com/en-us/training-courses/getting-started-with-microsoft-powershell-8276

Script requests: https://gallery.technet.microsoft.com/scriptcenter/site/requests

\_(ツ)_/
- Proposed as answer by Albert LingMicrosoft contingent staff Tuesday, October 31, 2017 7:52 AM
Monday, October 30, 2017 8:00 PM
0

Sign in to vote

$Ip=gc C:\users\raman\Desktop\IP.txt

foreach ($IPaddress in $Ip)

{
$pingstatus=test-Connection $IPaddress -Count 10 -ea SilentlyContinue
$pingsuccess= ($pingstatus).count
$loss=10-$pingsuccess
$percentloss=($loss/10)*100
Write-Host "the loss for" $IPaddress is $loss ":percent loss"

}

# you can use send-mailmessage to send the variables through email or output to file and attach it in email.
Thanks & Regards Ramandeep Singh

Wednesday, November 1, 2017 7:11 AM