Restrict use of Internet Connection Sharing (ICS) on DNS domain network
  • 02 Feb 2024
  • 2 読む分
  • PDF

Restrict use of Internet Connection Sharing (ICS) on DNS domain network

  • PDF

The content is currently unavailable in Ja - 日本語. You are viewing the default English version.
記事の要約

Internet Connection Sharing (ICS) is a feature in Microsoft Windows operating systems that allows a computer to share its internet connection with other devices on the same local area network (LAN). Essentially, one computer with a working internet connection can act as a gateway or access point for other devices, enabling them to connect to the internet through it.

This could potentially expose the network to security risks. Unauthorized devices connecting to the shared internet connection may introduce vulnerabilities (malicious activities such as unauthorized sharing of sensitive information or creating backdoors into the network.) and pose security threats to the organization.

This PowerShell script helps IT Admins to modify a Windows Registry key to enforce a Group Policy setting related to Internet Connection Sharing (ICS) on their managed Windows devices. Specifically, it targets the policy named "Prohibit use of Internet Connection Sharing on your DNS domain network."

  1. Create a file on your desktop, for example, prohibit_connection_sharing_on_dns.ps1 and open it in a text editor like notepad++

  2. Copy the contents below to the file or click here to download the file.

    1. It sets the $RegKey variable to the Registry path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections', where Group Policy settings related to Network Connections are stored.

    2. It sets the $RegName variable to the name of the Registry value 'NC_ShowSharedAccessUI'.

    3. It checks whether the Registry key specified by $RegKey exists using the Test-Path cmdlet.

    4. If the Registry key exists ($exists is true), it creates a new Registry property using the New-ItemProperty cmdlet. The property is named 'NC_ShowSharedAccessUI', has a value of 0 (Enabled), and is of type DWord (Double Word or 32-bit integer). The -Force parameter is used to create the key if it doesn't already exist.

    5. The Out-Null is used to suppress the output of the New-ItemProperty cmdlet.

    6. Optionally, there is a commented line (#Restart-Computer -Force) that, if uncommented, would force a computer restart. This is mentioned as a note that a restart might be necessary for the Group Policy changes to take effect.

      #Group Policy : Local Computer Policy > Computer Configuration > Administrative Templates > Network > Network Connections > Prohibit use of Internet Connection Sharing on your DNS domain network
      #Value: 0 - Enabled, 1 - Disabled
      
      $RegKey = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections'
      $RegName = 'NC_ShowSharedAccessUI'
      
      $exists = Test-Path $RegKey
      if ($exists) {
          New-ItemProperty -Path $RegKey -Name $RegName -Value 0 -PropertyType 'DWord' -Force | Out-Null
      	
      	#Uncomment below line if machine needs reboot for group policy to take into effect
      	#Restart-Computer -Force
      }
  3. Follow our guide to upload & publish the PowerShell script using Scalefusion Dashboard.

Please note that to use the PowerShell scripts, the Scalefusion MDM Agent Application must be installed on the device(s). Please follow our guide to publish and install the Scalefusion MDM Agent Application.

Notes:

  1. The scripts and their contents are sourced from various albeit authenticated Microsoft sources and forums.

  2. Please validate the scripts on a test machine before deploying them on all your managed devices.

  3. Scalefusion has tested these scripts, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these scripts.


この記事は役に立ちましたか?