Hello,
We have extended the rw.exe (Remote WakeUp) program to allow it to accept a gateway address. If your (NAT) router supports it you can broadcast the magic packet on a local network through the networks gateway.
We are using this program for small networks where all computers are switched off at the end of the day or during the weekend.
We will extend the program to allow it to read a list with MAC addresses from a file and shoot magic packets within a LAN or through a router.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: Bert Haver

Interesting, I like the idea. I've been thinking the best way to get MAC addresses for a WOL script.

However, I'm a bit confused. Doesn't this require allowing internet access to the SQL server (port 1433, I think) that's hosting the Kaseya database? Also, I don't think the connection isencryptedeither, or is it? Of course, it's very concerning ifthe Kaseya database was ever hacked. Thehacker could potentiallycausemassivehavoc on our managed systems.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: connectex

Errors out looking for SQL. yes

Legacy Forum Name: Script Discussion,
Legacy Posted By Username: rvines

connectex wrote:

Interesting, I like the idea. I've been thinking the best way to get MAC addresses for a WOL script.

However, I'm a bit confused. Doesn't this require allowing internet access to the SQL server (port 1433, I think) that's hosting the Kaseya database? Also, I don't think the connection isencryptedeither, or is it? Of course, it's very concerning ifthe Kaseya database was ever hacked. Thehacker could potentiallycausemassivehavoc on our managed systems.

As far as I know, this is absolutely true. Yes, port 1433 would need to be forwarded if you want this to work off site.
Also, rather than sending a magic packet to each router, we instead run this from each lanwatch machine. However, I'm going to look into your application Bert because this should alleviate some of the security risks.

As for my method, please feel free to suggest alternative ways to go about this. I have very little programming experience (as I said, I really only just crammed this VB script stuff); this was more of a hack. I didn't think about the security risks associated with connecting to the kaseya db remotely.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: wilsontc

I have an another idea for pulling MAC address information. I'll post more if I get it working.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: connectex

connectex wrote:

I have an another idea for pulling MAC address information. I'll post more if I get it working.

What's your idea? We might come up with two solutions if you care to share!


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: wilsontc

Well, I've been thinking of a wake up and shutdown script. I want to wake up for patches, defrag, etc. and then be able to shutdown only the systems that were woke up.

I was thinking of writing a script, to run on the Kaseya server, that would connect to the SQL database andgather machine name, IP address, and MAC addresses for each machineand write them toa file. One file for each machine group. These fileswould be placed ina location on the Kaseya server to allow download. Another script,running on a localized system, woulddownload the previously generated file for it's machine group. The script would then parse the file and execute a WOL for each MAC address. It would require one script per machine group. Then I think I'd also have a master script that calls all the individual scripts to wake all systems up. This does notinclude tracking the state of each machine, but you get the idea. I might even be able to avoid per machine group scripts if I could determine the agent's machine group from the client side. What ya think of this approach?


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: connectex

So rather than connecting to the database over the internet, the lanwatch machine simply pulls a text file off the kaseya server? That sounds better actually, and quite easy to do; I'll just modify my script to write the MAC addrs to a text file, and then separate the calls to rw.exe into another script to run on the lanwatch machines. Excellent!

I've got some other things to do atm, but when I get around to fixing it I'll let you guys know
Let me know how you go Connectx.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: wilsontc

I got started in the computer field because of my interest in programming. It still serves me well even though I know do networkinfrastructure work.

Legacy Forum Name: Script Discussion,
Legacy Posted By Username: connectex

Hello again ladies and gents,
I have changed the script so now it's a two part thing. This should remove the security risks.
However, there is added complexity! You'll have to write a kaseya script to fetch the mac.txt file from the kserver (which is easy), and also to put the rw.exe on the lanwatch machine (which is also easy).
The slightly more tedious aspect is that you have to run the first script on the kserver, and then run the second script (lanwatch-wakeup.vbs) on one lanwatch machine at every site.

At least this approach is more secure because now the lanwatch machine is just requesting a text file from the kserver, which will be sent via the encrypted kagent channel (correct terminology?), rather than attempting to remotely connect to the database (which would be sent in plaintext). Also, this approach does not require additional port forwarding. Yay!

I owe it to you guys - thanks for your feedback


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: wilsontc

Hi There

Cool script just whatI have been looking for.

Can this script be ammended to dump the Mac addresses for each groupID into a seperate Mac.txt named '_mac.txt?

Cheers

Clive


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: clivechurchyard

Yes, you could do that Clive, but I'm not sure why you'd want to. It then means you have to write a kaseya script for each machine group (I think). Of course, to modify the vbs wouldn't be difficult at all - you just need to make a second query, then add another loop (off the top of my head).
Having all the MAC addrs in one file shouldn't be a problem in terms of time or speed - it will only take a couple of mins, even if you have a few thousand I would think.
What's your reasoning Clive? We might be able to work out an alternate solution!


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: wilsontc

My reasoning was to wonder what happens if a Mac address cannot be found on the network? Also what happens if the machine is already on?

Cheers

Clive


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: clivechurchyard

Remember all MAC addresses are unique. Sending a wake up packet to an already on system or a address that's not available on the network should not be an issue.It will take longer to run the script because every managed systems address is in the file butsending the wake up packet is very fast.

The only reason I was mentioning creating separate files bymachine groups was I was thinking of a wake up and shutdown script. So to do this I would probably be exporting computer name, IP address, and MAC address. I'd use the name and IP address to verify if the system needed to be woken up. The shutdown script would only shutdown those system that were woken up and were not in use. It's an idea but I haven't determined the best way to do it exactly yet.


Legacy Forum Name: Script Discussion,
Legacy Posted By Username: connectex