Scheduled batch file to disable network adapter?

I prefer to leave my W7 computer running, so, to lessen its vulnerability* while I sleep, I disable the network adapter at night, and re-enable it next morning.
To do this, I've created this shortcut to the adapter, and either enable or disable it.
C:\Windows\System32\rundll32.exe shell32.dll,Control_RunDLL ncpa.cpl
This works fine, but I sometimes forget to do the disable at night.
How can I automate the disable process? I tried creating a bat, thus:
netsh interface set interface "Local_Area_Connection_2" admin=disable
but it does nothing. Advice please.
*I have Malwarebytes Premium but I feel more secure with the computer completely offline while I'm asleep.

 

Unplug the modem is about the only safe way. Get in the habit.

 

Gee, thanks.

 

For what? That is the safest way to do it.

 

Every home router I have ever used allows the administrator to block (or allow) access to connected devices to specific times of the day. This is typically under the Parental Control feature, or something similar. This, to me, makes a lot more sense than using a bat file.

 

Every night? Ummm, no. You set it once and forget it.

And most, if not all routers show which devices (by IP and MAC address) are connected. No need to enter IP addresses. You just click on it, and restrict access via the Parental Control feature. Some routers may make this easier or harder, but in any case, it is not hard and does not need to be done every night.

For example, in my Netgear router, I can easily tell it to block Internet access for the computer in the guest room from 11PM to 7AM every night. My own computer is never blocked, neither is my Netflix streamer. Yes, if my houseguest needs access after 11PM, I have to go back in, but that's not hard.

Yes, if needed access times are constantly changing, that would be more cumbersome. But still, if the OP wants to block ALL access to and from his network while he sleeps no need to enter IPs in the router admin menu. Just access the menu and block all access. Or as suggested, unplug the modem or router. Or if so equipped, press the router's power switch.

 

Hi masonite
TonyT's posts for batch file then use Task Scheduler to run it.
(for details google - run batch file with Task Scheduler)

Whenever I've had to deny internet access either permanently or for set times used Bills method
Works fine.

 

Thanks to Steve, Tony, Bill and ephemarial for providing constructive and helpful answers to my question, instead of rushing into print with simplistic opinions that don't address the described issue.
All I wanted to know was how to automate the system that I've already set up. My manual method works fine - I just click on the shortcut I described above, right-click the adapter icon and select 'Disable'. However, I occasionally forget to do this so I figured a scheduled batch file would be a more reliable solution.
Note that I tried to word my original request as simply and as explicitly as possible. One thing I didn't expand on is that I only want to isolate my main desktop PC from the network, so turning off the modem is not the answer. Nor am I concerned about whatever might be the 'safest' method.
As I said above, I tried running (manually, before attempting to schedule it) this batch file that I found online:
netsh interface set interface "Local_Area_Connection_2" admin=disable
The actual name of my adapter is Local Area Connection 2. This is how it's labeled in its Windows folder and also in the cmd line image attached. Perhaps there's some other issue with the bat?

 

I really am not understanding the purpose for this entire exercise. If you want to lessen the vulnerability of the computer, you should start by upgrading to W10. Short of that, simply "Shut down" Windows via the Start menu at night, then start it normally the next morning - and be sure to require a password (that no one else knows) to log in.

I don't see how using a .bat file is really making it less vulnerable, or more convenient either. Your router should be providing a very effective layer of security. Then the W7 integrated firewall another significant layer. Then finally, your security solution, whether it be MSE or something else, should be completing the task. I am assuming, of course, W7 is updated as much as possible and your security solution is fully updated.

FTR, I just let all my computers go to sleep after I am done using them. And they all require a password after waking up to log in. This allows the OS (and my security programs) to do all their essential housekeeping chores, updates and security scans when I am not using my computers. This gives me peace of mind knowing my computers are fully updated next time I use them.

 

yes - issue with batch file
it should read (no underscores).
netsh interface set interface "Local Area Connection 2" disable

As in post 6 - right click and select run as admin else it won't work

 

Bill: I'm sorry if I've confused you. If you're as old as I am, it's easily done. But it's nice that you have peace of mind.
ephemarial: Full marks, your bat correction did the job . Plus, when altered to 'enable', it also works. Oddly, both bat versions work without the right-click-admin process. I think, some time back, I may have altered the basic command line interface to always run as admin. Anyway, problem solved. Now, I only need to schedule it. Many thanks.

 

Well, I'm no spring chicken, knocking on the door of the big seven oh. So I do suffer from occasional bouts of GCF*. And as a formally trained and certified electronics technician for nearly 50 years I don't do a lot of coding of any type, by choice. In fact, I tend to work hard to avoid it. I find it tedious - like analyzing logs for hours on end. But I have been working with and supporting IS/IT systems, including computers, personal computer operating systems, and secure networks professionally since the mid 70s. So some coding has been necessary, meaning I am not entirely a greenhorn either.

You made a point of saying you want to "lessen its vulnerability" and "I feel more secure with the computer completely offline while I'm asleep".

Your method is not the best way to achieve that.

FTR, as I noted above, I just let my computers go to sleep. On my two main systems, including this one, I also run Malwarebytes Premium, along with Microsoft Defender (formally Windows Defender). This is the setup almost all my family, friends and clients run. On the other systems here, they run Microsoft Defender, with periodic "on-demand" scans with Malwarebytes Free - just for double-checking. Plus, I keep Windows and my security current. Last, and perhaps most important (because the user is ALWAYS the weakest link in security) I am not, and I strive to avoid being "click-happy" on unsolicited links, downloads, popups and attachments.

Consequently, no computer for which I am directly responsible for has ever been infected since my work computer back in 1989-90 - and that was via the "sneakernet". That is, a coworker brought in an infected floppy disk from his home, inserted it in the computer, then got distracted and forgot about it. Then I FAILED to check for inserted floppies when I booted up the system the next morning.

Also for the record, Malwarebytes has never found anything Microsoft Defender missed, except a couple totally safe and "wanted" PUPs (potentially "unwanted" programs).

So my point is, you are wise to be concerned about security. But there are better ways to achieve your goal than running (or potentially forgetting to run) a batch file every night.




*GCF - geriatric cranial flatulence.

 

As I said before, it's good that you're pleased with your computer arrangements. In the long run, peace of mind is the only thing we really need.
Having said that, one thing that upsets my P.O.M considerably, is when I ask a question online, as I've been doing for almost 40 years, and receive answers that seem only to reflect other peoples' needs to display their own knowledge and erudition.
Really, all I asked here was, in essence, 'What's wrong with this batch file?'
Ephemarial understood that and gave me the answer I sought. Hence, I doff my woolly hat to him (or her).

 

Well, I understand your complaint. But my experience is, we, as helpers, have no clue what you, as a poster asking questions, have for experience or your level of expertise. And frankly, my experience is, not all posters are truthful about their own levels of expertise. Many come asking questions pretending to be all knowledgeable. And maybe they are great programmers, for example, but in reality, know little about hardware or security.

For example, I am a certified master electronics technician. See the link in my signature to see where I am coming from. I note it took me over two years of formal classroom training and "on-the-job" follow-on training, certifications and multiple "over-the-shoulder" evaluations before I could even think of calling myself a "technician". And it took additional years of education and training before I could be certified as a "master" tech - authorized to evaluate and certify junior techs, and authorized to certify critical systems as safe and "mission ready".

Yet we see in forums all the time, folks who have swapped out a PSU, added RAM, or even assembled a PC and suddenly they think they know all about electronics and don't hesitate to call themselves electronics technicians - yet they never heard of Ohm's Law and are totally oblivious to the fact that anything that plugs into the wall can kill!!!! And worse, they often don't hesitate to give truly dangerous advise because they are totally ignorant of the hazards.

We see in the forums all the time, folks who think they are more clever than the bad guys - so they are proud to announce they don't run with an anti-malware solution. They just don't get that they have not been infected because they are so clever. The fact is, they have not been infected simply due to dumb luck.

I post my real name and a link to my real profile just so those I help might have a little trust and confidence in my advise, and understand I am not going to (at least not intentionally) lead them astray or down a dangerous path.

And then there are the bad guys - many of whom are some of the sharpest people on the planet, often extremely well funded and even protected by their governments - even able to thwart the efforts of the best good guys.

While I sympathize with your feeling that you know what you are doing, and therefore believe everyone else must assume you do, I cannot in good conscious make that assumption when giving advice. So IMO, it is best we give our opinions so you have all the information you need to make informed decisions.

Nothing says you have to take that advise, after all.

 

Let me add something else here too. While I come to forums like this to help where I can before "those little gray cells" vanish completely, I also come here to learn something new. If there has been anything consistent I have learned over the years, it is the more I learn, the more I realize there is yet to learn. This is true for a number of reasons, not least of which, technologies are constantly changing, improving, and advancing. What was, at one time, true, may no longer be.

But as noted, I am a technical sort of man. So I am also a "show me" type of man. And I am human which means I tend to like the status quo. But I am also more than willing to change, if change makes sense. This makes me inquisitive, ever questioning. This may appear as though I am questioning the person, when in reality, I am just questioning the information given. And that may have the unintended consequences of being interpreted as questioning a person's "erudition" (great word, BTW). That was not my intent either. Apologies if that was the case.