NMap 5.21 Released

January 28, 2010

NMap, the venerable network security scanner, has recently been updated. NMap 5.21 includes a ton of new enhancements. If you are new to NMap or would simply like to enhance your skills I would strongly encourage you to read the NMap Network Scanning book, written by the author of NMap.

Leave a Comment » | Networking, Utilities | Permalink
Posted by Richard Hicks

Forefront Threat Management Gateway (TMG) 2010 Best Practices Analyzer

January 21, 2010

The Microsoft Forefront Threat Management Gateway (TMG) 2010 Best Practices Analyzer is now available. Download it today!

Leave a Comment » | Threat Management Gateway, Utilities | Permalink
Posted by Richard Hicks

Sysinternals NewSID Utility Retired

November 4, 2009

If you frequently work with virtual machines like I do, you have most likely used the Sysinternals tool NewSID to generate new machine SIDs for your cloned systems. If you’ve attempted to use NewSID on a Windows Server 2008 R2 system, you no doubt have discovered (as I did) that NewSID no longer works! As a workaround I reverted to using sysprep, anxiously awaiting an update to the utility that I have used for over ten years on an almost daily basis it seems. I was surprised when I read the news that NewSID would be retired, but this post from Mark Russinovich explains the reasoning behind retiring the tool, and also explains the myth of machine SID duplication. As it turns out, generating a new machine SID was never really necessary in the first place. Who knew!

Leave a Comment » | Utilities | Permalink
Posted by Richard Hicks

Performance Analysis of Logs (PAL) v2.0 Technology Preview

November 2, 2009

The Performance Analysis of Logs (PAL) tool, developed by Microsoft Premiere Field Engineer (PFE) Clint Huffman, is a very powerful free tool available on CodePlex that makes the analysis of logged performance data much simpler. The utility is used to automate the assessment of a performance monitor counter log (in any format) and compares that information to known thresholds provided with the tool. It produces reports in HTML format and will generate alerts when thresholds are exceeded.

The current release (v1.35) is written in VBScript. The v2.0 release of PAL has been completely rewritten in PowerShell, and is now available as a very early technology preview. PAL does not require installation, but it does have some dependencies; PowerShell v1.0 or higher, Microsoft .Net Framework 3.5 SP1, and Microsoft Chart Controls for Microsoft .NET Framework 3.5.

PAL includes threshold files for most major Microsoft products, including IIS, MOSS, SQL Server, BizTalk, Exchange, and Active Directory. ISA and Forefront Threat Management Gateway support will be added in the near future.

Download Performance Analysis of Logs (PAL) v2.0 Technology Preview today!

Leave a Comment » | Utilities | Permalink
Posted by Richard Hicks

Wireshark v1.2.3 Now Available!

October 27, 2009

Wireshark just announced the availability of Wireshark v1.2.3. Included in this release is version 4.1.1 of WinPcap that now works with Windows 7! Download your copy today!

Download Wireshark

Leave a Comment » | General, Networking, Utilities | Permalink
Posted by Richard Hicks

Windows Sysinternals Administrator’s Reference – Coming Soon!

September 17, 2009

If you perform any sort of Windows troubleshooting at all, no doubt you have used some of Mark Russinovich’s wonderful Sysinternals Utilities Suite. If not, you are seriously missing out on some valuable diagnostic tools! I use Process Explorer and Process Monitor on an almost daily basis, as I am sure many of you do as well. Other than attending one of Mark’s or David Solomon’s TechEd presentations, training for these tools has been limited. The good news is that soon Microsoft will be releasing the Windows Systernals Administrator’s Reference. This book will be a definite must have for anyone serious about performing diagnostics on the Windows platform. It is available now for pre-order on Amazon.com, so be sure and order your copy today. I did!

sysinternals_reference

Leave a Comment » | General, Utilities | Permalink
Posted by Richard Hicks

Configuring Roles and Features in Windows Server 2008 R2

August 26, 2009

Windows Server 2008 includes a command-line utility called servermanagercmd.exe that allows administrators to configure roles, role services, and features from the command line. Beginning with Windows Server 2008 R2, however, servermanagercmd.exe has been deprecated. When you attempt to run servermanagercmd.exe you will receive the following message:

Servermanagercmd.exe is deprecated, and is not guaranteed to be supported in future releases of Windows. We recommend that you use the Windows PowerShell cmdlets that are available for Server Manager.

Servermanagercmd.exe has been replaced with new PowerShell Server Manager cmdlets (pronounced ‘command-lets’). Before we can use these new cmdlets we must first import them. Open an elevated PowerShell command prompt and enter the following command:

import-module servermanager

Here are the three new PowerShell cmdlets and their corresponding servermanagercmd.exe equivalents [in brackets]:

Add-WindowsFeature [servermanagercmd.exe –install]

Get-WindowsFeature [servermanagercmd.exe –query]

Remove-WindowsFeature [servermanagercmd.exe –remove]

For more information regarding the new PowerShell cmdlets and servermanagercmd.exe, please refer to the Overview of Server Manager Commands article on Microsoft Technet.

2 Comments | General, Utilities | Permalink
Posted by Richard Hicks

Microsoft Exchange Server Remote Connectivity Analyzer

August 25, 2009

My good friend Andy Tang, who works for e92Plus over in the UK, blogged recently about some issues he was having with ActiveSync on IAG. In his post he talks about using a wonderful utility called the Microsoft Exchange Server Remote Connectivity Analyzer. This online tool will allow you to remotely test ActiveSync, Outlook Anywhere (RPC/HTTP), and inbound SMTP. Excellent!

https://www.testexchangeconnectivity.com/

Leave a Comment » | Troubleshooting, Utilities | Permalink
Posted by Richard Hicks

Troubleshooting Basic HTTP Connectivity Using VBScript

August 25, 2009

As a follow up to my last blog post I wanted to share with you a way to perform basic HTTP connectivity testing using VBScript. Using the GetAllResponseHeaders method of the XMLHTTP object we can easily retrieve and display response headers returned by a web server. The VBScript code looks like this:

Option Explicit

Dim HTTP, Site

Site = InputBox(“Enter site name:”, “Get All Response Headers”)

Set HTTP = WScript.CreateObject(“Microsoft.XMLHTTP”)

Call HTTP.Open(“HEAD”, “http://” & Site, False)
Call HTTP.Send()

MsgBox HTTP.GetAllResponseHeaders(), vbInformation, “Response Headers for ” & Site

Set HTTP = Nothing

Copy the code above to a text file and save it with a .vbs extension. Double-click on the file and you will be prompted to enter a web site to test.

headers_01

Enter the name of the web site to test and choose ‘Ok’. The script will send a request to the web server and display the response headers returned.

headers_02

Admittedly this code is very rudimentary, but it is a simple and effective way to troubleshoot HTTP connectivity issues. If you are interested in something similar that has many more features, including the ability to use specific HTTP commands, perform logging, use a proxy server, specify a USER AGENT string and much more, visit Jim Harrison’s ISATools.org and download his very powerful HTTP_TEST VBScript.

Leave a Comment » | Networking, Troubleshooting, Utilities | Permalink
Posted by Richard Hicks

Troubleshooting Basic HTTP Connectivity Using A Telnet Client

August 21, 2009

In my last blog post I demonstrated how to use the Windows telnet client to perform basic network connectivity troubleshooting. In this post I will demonstrate how to use the telnet client to interactively perform basic HTTP troubleshooting.

Note: This post assumes that you have a fundamental understanding of the HTTP protocol. If you are not familiar with HTTP and would like to learn more, there are some excellent books on the subject available. Two books that I recommend are HTTP – The Definitive Guide and the HTTP Pocket Reference, both from O’Reilly Books.

To begin, open a command prompt and enter the command telnet. This will bring up a telnet command prompt.

telnet_http_01

Notice that the escape character is CTRL+]. We’ll need to know this later. Next, enter the command set localecho. This command allows us see the text that we type in the command window.

telnet_http_02

To establish a connection to a web server on the default port, the command syntax is open <IP address, FQDN, or hostname> <port>.

For example…

open intranet.celestix.net 80

telnet_http_03

After you enter the open command and hit enter, it is not readily apparent that a connection has been made to the web server. That’s because the cursor immediately jumps to the upper left corner of the command window.

telnet_http_04

Before entering commands, hit the enter key a few times to bring the cursor to a clear area in the window.

telnet_http_05

Now that we have established a connection, we are ready to issue some basic HTTP commands to the web server. Let’s begin by retrieving the default web page for the site intranet.celestix.net. Although a full-featured HTTP client will send many request headers to a web server to retrieve content, the RFC specifies that only the HOST header is mandatory for HTTP 1.1. First we will send a GET command requesting the default page, then we will provide the HOST header to let the web server know which web site we are requesting content from (this is required because the web server may be hosting multiple web sites using the same IP address).

To retrieve the default page from intranet.celestix.net, enter the following commands:

GET / HTTP/1.1
HOST: intranet.celestix.net

telnet_http_06

These commands are case sensitive! Be sure to enter them exactly as shown above. After entering the HOST information, hit enter twice to send the commands to the web server. If successful, the web server will respond with the requested content.

telnet_http_07

Enter the escape command sequence CTRL+] to return to the telnet command prompt.

Additional Examples

Instead of retrieving the content of the web page, we could request that the web server send response headers only. This can be accomplished by entering the following commands:

HEAD / HTTP/1.1
HOST: intranet.celestix.net

telnet_http_08

If successful, the web server will send only the response headers and not the content of the web page itself.

telnet_http_09

Although somewhat useful in troubleshooting basic HTTP communication, the telnet client isn’t the best tool to use. As you will quickly see, the telnet client will not allow you to backspace if you make a typo entering a command. The advantage of using the telnet client is that it is installed on most Windows operating systems by default. Thankfully, a much more robust and feature rich tool is available from Microsoft. WFetch is a GUI utility that allows you to issue many different commands to the web server and includes support for multiple authentication methods. It includes the flexibility to manipulate headers and provides the ability to direct communication through a proxy server. If you are performing advanced troubleshooting or want to learn more about HTTP communication, you can find out more about using WFetch here.

1 Comment | Networking, Troubleshooting, Utilities | Permalink
Posted by Richard Hicks

« Previous Entries