Bandwidth throttling with Robocopy
Calculate the /IPG number.
BA=Kbps of circuit
BD=approximate Kbps you want to allow
IPG = ((BA-BD)/BA*BD)*512*1000
12/03/2015
10/28/2015
10/22/2015
Fix my IT system: Manage Windows Network Bandwidth with native QOS
Fix my IT system: Manage Windows Network Bandwidth with native QOS: Manage Windows Network Bandwidth with native QOS
Windows 2012 QOS!
-Name "FileCopy" -SMB -ThrottleRateActionBitsPerSecond 2MB
Set-NetQosPolicy
-Name "FileCopy" -ThrottleRateActionBitsPerSecond 10MB
Remove-NetQosPolicy
-Name "FileCopy"
Windows 2012 QOS!
Get-NetQosPolicy
New-NetQosPolicy-Name "FileCopy" -SMB -ThrottleRateActionBitsPerSecond 2MB
Set-NetQosPolicy
-Name "FileCopy" -ThrottleRateActionBitsPerSecond 10MB
Remove-NetQosPolicy
-Name "FileCopy"
10/21/2015
10/20/2015
Reverse DNS records not registered when using DHCP
Reverse DNS records not registered when using DHCP
Windows client > NIC > ipv4 > check the box named:
Use this connection's DNS suffix in DNS registration
Windows client > NIC > ipv4 > check the box named:
Use this connection's DNS suffix in DNS registration
10/19/2015
Recognizing and Categorizing Symptoms of Voice Quality Problems - Cisco
Recognizing and Categorizing Symptoms of Voice Quality Problems - Cisco:
Interesting categorization with sample sound bites.
Interesting categorization with sample sound bites.
How to Do TCP Sequence Number Analysis
How to Do TCP Sequence Number Analysis
From packetbomb.com
TCP typically ACKs every other segment
Add sequence number, next sequence number, and acknowledgment number to your Wireshark columns
Next sequence number is sequence number plus TCP data payload length
ACK number tells you what data has been received and what the next received sequence number should be
TCP will ACK every packet when in recovery
From packetbomb.com
10/02/2015
Windows DNS Server: Security Settings
Do a DNS test at:
DNS Stuff
You will get warnings of various kinds. A couple of important fixes are:
DNS Stuff
You will get warnings of various kinds. A couple of important fixes are:
Disable Version Query
dnscmd /config /EnableVersionQuery 0
Disable Recursion
dnscmd /Config /NoRecursion 1
10/01/2015
9/29/2015
List all SPNs in Active Directory
From TechNet
cls
$search = New-Object DirectoryServices.DirectorySearcher([ADSI]“”)
$search.filter = “(servicePrincipalName=*)”
$results = $search.Findall()
#list results
foreach($result in $results)
{
$userEntry = $result.GetDirectoryEntry()
Write-host "Object Name = " $userEntry.name -backgroundcolor "yellow" -foregroundcolor "black"
Write-host "DN = " $userEntry.distinguishedName
Write-host "Object Cat. = " $userEntry.objectCategory
Write-host "servicePrincipalNames"
$i=1
foreach($SPN in $userEntry.servicePrincipalName)
{
Write-host "SPN(" $i ") = " $SPN $i+=1
}
Write-host ""
}
7/12/2015
Packet Capture From Cisco Router
7K
ethanalyzer
local interface inband limit-captured-frames 20000 autostop duration 120 write
bootflash:capture.pcap
IOS-XE Router
monitor capture
CAP int Gi0/0/1 both
monitor capture
CAP match ipv4 any any
monitor capture
CAP start
show monitor
capture CAP buffer brief
monitor capture
CAP stop
monitor capture
CAP export ftp://10.1.10.27/CAP.pcap
no monitor
capture CAP
IOS Router
- create access-list for packet filter
- create buffer
- filter buffer
- create capture point
- associate capture point with buffer
- start capture
- Look at progress
- See list of capture points
- Stop the capture
- Export buffer as PCAP
- Remove buffer
- Remove capture point
access-list 1 permit 10.100.1.45
monitor capture buffer holdpackets
monitor capture buffer holdpackets filter access-list 1
monitor capture point ip cef mytrace all both
monitor capture point associate mytrace holdpackets
monitor capture point start mytrace
show monitor capture buffer all parameters
show monitor capture point all
monitor capture point stop mytrace
monitor capture buffer holdpackets export
tftp://10.1.10.27/mytrace.pcap
no monitor capture buffer holdpackets
no monitor capture point ip cef mytrace all both
4/14/2015
3/26/2015
Windows Firewall Command Line
Windows FW | Command |
disable | netsh advfirewall set domainprofile state off |
enable | netsh advfirewall set domainprofile state on |
block it all | netsh advfirewall set domainprofile firewallpolicy blockinboundalways,blockoutboundalways |
restore default | netsh advfirewall reset |
restrict an app | netsh advfirewall firewall add rule name="secure" dir=in action=deny program="c:\program files\app.exe" enable=yes |
allow app to range of IP's | netsh advfirewall firewall add rule name="secure" dir=in action=allow program="c:\program files\app.exe" enable=yes remoteip=206.13.28.12,LocalSubnet profile=domain |
Win7/8 Start Run Commands
Win7/8 Start Run Commands
Open Documents Folder | documents |
Open Videos folder | videos |
Open Downloads Folder | downloads |
Open Favorites Folder | favorites |
Open Recent Folder | recent |
Open Recent Folder | logoff |
Open Pictures Folder | pictures |
Windows Sideshow | control.exe /name Microsoft.WindowsSideshow |
Windows CardSpace | control.exe /name Microsoft.cardspace |
Windows Anytime Upgrade | WindowsAnytimeUpgradeui |
Taskbar and Start Menu | control.exe /name Microsoft.TaskbarandStartMenu |
Troubleshooting | control.exe /name Microsoft.Troubleshooting |
User Accounts | control.exe /name Microsoft.UserAccounts |
Adding a new Device | devicepairingwizard |
Add Hardware Wizard | hdwwiz |
Advanced User Accounts | netplwiz |
Advanced User Accounts | azman.msc |
Backup and Restore | sdclt |
Bluetooth File Transfer | fsquirt |
Calculator | calc |
Certificates | certmgr.msc |
Change Computer Performance Settings | systempropertiesperformance |
Change Data Execution Prevention Settings | systempropertiesdataexecutionprevention |
Change Data Execution Prevention Settings | printui |
Character Map | charmap |
ClearType Tuner | cttune |
Color Management | colorcpl |
Command Prompt | cmd |
Component Services | comexp.msc |
Component Services | dcomcnfg |
Computer Management | compmgmt.msc |
Computer Management | compmgmtlauncher |
Connessione proiettore di rete | netproj |
Connect to a Projector | displayswitch |
Control Panel | control |
Create A Shared Folder Wizard | shrpubw |
Create a System Repair Disc | recdisc |
Credential Backup and Restore Wizard | credwiz |
Data Execution Prevention | systempropertiesdataexecutionprevention |
Date and Time | timedate.cpl |
Default Location | locationnotifications |
Device Manager | devmgmt.msc |
Device Manager | hdwwiz.cpl |
Device Pairing Wizard | devicepairingwizard |
Diagnostics Troubleshooting Wizard | msdt |
Digitizer Calibration Tool | tabcal |
DirectX Diagnostic Tool | dxdiag |
Disk Cleanup | cleanmgr |
Disk Defragmenter | dfrgui |
Disk Management | diskmgmt.msc |
Display | dpiscaling |
Display Color Calibration | dccw |
Display Switch | displayswitch |
DPAPI Key Migration Wizard | dpapimig |
Driver Verifier Manager | verifier |
Ease of Access Center | utilman |
EFS Wizard | rekeywiz |
Event Viewer | eventvwr.msc |
Fax Cover Page Editor | fxscover |
File Signature Verification | sigverif |
Font Viewer | fontview |
Game Controllers | joy.cpl |
Getting Started | gettingstarted |
IExpress Wizard | iexpress |
Getting Started | irprops.cpl |
Install or Uninstall Display Languages | lusrmgr |
Internet Explorer | iexplore |
Internet Options | inetcpl.cpl |
iSCSI Initiator Configuration Tool | iscsicpl |
Language Pack Installer | lpksetup |
Local Group Policy Editor | gpedit.msc |
Local Security Policy | secpol.msc |
Local Users and Groups | lusrmgr.msc |
Location Activity | locationnotifications |
Magnifier | magnify |
Malicious Software Removal Tool | mrt |
Manage Your File Encryption Certificates | rekeywiz |
Math Input Panel | mip |
Microsoft Management Console | mmc |
Microsoft Support Diagnostic Tool | msdt |
Mouse | main.cpl |
NAP Client Configuration | napclcfg.msc |
Narrator | narrator |
Network Connections | ncpa.cpl |
New Scan Wizard | wiaacmgr |
Notepad | notepad |
ODBC Data Source Administrator | odbcad32 |
ODBC Driver Configuration | odbcconf |
On-Screen Keyboard | osk |
Paint | mspaint |
Pen and Touch | tabletpc.cpl |
People Near Me | collab.cpl |
Performance Monitor | perfmon.msc |
Performance Options | systempropertiesperformance |
Phone and Modem | telephon.cpl |
Phone Dialer | dialer |
Power Options | powercfg.cpl |
Presentation Settings | presentationsettings |
Print Management | printmanagement.msc |
Printer Migration | printbrmui |
Printer User Interface | printui |
Private Character Editor | eudcedit |
Problem Steps Recorder | psr |
Programs and Features | appwiz.cpl |
Protected Content Migration | dpapimig |
Region and Language | intl.cpl |
Registry Editor | regedit |
Registry Editor 32 | regedt32 |
Remote Access Phonebook | rasphone |
Remote Desktop Connection | mstsc |
Resource Monitor | resmon |
Resultant Set of Policy | rsop.msc |
SAM Lock Tool | syskey |
Screen Resolution | desk.cpl |
Securing the Windows Account Database | syskey |
Services | services.msc |
Set Program Access and Computer Defaults | computerdefaults |
Share Creation Wizard | shrpubw |
Shared Folders | fsmgmt.msc |
Snipping Tool | snippingtool |
Sound | mmsys.cpl |
Sound recorder | soundrecorder |
SQL Server Client Network Utility | cliconfg |
Sticky Notes | stikynot |
Stored User Names and Passwords | credwiz |
Sync Center | mobsync |
System Configuration | msconfig |
System Configuration Editor | sysedit |
System Information | msinfo32 |
System Properties | sysdm.cpl |
System Properties (Advanced Tab) | systempropertiesadvanced |
System Properties (Computer Name Tab) | systempropertiescomputername |
System Properties (Hardware Tab) | systempropertieshardware |
System Properties (Remote Tab) | systempropertiesremote |
System Properties (System Protection Tab) | systempropertiesprotection |
System Restore | rstrui |
Task Manager | taskmgr |
Task Scheduler | taskschd.msc |
Trusted Platform Module (TPM) Management | tpm.msc |
User Account Control Settings | useraccountcontrolsettings |
Utility Manager | utilman |
Version Reporter Applet | winver |
Volume Mixer | sndvol |
Windows Action Center | wscui.cpl |
Windows Activation Client | slui |
Windows Anytime Upgrade Results | windowsanytimeupgraderesults |
Windows CardSpace | infocardcpl.cpl |
Windows Disc Image Burning Tool | isoburn |
Windows DVD Maker | dvdmaker |
Windows Easy Transfer | migwiz |
Windows Explorer | explorer |
Windows Fax and Scan | wfs |
Windows Features | optionalfeatures |
Windows Firewall | firewall.cpl |
Windows Firewall with Advanced Security | wf.msc |
Windows Journal | journal |
Windows Media Player | wmplayer |
Windows Memory Diagnostic Scheduler | mdsched |
Windows Mobility Center | mblctr |
Windows Picture Acquisition Wizard | wiaacmgr |
Windows PowerShell | powershell |
Windows PowerShell ISE | powershell_ise |
Windows Remote Assistance | msra |
Windows Repair Disc | recdisc |
Windows Script Host | wscript |
Windows Update | wuapp |
Windows Update Standalone Installer | wusa |
Versione Windows | winver |
WMI Management | wmimgmt.msc |
WordPad | write |
XPS Viewer | xpsrchvw |
3/02/2015
DNS Name Server Entries in Parent Domain
Your domain registrar, for example Network Solutions, maintains the DNS records that resolve your name servers' names to IP's in the parent domain. Your name servers in your start of authority (SOA) might be, for example, ns1.examplename.com and ns2.examplename.com. Records for resolution of those names to IP numbers need to be in the parent domain, such as .com.
You can verify this with the following procedure:
You can verify this with the following procedure:
Input | Result |
nslookup l.root-servers.net |
199.7.83.42 |
nslookup |
|
server 199.7.83.42 |
|
|
|
server 192.5.6.30 |
|
EXAMPLENAME.com. |
|
2/04/2015
2/02/2015
1/28/2015
1/22/2015
1/20/2015
9 Common Spanning Tree Mistakes | Network World
9 Common Spanning Tree Mistakes | Network World: Frequent spanning tree protocol misconfigurations cause network problems
1/14/2015
Powershell: File Dialog
Here is an example of presenting the user with a file dialog.
This script also does some conversion and opens the CSV in Excel when it's done.
This script also does some conversion and opens the CSV in Excel when it's done.
############################################################################################
#
# SSID Report Conversion
# Process SSID report from NCS. Calculate connection time in seconds and KB transferred
#
Function Get-FileName($initialDirectory)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
$OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
$OpenFileDialog.ShowHelp = $true
$OpenFileDialog.initialDirectory = $initialDirectory
$OpenFileDialog.filter = "All files (*.*)| *.*"
$OpenFileDialog.ShowDialog() | Out-Null
$OpenFileDialog.filename
} #end function Get-FileName
#
[string]$infile = Get-FileName -initialDirectory "Downloads"
if (-not $infile) { exit }
$outfile = $infile -replace ".csv", "-ADJUSTED.csv"
$file = get-content $infile
$today = Get-Date
$today = $today.touniversaltime()
write-output "Converted: $today" | out-file -encoding ASCII -filepath $outfile
foreach ($line in $file) {
$field = $line.split(",")
if ($field.count -eq 13) {# report body
if ($field[0] -eq "Client Username") { #header line (first field heading matches)
$heading = $line + ",Seconds Connected,KBytes Transferred"
write-output $heading | out-file -encoding ASCII -filepath $outfile -append
continue
} #end header line
#fix average Kb
$avgKbits = $field[6]
if ($avgKbits -eq "<0.1") { $avgKbits = 0 }
#Connection time in seconds
$conn = $field[5]
[array]$seperator = " hrs " , " min " , " sec"
$option = [System.StringSplitOptions]::RemoveEmptyEntries
$hours = 0
$minutes = 0
$seconds = 0
$connection = 0
$temp = $conn.split($seperator, $option)
if ($temp.count -eq 3) {
$hours = [int]$temp[0]
$minutes = [int]$temp[1]
$seconds = [int]$temp[2]
}
elseif ($temp.count -eq 2) {
$minutes = [int]$temp[0]
$seconds = [int]$temp[1]
}
elseif ($temp.count -eq 1) {
$seconds = [int]$temp[0]
}
$connection = ( $hours * 60 * 60 ) + ( $minutes * 60 ) + $seconds
#Bytes transferred
$KBytes = $connection * $avgKbits * 8
$line = $line + "," + $connection + "," + $KBytes
write-output $line | out-file -encoding ASCII -filepath $outfile -append
}#end if 16 fields
else {# report heading line (does not have 13 fields)
write-output $line | out-file -encoding ASCII -filepath $outfile -append
}#end else
}#end foreach line
start excel $outfile
1/12/2015
Troubleshooting TCP Throughput
Good presentation of TCP Throughput troubleshooting:
PDF: http://packetbomb.com/understanding-throughput-and-tcp-windows
Video with example:
https://www.youtube.com/watch?v=qFWjugyKyrE
Thanks to kory@packetbomb.com
PDF: http://packetbomb.com/understanding-throughput-and-tcp-windows
Video with example:
https://www.youtube.com/watch?v=qFWjugyKyrE
Thanks to kory@packetbomb.com
Packet-Level: Am I looking at a trace from client side or server side?
Look at 3 way handshake (SYN, SYN/ACK, ACK.)
- Client side trace will have delay between SYN & SYN/ACK
- Server side trace will have delay between SYN/ACK & ACK.
Duh, this is obvious! Some might say. But I find it insightful as TCP analysis is just a "hobby" -- I do it so rarely in my work that I learn and re-learn each time I need to slog through a trace file.
- Client side trace will have delay between SYN & SYN/ACK
- Server side trace will have delay between SYN/ACK & ACK.
Duh, this is obvious! Some might say. But I find it insightful as TCP analysis is just a "hobby" -- I do it so rarely in my work that I learn and re-learn each time I need to slog through a trace file.
powershell query remote sharepoint
Example of query to a sharepoint list on a remote machine.
############################################################################################
# Create $list of server names - in Service Catalog where status equals selection
#
[array]$list = $null
$uri = "http://portal/apps/systemscatalog/_vti_bin/lists.asmx?WSDL"
$listName = "Server Catalog"
# Create xml query - get the whole list
$xmlDoc = new-object System.Xml.XmlDocument
$query = $xmlDoc.CreateElement("Query")
$vfxml = "" +
" " +
" " +
" " +
" "
$viewFields = $xmlDoc.CreateElement("ViewFields")
$queryOptions = $xmlDoc.CreateElement("QueryOptions")
$query.set_InnerXml("FieldRef Name='Full Name'")
$rowLimit = "3000"
$serverlist = $null
$service = $null
try{
$service = New-WebServiceProxy -Uri $uri -Namespace SpWs -UseDefaultCredential
}
catch{
Write-Error $_ -ErrorAction:'SilentlyContinue'
}
if($service -ne $null){
try{
$serverlist = $service.GetListItems($listName, "", $query, $viewFields, $rowLimit, $queryOptions, $null)
}
catch{
Write-Error $_ -ErrorAction:'SilentlyContinue'
}
}
$output = $serverlist.data.row
if ( -not $output) {
clear-host
"ERROR: No output from sharepoint"
"ERROR: No output from sharepoint" | out-file $logfile -append
exit
}
[string]$status = $null
foreach ($item in $output) {
[string]$status = $item.ows_DeploymentStatus
$Server = $item.ows_Title
$dmz = $item.ows_IsDMZServer
if ($dmz -eq $null) { $dmz = 0 }
if($status -eq $selection) {
if ($filterDMZ -and (-not $dmz)) {
if ($Server) { $list = $list + $Server} #skip a null value
}#end if
else {
if ($Server) { $list = $list + $Server} #skip a null value
}
}#end if
[string]$status = $null
} #end foreach
#
$list = $list | sort-object
if ( -not $list) {
"ERROR: No server list to check"
"ERROR: No server list to check" | out-file $logfile -append
exit
}
1/08/2015
tcp analysis: time sequence graph (tcptrace)
Great troubleshooting tip video using WireShark:
Time Sequence Graph - Info (PDF)
Time Sequence Graph - Video
Thanks Kary@packetbomb.com
Time Sequence Graph - Info (PDF)
Time Sequence Graph - Video
Thanks Kary@packetbomb.com
Subscribe to:
Posts (Atom)