Bandwidth Throttling with Robocopy

Bandwidth throttling with Robocopy

Calculate the /IPG number.

BA=Kbps of circuit

BD=approximate Kbps you want to allow

IPG = ((BA-BD)/BA*BD)*512*1000


Fix my IT system: Manage Windows Network Bandwidth with native QOS

Fix my IT system: Manage Windows Network Bandwidth with native QOS: Manage Windows Network Bandwidth with native QOS

Windows 2012 QOS!

-Name "FileCopy" -SMB -ThrottleRateActionBitsPerSecond 2MB

-Name "FileCopy" -ThrottleRateActionBitsPerSecond 10MB

-Name "FileCopy"



Recognizing and Categorizing Symptoms of Voice Quality Problems - Cisco

Recognizing and Categorizing Symptoms of Voice Quality Problems - Cisco:

Interesting categorization with sample sound bites.

How to Do TCP Sequence Number Analysis

How to Do TCP Sequence Number Analysis

  • TCP typically ACKs every other segment
  • Add sequence number, next sequence number, and acknowledgment number to your Wireshark columns
  • Next sequence number is sequence number plus TCP data payload length
  • ACK number tells you what data has been received and what the next received sequence number should be
  • TCP will ACK every packet when in recovery

  • Command line: Using tcpdump to find scanning activity

    Command line: Using tcpdump to find scanning activity

    Great Stuff from


    Windows DNS Server: Security Settings

    Do a DNS test at:
    DNS Stuff

    You will get warnings of various kinds.  A couple of important fixes are:

    Disable Version Query

    dnscmd /config /EnableVersionQuery  0

    Disable Recursion

    dnscmd  /Config /NoRecursion 1


    List all SPNs in Active Directory

    From TechNet

    $search = New-Object  DirectoryServices.DirectorySearcher([ADSI]“”)
    $search.filter = “(servicePrincipalName=*)”
    $results = $search.Findall()
    #list results
    foreach($result in $results)
            $userEntry  = $result.GetDirectoryEntry()
            Write-host "Object Name = " $ -backgroundcolor "yellow" -foregroundcolor "black"
            Write-host "DN      =      "  $userEntry.distinguishedName
            Write-host "Object Cat. = "  $userEntry.objectCategory
            Write-host "servicePrincipalNames"
            foreach($SPN in $userEntry.servicePrincipalName)
                Write-host  "SPN(" $i ")   =      " $SPN       $i+=1
            Write-host ""


    Packet Capture From Cisco Router


    ethanalyzer local interface inband limit-captured-frames 20000 autostop duration 120 write bootflash:capture.pcap

    IOS-XE Router

    monitor capture CAP int Gi0/0/1 both
    monitor capture CAP match ipv4 any any
    monitor capture CAP start
    show monitor capture CAP buffer brief
    monitor capture CAP stop
    monitor capture CAP export
    no monitor capture CAP

    IOS Router

    1. create access-list for packet filter
    2. access-list 1 permit
    3. create buffer
    4. monitor capture buffer holdpackets
    5. filter buffer
    6. monitor capture buffer holdpackets filter access-list 1
    7. create capture point
    8. monitor capture point ip cef mytrace all both
    9. associate capture point with buffer
    10. monitor capture point associate mytrace holdpackets
    11. start capture
    12. monitor capture point start mytrace
      • Look at progress
      show monitor capture buffer all parameters
      • See list of capture points
      show monitor capture point all
    13. Stop the capture
    14. monitor capture point stop mytrace
    15. Export buffer as PCAP
    16. monitor capture buffer holdpackets export tftp://
    17. Remove buffer
    18. no monitor capture buffer holdpackets
    19. Remove capture point
    20. no monitor capture point ip cef mytrace all both


    Windows Firewall Command Line

    Windows FW Command
    disable netsh advfirewall set domainprofile state off
    enable netsh advfirewall set domainprofile state on
    block it all netsh advfirewall set domainprofile firewallpolicy blockinboundalways,blockoutboundalways
    restore default netsh advfirewall reset
    restrict an app netsh advfirewall firewall add rule name="secure" dir=in action=deny program="c:\program files\app.exe" enable=yes
    allow app to range of IP's netsh advfirewall firewall add rule name="secure" dir=in action=allow program="c:\program files\app.exe" enable=yes remoteip=,LocalSubnet profile=domain

    Win7/8 Start Run Commands

    Win7/8 Start Run Commands

    Open Documents Folder documents
    Open Videos folder videos
    Open Downloads Folder downloads
    Open Favorites Folder favorites
    Open Recent Folder recent
    Open Recent Folder logoff
    Open Pictures Folder pictures
    Windows Sideshow control.exe /name Microsoft.WindowsSideshow
    Windows CardSpace control.exe /name Microsoft.cardspace
    Windows Anytime Upgrade WindowsAnytimeUpgradeui
    Taskbar and Start Menu control.exe /name Microsoft.TaskbarandStartMenu
    Troubleshooting control.exe /name Microsoft.Troubleshooting
    User Accounts control.exe /name Microsoft.UserAccounts
    Adding a new Device devicepairingwizard
    Add Hardware Wizard hdwwiz
    Advanced User Accounts netplwiz
    Advanced User Accounts azman.msc
    Backup and Restore sdclt
    Bluetooth File Transfer fsquirt
    Calculator calc
    Certificates certmgr.msc
    Change Computer Performance Settings systempropertiesperformance
    Change Data Execution Prevention Settings systempropertiesdataexecutionprevention
    Change Data Execution Prevention Settings printui
    Character Map charmap
    ClearType Tuner cttune
    Color Management colorcpl
    Command Prompt cmd
    Component Services comexp.msc
    Component Services dcomcnfg
    Computer Management compmgmt.msc
    Computer Management compmgmtlauncher
    Connessione proiettore di rete netproj
    Connect to a Projector displayswitch
    Control Panel control
    Create A Shared Folder Wizard shrpubw
    Create a System Repair Disc recdisc
    Credential Backup and Restore Wizard credwiz
    Data Execution Prevention systempropertiesdataexecutionprevention
    Date and Time timedate.cpl
    Default Location locationnotifications
    Device Manager devmgmt.msc
    Device Manager hdwwiz.cpl
    Device Pairing Wizard devicepairingwizard
    Diagnostics Troubleshooting Wizard msdt
    Digitizer Calibration Tool tabcal
    DirectX Diagnostic Tool dxdiag
    Disk Cleanup cleanmgr
    Disk Defragmenter dfrgui
    Disk Management diskmgmt.msc
    Display dpiscaling
    Display Color Calibration dccw
    Display Switch displayswitch
    DPAPI Key Migration Wizard dpapimig
    Driver Verifier Manager verifier
    Ease of Access Center utilman
    EFS Wizard rekeywiz
    Event Viewer eventvwr.msc
    Fax Cover Page Editor fxscover
    File Signature Verification sigverif
    Font Viewer fontview
    Game Controllers joy.cpl
    Getting Started gettingstarted
    IExpress Wizard iexpress
    Getting Started irprops.cpl
    Install or Uninstall Display Languages lusrmgr
    Internet Explorer iexplore
    Internet Options inetcpl.cpl
    iSCSI Initiator Configuration Tool iscsicpl
    Language Pack Installer lpksetup
    Local Group Policy Editor gpedit.msc
    Local Security Policy secpol.msc
    Local Users and Groups lusrmgr.msc
    Location Activity locationnotifications
    Magnifier magnify
    Malicious Software Removal Tool mrt
    Manage Your File Encryption Certificates rekeywiz
    Math Input Panel mip
    Microsoft Management Console mmc
    Microsoft Support Diagnostic Tool msdt
    Mouse main.cpl
    NAP Client Configuration napclcfg.msc
    Narrator narrator
    Network Connections ncpa.cpl
    New Scan Wizard wiaacmgr
    Notepad notepad
    ODBC Data Source Administrator odbcad32
    ODBC Driver Configuration odbcconf
    On-Screen Keyboard osk
    Paint mspaint
    Pen and Touch tabletpc.cpl
    People Near Me collab.cpl
    Performance Monitor perfmon.msc
    Performance Options systempropertiesperformance
    Phone and Modem telephon.cpl
    Phone Dialer dialer
    Power Options powercfg.cpl
    Presentation Settings presentationsettings
    Print Management printmanagement.msc
    Printer Migration printbrmui
    Printer User Interface printui
    Private Character Editor eudcedit
    Problem Steps Recorder psr
    Programs and Features appwiz.cpl
    Protected Content Migration dpapimig
    Region and Language intl.cpl
    Registry Editor regedit
    Registry Editor 32 regedt32
    Remote Access Phonebook rasphone
    Remote Desktop Connection mstsc
    Resource Monitor resmon
    Resultant Set of Policy rsop.msc
    SAM Lock Tool syskey
    Screen Resolution desk.cpl
    Securing the Windows Account Database syskey
    Services services.msc
    Set Program Access and Computer Defaults computerdefaults
    Share Creation Wizard shrpubw
    Shared Folders fsmgmt.msc
    Snipping Tool snippingtool
    Sound mmsys.cpl
    Sound recorder soundrecorder
    SQL Server Client Network Utility cliconfg
    Sticky Notes stikynot
    Stored User Names and Passwords credwiz
    Sync Center mobsync
    System Configuration msconfig
    System Configuration Editor sysedit
    System Information msinfo32
    System Properties sysdm.cpl
    System Properties (Advanced Tab) systempropertiesadvanced
    System Properties (Computer Name Tab) systempropertiescomputername
    System Properties (Hardware Tab) systempropertieshardware
    System Properties (Remote Tab) systempropertiesremote
    System Properties (System Protection Tab) systempropertiesprotection
    System Restore rstrui
    Task Manager taskmgr
    Task Scheduler taskschd.msc
    Trusted Platform Module (TPM) Management tpm.msc
    User Account Control Settings useraccountcontrolsettings
    Utility Manager utilman
    Version Reporter Applet winver
    Volume Mixer sndvol
    Windows Action Center wscui.cpl
    Windows Activation Client slui
    Windows Anytime Upgrade Results windowsanytimeupgraderesults
    Windows CardSpace infocardcpl.cpl
    Windows Disc Image Burning Tool isoburn
    Windows DVD Maker dvdmaker
    Windows Easy Transfer migwiz
    Windows Explorer explorer
    Windows Fax and Scan wfs
    Windows Features optionalfeatures
    Windows Firewall firewall.cpl
    Windows Firewall with Advanced Security wf.msc
    Windows Journal journal
    Windows Media Player wmplayer
    Windows Memory Diagnostic Scheduler mdsched
    Windows Mobility Center mblctr
    Windows Picture Acquisition Wizard wiaacmgr
    Windows PowerShell powershell
    Windows PowerShell ISE powershell_ise
    Windows Remote Assistance msra
    Windows Repair Disc recdisc
    Windows Script Host wscript
    Windows Update wuapp
    Windows Update Standalone Installer wusa
    Versione Windows winver
    WMI Management wmimgmt.msc
    WordPad write
    XPS Viewer xpsrchvw


    DNS Name Server Entries in Parent Domain

    Your domain registrar, for example Network Solutions, maintains the DNS records that resolve your name servers' names to IP's in the parent domain. Your name servers in your start of authority (SOA) might be, for example, and Records for resolution of those names to IP numbers need to be in the parent domain, such as .com.
    You can verify this with the following procedure:
    Input Result
    Default Server:  router.Belkin
    Default Server:
    > set norecurse
    > set q=NS
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =
    com     nameserver =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      internet address =      AAAA IPv6 address = 2001:503:a83e::2:30
    server    nameserver =    nameserver =    nameserver =    nameserver =    nameserver =    nameserver =  internet address =  internet address =  internet address =  internet address =  internet address =  internet address =  AAAA IPv6 address = 2001:500:13::73  AAAA IPv6 address = 2001:500:87::87  AAAA IPv6 address = 2001:43f8:110::10  AAAA IPv6 address = 2001:13c7:7010::53  AAAA IPv6 address = 2001:dd8:6::101  AAAA IPv6 address = 2001:67c:e0::1
    Default Server:  []
    Server:  []
    Address:     nameserver =     nameserver =     nameserver = internet address = internet address = internet address =


    Powershell: File Dialog

    Here is an example of presenting the user with a file dialog. 
    This script also does some conversion and opens the CSV in Excel when it's done.
    # SSID Report Conversion
    # Process SSID report from NCS.  Calculate connection time in seconds and KB transferred
    Function Get-FileName($initialDirectory)
     [System.Reflection.Assembly]::LoadWithPartialName("") | Out-Null
     $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
     $OpenFileDialog.ShowHelp = $true
     $OpenFileDialog.initialDirectory = $initialDirectory
     $OpenFileDialog.filter = "All files (*.*)| *.*"
     $OpenFileDialog.ShowDialog() | Out-Null
    } #end function Get-FileName
    [string]$infile = Get-FileName -initialDirectory "Downloads"
    if (-not $infile) { exit }
    $outfile = $infile -replace ".csv", "-ADJUSTED.csv"
    $file = get-content $infile
    $today = Get-Date
    $today = $today.touniversaltime()
    write-output "Converted:  $today" | out-file -encoding ASCII -filepath $outfile
    foreach ($line in $file) {
     $field = $line.split(",")
     if ($field.count -eq 13) {# report body
      if ($field[0] -eq "Client Username") { #header line (first field heading matches)
       $heading = $line + ",Seconds Connected,KBytes Transferred"
       write-output $heading | out-file -encoding ASCII -filepath $outfile -append
      } #end header line
      #fix average Kb
      $avgKbits = $field[6]
      if ($avgKbits -eq "<0.1") { $avgKbits = 0 }
      #Connection time in seconds
      $conn = $field[5]
      [array]$seperator = " hrs " , " min " , " sec"
      $option = [System.StringSplitOptions]::RemoveEmptyEntries
      $hours = 0
      $minutes = 0
      $seconds = 0
      $connection = 0
      $temp = $conn.split($seperator, $option)
      if ($temp.count -eq 3) {
       $hours = [int]$temp[0]
       $minutes = [int]$temp[1]
       $seconds = [int]$temp[2]
      elseif ($temp.count -eq 2) {
       $minutes = [int]$temp[0]
       $seconds = [int]$temp[1]
      elseif ($temp.count -eq 1) {
       $seconds = [int]$temp[0]
      $connection = ( $hours * 60 * 60 )  + ( $minutes * 60 ) + $seconds
      #Bytes transferred
      $KBytes = $connection * $avgKbits * 8
      $line = $line + "," + $connection + "," + $KBytes
      write-output $line | out-file -encoding ASCII -filepath $outfile -append
     }#end if 16 fields
     else {# report heading line (does not have 13 fields)
      write-output $line | out-file -encoding ASCII -filepath $outfile -append
     }#end else 
    }#end foreach line
    start excel $outfile


    Troubleshooting TCP Throughput

    Good presentation of TCP Throughput troubleshooting:
    Video with example:

    Thanks to

    Packet-Level: Am I looking at a trace from client side or server side?

    Look at 3 way handshake (SYN, SYN/ACK, ACK.)
      - Client side trace will have delay between SYN & SYN/ACK
      - Server side trace will have delay between SYN/ACK & ACK.

    Duh, this is obvious!  Some might say.  But I find it insightful as TCP analysis is just a "hobby" -- I do it so rarely in my work that I learn and re-learn each time I need to slog through a trace file.

    powershell query remote sharepoint

    Example of query to a sharepoint list on a remote machine.
    # Create $list of server names - in Service Catalog where status equals selection
    [array]$list = $null
    $uri = "http://portal/apps/systemscatalog/_vti_bin/lists.asmx?WSDL"
    $listName = "Server Catalog" 
    # Create xml query - get the whole list
    $xmlDoc = new-object System.Xml.XmlDocument
    $query = $xmlDoc.CreateElement("Query")
    $vfxml = "" +
     "" +
     "" +
     "" +
    $viewFields = $xmlDoc.CreateElement("ViewFields")
    $queryOptions = $xmlDoc.CreateElement("QueryOptions")
    $query.set_InnerXml("FieldRef Name='Full Name'") 
    $rowLimit = "3000"
    $serverlist = $null 
    $service = $null  
        $service = New-WebServiceProxy -Uri $uri  -Namespace SpWs  -UseDefaultCredential
        Write-Error $_ -ErrorAction:'SilentlyContinue' 
    if($service -ne $null){
            $serverlist = $service.GetListItems($listName, "", $query, $viewFields, $rowLimit, $queryOptions, $null)
            Write-Error $_  -ErrorAction:'SilentlyContinue'
    $output = $
    if ( -not $output) {
     "ERROR:  No output from sharepoint"
     "ERROR:  No output from sharepoint" | out-file $logfile -append
    [string]$status = $null
    foreach ($item in $output) {
     [string]$status = $item.ows_DeploymentStatus
     $Server = $item.ows_Title
     $dmz = $item.ows_IsDMZServer
     if ($dmz -eq $null) { $dmz = 0 }
     if($status -eq $selection) { 
       if ($filterDMZ -and (-not $dmz)) {
      if ($Server) { $list = $list + $Server} #skip a null value
       }#end if
       else {
           if ($Server) { $list = $list + $Server} #skip a null value
     }#end if
     [string]$status = $null 
    } #end foreach
    $list = $list | sort-object
    if ( -not $list) { 
        "ERROR:  No server list to check"
        "ERROR:  No server list to check" | out-file $logfile -append