Blog: Networking

Out of the box, Windows XP doesn’t have Remote Desktop enabled for connecting in to the PC.  You can access the registry of the remote machine and change the setting that will allow access (at least to administrators).

The target PC must have remote registry service enabled.  If it isn’t, you can open services.msc and connect to the remote PC and start it.

The next step is to open regedit and connect to remote PC.  Look for the following Registry key:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnection

Set the value to 0 to enable Remote Desktop, or 1 to disable.

Sdelete is a small useful utility by Mark Russinovich that will perform a secure delete within Windows.  In addition to deleting files and folders it has an option to cleanse free space on the disk.  This came in very handy when I needed to clean up a PC but couldn’t rebuild it.

You can download the utility and find lots of good information about how this works at http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

You cannot remote control another user’s session in terminal server through terminal server manager when connected to the console.  The only way it works is by originating through another RDP session.  I guess I haven’t been in this scenario before to run into this.

Connecting via VPN to a customer site has always caused problems with me trying to access the local network. My computer would try and use my VPN credentials to access the network, and naturally fail. A co-worker showed me the “cmdkey /delete /ras” command that would clear out those credentials so browsing the local network would work. [more]

So I, running Vista, fired up a command prompt with administrator privileges because I figured the cmdkey command required them. After running the command, I tried browsing the network and failed. Running cmdkey /list showed no credentials but my exchange credentials. I started a command prompt with regular privileges and ran the cmdkey /list. Sure enough, there were my dial-up credentials. Running the cmdkey /delete /ras cleared them out and everything worked.

After a clean install of WSUS 3.0sp1 (including installing several pre-reqs) the application log started getting 'selfupdate tree not working' errors.  I searched the web and found a KB article (http://support.microsoft.com/kb/920659) as well as many forum postings describing similar problems.  Many users think there is a bug in the install.  However, Microsoft does not confirm this.  The error condition can take many forms.  In my situation, I was using the default IIS website.  The 'selfupdate' virtual folder was not created, so I created it, mapping to the actual folder, and then corrected permissions for the local IUSR acct. After restarting the website, I immediately got a 'selfupdate' success entry in the log and PCs started checking in.

During a recent information security audit, I ran across a “unified threat management” system that I had not seen before called Untangle (www.untangle.com).  The bank was using it in place of a traditional firewall.  According the Untangle website, the Untangle Gateway is “the world’s first commercial-grade open source solution for blocking spam, spyware, viruses, adware and unwanted content on the network, provides a free and better alternative to costly, inflexible proprietary appliances.”  The interesting part is that the gateway runs on Linux and all the “modules” (firewall, IPS, web content blocker, etc.) are open source downloads, so the gateway is a free download.  Additionally, the source code for the Untangle gateway is available for download. [more]

You can choose to pay for certain modules such as Untangle support, an Active Directory connector, Kaspersky virus blocker, etc..  However, the rest of the modules can be downloaded and installed from a very simple GUI for free.  So far, I have not been able to find any major vulnerabilities or issues with this software.  Their target market is small to medium businesses that don’t want to pay the big bucks for Cisco, SonicWall, and other proprietary appliances.

Untangle also makes another product called “Re-Router” that is a network gateway/proxy server that runs in background on a Windows XP workstation.

There's a free utility I heard about from Steve Gibson on one of his podcasts that I have found useful.  It's called KatMouse - it mouse wheel-enables anything that scrolls.  The main reason I use it is I don't have to give focus to a window - just move the pointer over it and scroll.  Whatever you're hovering over will scroll - even if the window isn't on top.  You can find more details and download the application at http://ehiti.de/katmouse/.

When trying to use PlateSpin to seed a server image across a WAN connection for a DR site the job would fail after a certain amount of time. Come to find out the process has a time limit of 24 hours to finish or it will fail. This time limit is hard set and cannot be increased. A way around this is to use a local image server at both ends.

Update:  We've added another post that discusses WAN optimizations for Platespin that you'll want to read.

These are the basic steps you need to follow: [more]

1. Create an image server local to the source (Discover then right click in Portability Suite and choose install image server).
2. Capture the image (Drag the source to the image server).
3. Export the image (this step fixes the config.xml file point to the right location after it moves the image files).
   • The Image Operations tool is installed with the PowerConvert server and not with the Image server.
     On the PowerConvert server you have to locate the following folder: “C:\Program Files\PlateSpin PowerConvert Server\bin”
   • In that folder locate the folder: “ImageOperations” and copy it to the Image server.
   • On the Image server:
     1. Open a command prompt.
     2. Navigate to the folder “ImageOperations’ that was copied over from the PowerConvert server.
     3. Run the command “imageoperations /gather /imagepath={path of the image} /output={path that you want to place the copy of the image}” without the quotes.
     4. Once the command completes the folder specified in /output will contain the files that need to be copied to the other image server.
4. Move the files across the WAN (FTP, Physically, etc whatever method best works for the environment).
5. Create an image server local to the target ESX host.
6. Import the image into the image server local to the target.
   • The Image Operations tool is installed with the PowerConvert server and not with the Image server.
     On the PowerConvert server you have to locate the following folder: “C:\Program Files\PlateSpin PowerConvert Server\bin”
   • In that folder locate the folder: “ImageOperations” and copy it to the Image server.
   • On the new Image server:
     1. Copy the folder “ImageOperations” again to this folder from the PowerConvert server that installed this Image server.
     2. Open a command prompt.
     3. Navigate to the folder “ImageOperations” that was copied over from the PowerConvert server.
     4. Run the command “imageoperations /register /imagepath={path of files copied from old Image server}” without quotes.
     5. Once the command completes refresh the details of the Image server from within PowerConvert.
7. From the Discovered Server list expand the image server local to the target and deploy the image to target ESX host
8. Select the deployed server and choose Prepare For Synchronization
9. Setup a filed based server sync job.

Once completed the job should allow for incremental updates over a slower link without hitting the 24 hour time limit.

The Symantec Endpoint Protection Manager seems to have a few quirks.

While trying to push out a machine using the Find Unmanaged Computers tool, I kept seeing the machine in the unknown computers (example shown below). Pushing clients out to these machines would consistently fail. After disabling the firewall, I hit Search Now and tried the scan again. Once again, the machines would appear in the unknown computers tab.

On a whim, I closed the Find Unmanaged Computers tool and reopened it, filled in all the information, and hit search now. Much to my surprise, it appeared under the correct tab and I was successfully able to push out and install the clients.