Tools - Unlocker, by Cedrick Collomb

Ever had this annoying message given by Windows? "Cannot delete folder: it is being used by another person or program. Close any programs that might be using the file and try again".

Solution: use Unlocker, by Cedrick Collomb. Super tool for unlocking files, processes, determining who or what has files open etc. Of course, there are other tools which perform some of Unlocker's functions as well, but Unlocker does this in a very neat way.

Regards, Rene

Software - Cisco VPN Client update v5.0.03.0530 available

Hi there,

Just discovered that Cisco released an updated version of their VPN Client. As I am running Windows Vista Business Edition on my notebook, and the previous client had a lot of (performance) issues, I was really pleased to read about the new version.

Major "plus" about the new version: it is much faster in connecting to the remote VPN server (PIX / ASA / Concentrator). Where in the past making a connection took really about 20-30 seconds (and then sometimes would end in a "Failed to enable virtual adapter" error message), all of the connections work correct now and establishing a new VPN connection now only takes about 5 seconds or so.

Regards, Rene

Tools - Uptime.exe

From Microsoft's Knowledge Base, article number 232243:

SUMMARY

A new tool, Uptime.exe, is available for displaying system availability. Uptime.exe can be used to display the current uptime of the local or remote system. Optionally, it can also scan the Event log for key system events such as system restart or computers that are not responding (hanging). Where possible, it also calculates system availability. It is primarily intended for Windows NT Server 4.0 Service Pack 4 or later, though it operates in limited fashion on earlier versions.

MORE INFORMATION

Uptime.exe is a standalone program. To install the tool, simply copy the file into your Windows NT directory. You may then run the tool at a command prompt.

Despite the fact that this tool was originally written for WinNT4 SP4, it is still very handy! You can download it at the article page, mentioned at the top.

Regards, Rene

Lessons Learned - Cisco ASA 5510 and TCP request discarded

Hi there,

Some weeks ago, I mentioned having had some trouble trying to figure out why a Cisco ASA would allow traffic TO the interface (ie, for using SSH) and not THROUGH the interface (to reach a server on the LAN, from the outside). I also mentioned the solution there: when permitting traffic through the outside-interface, always mention "interface" in the static-statement instead of the IP-address.

Today, I ran into this problem again. But, slightly different this time (of course). The previous time, we were dealing with a single public IP address setup in a SOHO office. So, the customer had only one public IP address. My conclusion after troubleshooting that setup was, that you cannot use the exact public IP but have to use the "interface"-keyword instead.

This time, this customer does really have a business internet setup, with a routed subnet on the outside. Because I have multiple static's in this config, I decided to use the real public IP address in the static-statement, for reasons of clarity and readability. But that DOES NOT WORK.

Remember this: when using a Cisco ASA firewall, and using port forwarding to configure inbound traffic, ALWAYS (always!!) use the "interface"-keyword in the static-statement. So, something like:

• static (inside,outside) tcp interface [port] [private IP] [port]

That works!

Regards, Rene

Laughing Matters - Annoying software...

Everyone knows all about it: annoying software. Annoying behaviour, irritating interface, updates three times a week, software that you just did not ask for... Read all about the joys of software we really do not need at http://reviews.zdnet.co.uk/software/0,1000001048,39419834,00.htm.

Especially brilliant is their quote on Norton Antivirus:

It's a little unfair to pick on Norton Antivirus and make it carry the sins of half the desktop malware industry — but only a little unfair. If ever a class of software deserved to be cast into the lower reaches of Hell and run on Satan's own desktop, it is this. Performance- sapping, space-hogging, noisy, irritating and prone to inducing just as many problems as they purport to solve, these horrible, ineffective, expensive lumps of digital thuggery keep entire platoons of support engineers in business and home users in tears. We know. We get the phone calls.

Also read the truth about Microsoft Outlook and Exchange and a lot of others...

Regards, Rene

Problem mapping LPT1 as a non-Administrator

Last week, really spent some good time troubleshooting why LPT1 could not be mapped to a network printer queue. In this case, a user could use "net use lpt1 \\server1\printershare1" on this local machine, but not on the terminal server. Login script was fine, everything went fine, except for mapping the LPT1-port.

Turned out that the user had Administrative rights on the local machine, and was just a "Domain user" on the terminal server. (Whether this is good or bad is out of scope for this post... :-))

Did some googling, and first came up with this one: "Unable to Map (Net Use) LPT1 in Windows XP". After reading some more, it turned out that M$ itself has a knowledge base article on this: "Non-administrators cannot remap an LPT port to a network printer".

Different from what Microsoft says, I have found this issue only to occur for LPT1; other local ports can be mapped to network shares without a problem...

Regards, Rene

Tools - CurrPorts

CurrPorts is a nifty tool, that allows you to see which applications or services are listening on (occupying) what TCP or UDP ports. Also includes the option to kill processes etc. Download it here @ NirSoft.

Today, I was trying to get the excellent Kiwi Syslog Daemon working on a server, but although the program said the service was started, nothing would appear on-screen or in the logs. It appeared the UDP 514 port was already occupied by another syslog service (from Eicon's DIVA monitor, in this case), so Kiwi's Syslog Service could not start. Thanks to CurrPorts, this could be detected quite easily.

Regards, Rene

Laughing Matters - XADM: Directory Won't Start if System Date Later Than 2038

In this knowledge base article, Microsoft confirms a problem in Exchange 4.0 or 5.0. Event IDs 1121 and 5000 are logged when starting the Exchange server, which indicate that the Information Store service is not reachable (or not started).

Cause: The Directory service will not start if the system date is later than January 17, 2038.

There's no need to upgrade, however, because Microsoft is researching this problem and will post new information in the Microsoft Knowledge Base as it becomes available... :-)

Regards, Rene