Home » Computers » Networking

Category Archives: Networking

Windows Network Profile Registry Keys

This is the registry key path to a Windows computer’s network profiles:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles
The network profiles are for both wired and wireless connections.
The DWORD Category value sets type of connection:
0 = Public (sharing disabled)
1 = Private (home, sharing enabled)
2 = Domain (AD, sharing enabled)

The Domain connection type also needs the DWORD Managed value set to 1 and the the DWORD NameType set to 6.

FYI: The biggest impact and usage for these three network types is to control the Windows Firewall (wf.msc) rules.

To change the network Category using PowerShell see this article:
http://windowsitpro.com/powershell/how-force-network-type-windows-using-powershell

Cisco Simulator

The Cisco Network Simulator, Router Simulator & Switch Simulator

The Boson NetSim Network Simulator is an application that simulates Cisco Systems’ networking hardware and software and is designed to aid the user in learning the Cisco IOS command structure.
http://www.boson.com/

CUCM and CCX – Change IP Address

Changing the IP Address and Hostname for Cisco Unified Communications Manager, Release 9.1(1)

Changing the IP Address and Hostname for Cisco Unified Communications Manager, Release 9.0(1)

Settings for Cisco Unified CCX Release 9.0(1)

How to Find a Lost, Missing, Hidden or Removed Network Card

How to Find a Lost, Missing, Hidden or Removed Network Card (NIC) or Other Device and Even Remove it

Microsoft NPS with Cisco Equipment Using RADIUS

See this article: Integrating Cisco devices CLI access with Microsoft NPS/RADIUS

Should be cheaper than Cisco’s ACS or ISE systems for small to medium 50-1000 user/computer  organizations.

Think about PCI/DSS (3.0) when analyzing cost/risk/liability/brand reputation.

IIS port (socket) pooling

 

To add an IP address to the IP inclusion list

  1. Click Start, and then click Run.
  2. Type cmd, and then click OK to open a command prompt.
  3. Type the following, where xxx.xxx.x.x is the IP address you want to add:

httpcfg set iplisten -i xxx.xxx.x.x

When this succeeds, Httpcfg returns the following:

HttpSetServiceConfiguration completed with 0
To view additional status codes, see the Httpcfg help.

  1. After the IP address is added, use the following command to list it:

httpcfg query iplisten

Httpcfg returns the following:

IP :xxx.xxx.x.x

  1. From the command prompt, stop the HTTP service and its dependent services. To do this, type the following string at the command prompt:

net stop http /y

  1. From the command prompt, restart the HTTP service and it dependent services. To do this, type the following string at the command prompt:

net start w3svc

Note When you start w3svc, all services that were stopped when HTTP was stopped will start.

 

Connect to Windows Internal Database (WID) on Server 2012

There has been a change to the Named Pipe path of the Window Internal Database (WID) on Windows Servers 2012.  The new path uses “tsql” instead of “sql” that has been in all previous versions.

Use this string in the “Server name” field of the “Connect to Server” dialog of the Microsoft SQL Server Management Studio program:

\\\\.\pipe\\MICROSOFT##WID\\tsql\\query

Reset Windows Offline Files Cache Database (CSC)

Use this command line to set the registry flag that controls flushing/reformatting of the Windows Offline Network Files Cache Database when Windows boots up:

REG ADD “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache” /v FormatDatabase /t REG_DWORD /d 1 /f

Windows Server Multipath I/O

You can enable the Windows Server 2008 R2 Multipath I/O (MPIO) feature from the command line using this DISM command:

dism /online /enable-feature:MultipathIo

To disable this feature use:

dism /online /disable-feature:MultipathIo

To show the currently enabled/installed features use this DISM command:

dism /online /get-features

VMware Networking Issues with Windows 7

If you need a Firewall between the physical host and its guest virtual machines, this workaround is not for you.

The problem is that on Windows 7 (x86/x64) the VMware virtual adapters and subnets are found and reported as “Unidentified Network”. This means that the built-in Windows Firewall can only treat the VMware networks, and thus the guest VMs, as type Public.

When the network type is set to Public, the Windows Firewall by default blocks Microsoft File & Print, and other most other network traffic, which effectively prevents useful direct communication between the physical host and its VM guests. You might, if allowed, disable the Firewall or configure exception rules for the VMware virtual subnets and/or hosts. Disabling the Firewall for all public networks is a bad security practice and managing the Windows Firewall is a tedious task that still leaves potential security holes.

Below are the instructions from the VMware Knowledge Base Article 1004813 that I used to change the VMware virtual network adapters to be endpoints. Endpoints do not show up in the “Network and Sharing Center” are also excluded from control of the Windows Firewall. This makes it easier to manage the Firewall rules and Home, Work, and Public network types for real, physical adapters.

This work around solution can be used until VMware updates their networking technology to meet current operating systems standards.

# VMware KB Article: 1004813
# Updated: Apr 29, 2010

Redefine the VMware virtual NICs as endpoint devices

This procedure is permanent and allows for the continued use of Bridged, NAT, and Host Only networking. However, doing this causes the VMware virtual NICs to disappear from the Network and Sharing Center, even though they remain visible under Network Connections. This also causes the VMware virtual NICs to be exempt from all Windows Firewall access rules. When implemented, the control of virtual machine network access must be done from the guest operating system of each virtual machine. This bypasses the default security model of Windows Vista with respect to the the VMware virtual NICs, and the implications of using this procedure must be carefully considered.

To redefine the VMware virtual NICs as endpoint devices:

  1. Click Start > Run.
  2. Type regedit and click OK.
  3. Double-click HKEY_LOCAL_MACHINE>System>CurrentControlSet>Control>Class>{4D36E972-E325-11CE-BFC1-08002BE10318}.
    Caution: VMware recommends that you back up this registry key before proceeding:
    1. If {4D36E972-E325-11CE-BFC1-08002BE10318} is not still highlighted, click it.
    2. Click File > Export.
    3. Pick a location and name for the Registration File (*.reg).
    4. Click Save.
  4. Click 0000.
  5. Look at the content of the Data field associated with the DriverDesc entry.
  6. If you see VMware Virtual Ethernet Adapter for VMnetx , where x is replaced by a number, then:
    1. Right-click an empty space in the right content pane.
    2. Click New > Dword.
    3. Type *NdisDeviceType
      and press Enter.
      Note: Ensure to include the asterisk (*) at the beginning of the entry.
    4. Double-click *NdisDeviceType.
    5. Type 1 and press Enter.
  7. Repeat steps 4-6, replacing 0000 in step 4 with the next entry in numerical order, until you have reached the end of all numerical entries.
  8. Follow the Disable the VMware virtual NICs section of this article above.
  9. Repeat step 8 but click Enable this network device instead.

Better DNS Servers

Free Fast Public DNS Servers

Service provider: Google

=> Google public dns server IP address:

  • 8.8.8.8
  • 8.8.4.4

=> Service provider:Dnsadvantage
Dnsadvantage free dns server list:

  • 156.154.70.1
  • 156.154.71.1

=> Service provider:OpenDNS
OpenDNS free dns server list / IP address:

  • 208.67.222.222
  • 208.67.220.220

=> Service provider:Norton
Norton free dns server list / IP address:

  • 198.153.192.1
  • 198.153.194.1

=> Service provider: GTEI DNS (now Verizon)
Public Name server IP address:

  • 4.2.2.1
  • 4.2.2.2
  • 4.2.2.3
  • 4.2.2.4
  • 4.2.2.5
  • 4.2.2.6

=> Service provider: ScrubIt
Public dns server address:

  • 67.138.54.100
  • 207.225.209.66
  • 4.2.2.1
  • 4.2.2.2
  • 4.2.2.3
  • 4.2.2.4
  • 4.2.2.5
  • 4.2.2.6

WinRM & WinRS multi-hop

Multi-Hop Support in WinRM
http://msdn.microsoft.com/en-us/library/ee309365(VS.85).aspx

Windows Remote Management (WinRM) supports the delegation of user credentials across multiple remote computers. The multi-hop support functionality can now use Credential Security Service Provider (CredSSP) for authentication. CredSSP enables an application to delegate the user’s credentials from the client computer to the target server. CredSSP authentication is intended for environments where Kerberos delegation cannot be used. ***Support for CredSSP was added to allow a user to connect to a remote server and have the ability to access a second-hop machine, such as a file share. ***

To configure multi-hop support using CredSSP authentication for WinRM

CredSSP must be enabled in the client configuration settings.
winrm set winrm/config/client/auth '@{CredSSP="true"}'


CredSSP must be enabled in the WinRM service configuration settings.
winrm set winrm/config/service/auth '@{CredSSP="true"}'

Example
Using CredSSP Authentication with Explicit Credentials
winm OPERATION –remote:https://myMachine –authentication:CredSSP –username:myUsername –password:myPassword

Google starts offering Public DNS

Google is now offering public DNS service.

The two DNS server IP addresses are:
8.8.8.8
8.8.4.4

(more…)

Fire at Fisher Plaza…

Sucks to be hosted at Fisher Plaza data center today. #fisherfire http://bit.ly/vozbD or http://bit.ly/3FQYY

Cisco ASA 5505 blocking Internet Radio

regueiro writes:
I have blocked Internet radio who use port 80.
You should inspect the port and you can add this commands

regex audio-mpeg "audio/.*"

 

policy-map type inspect http test_radio
parameters
protocol-violation action drop-connection log
match response header content-type regex audio-mpeg
drop-connection log
match request header user-agent regex _default_windows-media-player-tunnel
drop-connection log

 

 

class global-class-test
inspect http test_radio
 

 

To help you, use a sniffer and capture radio traffic and see http headers.
It is easy to block streaming from media-player, but for other I check the response header and when I see audio/* (like audio/* where * can be mpeg, x-mpeg, mpeg3, and/or x-mepg3 …) I close the connection. 

Sorry for my bad english.

 

ASA 5505 to block Internet radio

regueiro writes:
I have blocked Internet radio who use port 80.
You should inspect the port and you can add this commands

regex audio-mpeg "audio/.*"

policy-map type inspect http test_radio
parameters
protocol-violation action drop-connection log
match response header content-type regex audio-mpeg
drop-connection log
match request header user-agent regex _default_windows-media-player-tunnel
drop-connection log

class global-class-test
inspect http test_radio

To help you, use a sniffer and capture radio traffic and see http headers.
It is easy to block streaming from media-player, but for other I check the response header and when I see audio/*   (like audio/*  where * can be mpeg,  x-mpeg,  mpeg3,  and/or x-mepg3 …) I close the connection.

Sorry for my bad english.