Recently, one site has been blocked from multiple web-based services. All of the services were using Amazon CloudFront as backend. One by one, when the vendors were contacted, they all found that CloudFront was blocking their site’s external Internet IP. This was happening despite the fact that a large number of blacklist checks were coming up green. Eventually, I found these:
talosintelligence.com/reputation_center
www.ipqualityscore.com
www.apivoid.com/tools/ip-reputation-check/
which do a lot more. Not sure how timely some of the reporting is. And they still did not explain the CloudFront issues.
Categories:
Internet Networking
If you can get to an administrative or system shell:
Reset-ComputerMachinePassword -Server DC.domain.local -Credential (Get-Credential)
Categories:
Powershell
Windows OS-Level Issues
Categories:
Router/Firewall Configuration
This works rather well with the .EXE installer:
installer.exe --dont_fail_on_config_preserving_failures -t "site-token-in-quotes" /qn
Do make sure the site token is in quotes.
Categories:
SentinelOne
Categories:
Apple Integration
Firewalls
Works well, much better than the old Liebert/Emerson. Register for the web site to download the free-of-charge version. USB and Ethernet.
www.vertiv.com/en-us/products-catalog/monitoring-control-and-management/software/vertiv-power-assist/
Categories:
UPS
In one swell foop, sync your AD to other domain controllers and Azure. Paste this into administrative Powershell, on the domain controller which does your Azure sync:
repadmin /syncall /AdeP
Import-Module ADSync
Start-ADSyncSyncCycle -PolicyType Initial
And here is the same command set, suitable for a batch file to be run as administrator:
repadmin /syncall /AdeP
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command ^
"Import-Module ADSync; Start-ADSyncSyncCycle -PolicyType Initial"
And one more, also a batch file, transmitting only to Azure, without the LAN-LAN AD sync. Needed when the synchronizer is not run on a domain controller:
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command ^
"Import-Module ADSync; Start-ADSyncSyncCycle -PolicyType Initial"
Categories:
Active Directory
Azure
It appears that there is a new standard of Microsoft Windows TCP/UDP port setup. Their doc is here:
learn.microsoft.com/en-us/troubleshoot/windows-client/networking/tcp-ip-port-exhaustion-troubleshooting
I landed there because I saw event log items 4227, tcpip, “TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate…”
If you see lots of those events, or don’t, this paste gets us to the new standard:
netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384
To see your current settings:
netsh int ipv4 show dynamicport tcp
netsh int ipv4 show dynamicport udp
And if you want to combine the above with full disable of NETBIOS and related:
Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }
Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')
$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)
netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384
Categories:
Networking Analysis, Ports, & Protocols
Haven’t tried it yet, but frankly, this is rather extremely cool if you do Linux:
waydro.id/
Categories:
Linux Desktop Specific
Android
This tool:
privazer.com/en/
has privacy-related cleanup as its first purpose, but it does a more thorough cleanup of many parts of the Windows filesystem than I’ve seen anywhere else, including $MFT, $LogFile, and USN entries to name just three. It really has to be seen to be believed and understood, it gives you lists of what it did and they are extraordinary. It is not an OS optimizer, but it’s such a good cleaner that it will free up resources very significantly towards performance and issue elimination.
One thing good to do while running it, is to uncheck “Traces in free space”. This item is great for trace removal of all sorts, but it’s not needed when the goal is just general system upkeep, and it does take a long time.
You can definitely use the machine while cleanup is running, but probably should set process priority to “Low”, there’s a clicklink for this near the bottom, middle-left.
Categories:
Tools