Search Results

Search found 145 results on 6 pages for 'netsh'.

Page 4/6 | < Previous Page | 1 2 3 4 5 6  | Next Page >

  • Auto blocking attacking IP address

    - by dong
    This is to share my PowerShell code online. I original asked this question on MSDN forum (or TechNet?) here: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/f950686e-e3f8-4cf2-b8ec-2685c1ed7a77 In short, this is trying to find attacking IP address then add it into Firewall block rule. So I suppose: 1, You are running a Windows Server 2008 facing the Internet. 2, You need to have some port open for service, e.g. TCP 21 for FTP; TCP 3389 for Remote Desktop. You can see in my code I’m only dealing with these two since that’s what I opened. You can add further port number if you like, but the way to process might be different with these two. 3, I strongly suggest you use STRONG password and follow all security best practices, this ps1 code is NOT for adding security to your server, but reduce the nuisance from brute force attack, and make sys admin’s life easier: i.e. your FTP log won’t hold megabytes of nonsense, your Windows system log will not roll back and only can tell you what happened last month. 4, You are comfortable with setting up Windows Firewall rules, in my code, my rule has a name of “MY BLACKLIST”, you need to setup a similar one, and set it to BLOCK everything. 5, My rule is dangerous because it has the risk to block myself out as well. I do have a backup plan i.e. the DELL DRAC5 so that if that happens, I still can remote console to my server and reset the firewall. 6, By no means the code is perfect, the coding style, the use of PowerShell skills, the hard coded part, all can be improved, it’s just that it’s good enough for me already. It has been running on my server for more than 7 MONTHS. 7, Current code still has problem, I didn’t solve it yet, further on this point after the code. :)    #Dong Xie, March 2012  #my simple code to monitor attack and deal with it  #Windows Server 2008 Logon Type  #8: NetworkCleartext, i.e. FTP  #10: RemoteInteractive, i.e. RDP    $tick = 0;  "Start to run at: " + (get-date);    $regex1 = [regex] "192\.168\.100\.(?:101|102):3389\s+(\d+\.\d+\.\d+\.\d+)";  $regex2 = [regex] "Source Network Address:\t(\d+\.\d+\.\d+\.\d+)";    while($True) {   $blacklist = @();     "Running... (tick:" + $tick + ")"; $tick+=1;    #Port 3389  $a = @()  netstat -no | Select-String ":3389" | ? { $m = $regex1.Match($_); `    $ip = $m.Groups[1].Value; if ($m.Success -and $ip -ne "10.0.0.1") {$a = $a + $ip;} }  if ($a.count -gt 0) {    $ips = get-eventlog Security -Newest 1000 | Where-Object {$_.EventID -eq 4625 -and $_.Message -match "Logon Type:\s+10"} | foreach { `      $m = $regex2.Match($_.Message); $ip = $m.Groups[1].Value; $ip; } | Sort-Object | Tee-Object -Variable list | Get-Unique    foreach ($ip in $a) { if ($ips -contains $ip) {      if (-not ($blacklist -contains $ip)) {        $attack_count = ($list | Select-String $ip -SimpleMatch | Measure-Object).count;        "Found attacking IP on 3389: " + $ip + ", with count: " + $attack_count;        if ($attack_count -ge 20) {$blacklist = $blacklist + $ip;}      }      }    }  }      #FTP  $now = (Get-Date).AddMinutes(-5); #check only last 5 mins.     #Get-EventLog has built-in switch for EventID, Message, Time, etc. but using any of these it will be VERY slow.  $count = (Get-EventLog Security -Newest 1000 | Where-Object {$_.EventID -eq 4625 -and $_.Message -match "Logon Type:\s+8" -and `              $_.TimeGenerated.CompareTo($now) -gt 0} | Measure-Object).count;  if ($count -gt 50) #threshold  {     $ips = @();     $ips1 = dir "C:\inetpub\logs\LogFiles\FPTSVC2" | Sort-Object -Property LastWriteTime -Descending `       | select -First 1 | gc | select -Last 200 | where {$_ -match "An\+error\+occured\+during\+the\+authentication\+process."} `        | Select-String -Pattern "(\d+\.\d+\.\d+\.\d+)" | select -ExpandProperty Matches | select -ExpandProperty value | Group-Object `        | where {$_.Count -ge 10} | select -ExpandProperty Name;       $ips2 = dir "C:\inetpub\logs\LogFiles\FTPSVC3" | Sort-Object -Property LastWriteTime -Descending `       | select -First 1 | gc | select -Last 200 | where {$_ -match "An\+error\+occured\+during\+the\+authentication\+process."} `        | Select-String -Pattern "(\d+\.\d+\.\d+\.\d+)" | select -ExpandProperty Matches | select -ExpandProperty value | Group-Object `        | where {$_.Count -ge 10} | select -ExpandProperty Name;     $ips += $ips1; $ips += $ips2; $ips = $ips | where {$_ -ne "10.0.0.1"} | Sort-Object | Get-Unique;         foreach ($ip in $ips) {       if (-not ($blacklist -contains $ip)) {        "Found attacking IP on FTP: " + $ip;        $blacklist = $blacklist + $ip;       }     }  }        #Firewall change <# $current = (netsh advfirewall firewall show rule name="MY BLACKLIST" | where {$_ -match "RemoteIP"}).replace("RemoteIP:", "").replace(" ","").replace("/255.255.255.255",""); #inside $current there is no \r or \n need remove. foreach ($ip in $blacklist) { if (-not ($current -match $ip) -and -not ($ip -like "10.0.0.*")) {"Adding this IP into firewall blocklist: " + $ip; $c= 'netsh advfirewall firewall set rule name="MY BLACKLIST" new RemoteIP="{0},{1}"' -f $ip, $current; Invoke-Expression $c; } } #>    foreach ($ip in $blacklist) {    $fw=New-object –comObject HNetCfg.FwPolicy2; # http://blogs.technet.com/b/jamesone/archive/2009/02/18/how-to-manage-the-windows-firewall-settings-with-powershell.aspx    $myrule = $fw.Rules | where {$_.Name -eq "MY BLACKLIST"} | select -First 1; # Potential bug here?    if (-not ($myrule.RemoteAddresses -match $ip) -and -not ($ip -like "10.0.0.*"))      {"Adding this IP into firewall blocklist: " + $ip;         $myrule.RemoteAddresses+=(","+$ip);      }  }    Wait-Event -Timeout 30 #pause 30 secs    } # end of top while loop.   Further points: 1, I suppose the server is listening on port 3389 on server IP: 192.168.100.101 and 192.168.100.102, you need to replace that with your real IP. 2, I suppose you are Remote Desktop to this server from a workstation with IP: 10.0.0.1. Please replace as well. 3, The threshold for 3389 attack is 20, you don’t want to block yourself just because you typed your password wrong 3 times, you can change this threshold by your own reasoning. 4, FTP is checking the log for attack only to the last 5 mins, you can change that as well. 5, I suppose the server is serving FTP on both IP address and their LOG path are C:\inetpub\logs\LogFiles\FPTSVC2 and C:\inetpub\logs\LogFiles\FPTSVC3. Change accordingly. 6, FTP checking code is only asking for the last 200 lines of log, and the threshold is 10, change as you wish. 7, the code runs in a loop, you can set the loop time at the last line. To run this code, copy and paste to your editor, finish all the editing, get it to your server, and open an CMD window, then type powershell.exe –file your_powershell_file_name.ps1, it will start running, you can Ctrl-C to break it. This is what you see when it’s running: This is when it detected attack and adding the firewall rule: Regarding the design of the code: 1, There are many ways you can detect the attack, but to add an IP into a block rule is no small thing, you need to think hard before doing it, reason for that may include: You don’t want block yourself; and not blocking your customer/user, i.e. the good guy. 2, Thus for each service/port, I double check. For 3389, first it needs to show in netstat.exe, then the Event log; for FTP, first check the Event log, then the FTP log files. 3, At three places I need to make sure I’m not adding myself into the block rule. –ne with single IP, –like with subnet.   Now the final bit: 1, The code will stop working after a while (depends on how busy you are attacked, could be weeks, months, or days?!) It will throw Red error message in CMD, don’t Panic, it does no harm, but it also no longer blocking new attack. THE REASON is not confirmed with MS people: the COM object to manage firewall, you can only give it a list of IP addresses to the length of around 32KB I think, once it reaches the limit, you get the error message. 2, This is in fact my second solution to use the COM object, the first solution is still in the comment block for your reference, which is using netsh, that fails because being run from CMD, you can only throw it a list of IP to 8KB. 3, I haven’t worked the workaround yet, some ideas include: wrap that RemoteAddresses setting line with error checking and once it reaches the limit, use the newly detected IP to be the list, not appending to it. This basically reset your block rule to ground zero and lose the previous bad IPs. This does no harm as it sounds, because given a certain period has passed, any these bad IPs still not repent and continue the attack to you, it only got 30 seconds or 20 guesses of your password before you block it again. And there is the benefit that the bad IP may turn back to the good hands again, and you are not blocking a potential customer or your CEO’s home pc because once upon a time, it’s a zombie. Thus the ZEN of blocking: never block any IP for too long. 4, But if you insist to block the ugly forever, my other ideas include: You call MS support, ask them how can we set an arbitrary length of IP addresses in a rule; at least from my experiences at the Forum, they don’t know and they don’t care, because they think the dynamic blocking should be done by some expensive hardware. Or, from programming perspective, you can create a new rule once the old is full, then you’ll have MY BLACKLIST1, MY  BLACKLIST2, MY BLACKLIST3, … etc. Once in a while you can compile them together and start a business to sell your blacklist on the market! Enjoy the code! p.s. (PowerShell is REALLY REALLY GREAT!)

    Read the article

  • Resetting TCP/IP Settings on Windows 8

    - by cpx
    Apparently, there's a command: netsh int ip reset which is known to reset TCP/IP settings for Windows XP/Vista/7 and I'm not sure how it works correctly on Windows 8. When I typed the command under command prompt (Admin) I got two errors as pointed out in the screenshot: Resetting , failed. Access is denied. At the end it said Resetting , OK! So, how do I confirm if it worked or not?

    Read the article

  • windowsxp sp3 disable interface from command line

    - by cstamas
    Hi, I need to mass disable interfaces on windows machines (more than 100 machines). I tried using: netsh interface set "VirtualBox Host-Only Network" disable But it does not work. (I found an article describing that it works on win 2003 server). I can run commands remotely with psexec. Do you have any hints? Thanks in advance!

    Read the article

  • Problems when trying to connect to a router wirelessly

    - by Ruud Lenders
    The situation - At my girlfriend's parents' place there are six Windows 7 devices that are wired or wireless connected to a router: 3 dekstops and 3 laptops. There are also several smartphones using the router. The router is secured with WPA2 (AES). The problem - We never had any problems with the router for over a year. But recently - about 3 weeks ago - my girlfriend's laptop (HP) and my laptop (ASUS) started to develop problems while trying to connect to the router. The router has stopped showing up from the network list. Sometimes it comes back and shows up, but then it keeps saying something along the lines of "Could not connect", and not long after that it dissapears again. The range of the router is not the problem here, because we experience the same when we sit next to the router. Sometimes, if we are lucky, and waited a long time (10-15 minutes) without using the laptop for anything, the laptop will eventually succesful connect to the router. The attempts - Of course, the Window 7 troubleshooter. We tried troubleshooting the connection problems and the wireless network adapter, but no luck. We also reset the router enough times to know that's not helping either. Here's the full list of things we tried, but did not help: Running the Windows 7 troubleshooter Resetting the router (more than once) Setting the router settings to factory defaults Disconnecting all other devices except one laptop Applying a system restore Trying static/dynamic IP/DNS - Dynamic is better, right? Enabling/disabling IPv6 - Should I keep IPv6 disabled? Running the command: netsh wlan stop hostednetwork Running the command: netsh wlan set hostednetwork mode=disallow Updating/reïnstalling wireless adapter drivers The tests - To help finding the core of the problem, we tested the following: Plugging an ethernet cable in the router and in our laptops - worked fine Connecting someone else's laptop to the router (wireless) - worked fine Connecting our laptops to someone else's router - worked fine The router - This information might be relevant: Router model: Sitecom 300N Wireless Router Router hardware: version 01 The DCHP Server's IPs range from 192.168.0.100 to 192.168.0.200. Router settings: Wireless channel: 12 Channel bandwidth: 20/40 MHz Extension channel: 8 Preamble type: Long 802.11g protection: Disabled UPnP: Enabled The laptops - If you are wondering about our laptops: My laptop model: ASUS Pro64JQ Girlfriend's laptop: HP Pavillion G6 OS: Both Windows 7 Professional x64 - with Service Pack 1 My wireless adapter: Atheros AR9285 AdHoc 11n: Enabled The question - Does anyone have experienced the same problems as I do? Or does someone know how to solve this? Are there more tricks I can try, or settings I should change? Note - Our laptops are not slow or old. My laptop is 1.5 years old, and the other laptop is just 5 months old. I know how to keep laptops clean and I'm pretty sure both laptops are not bloated with useless software.

    Read the article

  • wireless problem: Internet slow connection or limited connectivity

    - by jack
    Hi I have no idea on this problem. My wireless connection doesn't work sometimes. I find it's due to my XP and I have no problem with my Win 7 machine. The problem is - Internet Connection a bit slower than usual Limit connectivity issue I use netsh reset for resetting network configurations but it helps sometimes or not help at all. Any ideas? Thank you.

    Read the article

  • Wireless traffic stops when downloading large files at high speed: packets lost (Linksys WRT120N router)

    - by Torious
    The problem Note: First I'd like to understand WHY this is happening. Ofcourse, a solution would be nice too. :) When downloading a large file over HTTP at high-speeds, my wireless traffic basically stops: I can't open webpages and the download itself pauses. It pauses pretty much immediately after starting it; sometimes at 800 KB, sometimes at a few MB. After some time, the download (and other traffic) resumes, but the problem keeps reoccurring during the same download. The problem does not occur when using a wired connection through the same router (Linskys WRT120N). Also note that the connection is not dropped when this happens. It's just that the traffic stops and I can't browse to web pages, etc. (SYN packets are sent but nothing is received, etc.) Inspection with Wireshark shows that the following happens: Server sends data packets which are acknowledged by client Server sends a packet, but SEQ indicates some packets were lost (6 packets in one occurrence). Server sends a few more packets and client acknowledges these using "selective acknowledgement" Server stops sending data for a while (since the lost packets were not acknowledged or the router stops forwarding them?) Eventually, server does a "retransmission" and traffic resumes as normal. This all seems normal behavior to me when packet loss occurs. It's the consistent packet loss throughout a large, high-speed download that puzzles me. What might cause this? My own idea is the following: My internet is pretty fast (100 mbps), so when starting a large-file download, the router buffers the incoming data (since wireless introduces some slight delay / lower speed, in part due to other networks), but the buffer overflows and the router drops packets to regulate traffic (and because it has no choice). But how could that happen? Doesn't the TCP window size limit the amount of data that can go unacknowledged? So how can the router's buffer overflow if there can only be like 64 KB waiting to be acknowledged? Note: I've disabled TCP window scaling and dynamic window size through netsh options, in an attempt to fix this, but it doesn't seem to matter. Also, Wireshark shows a pattern of the server sending 2 packets (of 1514 bytes) and the client sending an ACK, so does that rule out a possible buffer overflow? And a few more subsequent packets are received... I'm at a loss here. Thanks for any insights. Things that are (probably) NOT the cause / I have experimented with The browser Various TCP options in Windows 7 (netsh etc.) Router settings such as MTU, beacon interval, UPnP, ...

    Read the article

  • Windows Advanced Firewall (Command Line Interface)

    - by Bradford Fisher
    I'm wondering where to find detailed information regarding the Microsoft Advanced Windows Firewall command line settings. For instance, from reading a couple technet articles I've learned that I can run the following: netsh advfirewall firewall set rule group=”File and Printer Sharing” new enable=Yes The bit about 'group="File and Printer Sharing"' is the part I'm having trouble finding documentation for. Any help would be greatly appreciated. And, if possible, I'd rather a pointer to the docs than a simple listing of group names.

    Read the article

  • Unable to share internet by using HOSTEDNETWORK after installing AVAST recently

    - by Shanks
    I was able to share my laptop's internet with my smartphone by using this command "netsh wlan start hostednetwork". But when I installed Avast in my Windows 8 OS, I am able to start the hostednetwork as before and my smartphone also finds the virtual AP but still I can't use internet on the smartphone. It's like the internet sharing has been disabled by the Antivirus. How do I tell Avast that its okay to use the hostednetwork?

    Read the article

  • How do I configure a guest VM's static IP address automatically in Citrix XenServer?

    - by Kev
    To facilitate automation of guest VM provisioning, how do I set (in a script) the IP address on a guest VM's NIC (or NIC's) once a new VM has booted? Is there a way to "inject" netsh commands via the Citrix guest OS tools (for Windows for example) once the host has started? Or can this be done via the Citrix API/SDK or the xe tools? These are windows 2008 servers that have been sysprep'd so when the boot for the first time they have no IP address.

    Read the article

  • Windows: make browsers do a DNS-lookup even when the Computer is offline

    - by leosok
    I use a local DNS-Server (MicroDNS) which I set via netsh to redirect any query to my own page. A little webserver running inside my software answering something like "this page is not whitelisted". It works when connected to the Internet but does not work when offline. The Browsers stop looking up the DNS. How could I make Browsers go to my page, whatever I enter in the address line, WHEN OFFLINE?

    Read the article

  • Convert Console Output to Array

    - by theundertaker
    Using netsh wlan show networks mode=bssid on Windows CMD yields a listing of available wireless networks. Is it possible to convert the list, which looks something like this: Interface name : Wireless Network Connection There are 11 networks currently visible. SSID 1 : Custom Gifts Memphis Network type : Infrastructure Authentication : Open Encryption : WEP BSSID 1 : 00:24:93:0c:49:e0 Signal : 16% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 6 9 12 18 24 36 48 54 SSID 2 : airportthru Network type : Adhoc Authentication : Open Encryption : None BSSID 1 : 62:4c:fe:9c:08:18 Signal : 53% Radio type : 802.11g Channel : 10 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 3 : belkin.ffe Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : 08:86:3b:9c:8f:fe Signal : 23% Radio type : 802.11n Channel : 1 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 4 : 3333 Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : 00:0f:cc:6d:ba:ac Signal : 18% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 22 24 36 48 54 BSSID 2 : 06:02:6f:c3:06:27 Signal : 20% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 5 : linksys Network type : Infrastructure Authentication : Open Encryption : None BSSID 1 : 98:fc:11:69:35:46 Signal : 38% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 6 : iHub_0060350392e0 Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : 00:c0:02:7d:5f:4e Signal : 18% Radio type : 802.11g Channel : 11 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 7 : TopFlight Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : 00:14:6c:7a:c4:70 Signal : 16% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 8 : 2WIRE430 Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : b8:e6:25:cb:56:a1 Signal : 16% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 9 : LUBIN Network type : Infrastructure Authentication : WPA-Personal Encryption : TKIP BSSID 1 : 00:13:10:8d:a7:32 Signal : 65% Radio type : 802.11g Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 10 : TV2 Network Network type : Infrastructure Authentication : WPA2-Personal Encryption : CCMP BSSID 1 : b8:c7:5d:07:6e:cf Signal : 79% Radio type : 802.11n Channel : 11 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 SSID 11 : guywork Network type : Infrastructure Authentication : Open Encryption : WEP BSSID 1 : 00:18:e7:cf:02:20 Signal : 15% Radio type : 802.11n Channel : 6 Basic rates (Mbps) : 1 2 5.5 11 Other rates (Mbps) : 6 9 12 18 24 36 48 54 ... into an array using JavaScript or C#? I know it is but it seems like it may be rather difficult. Are there other avenues of obtaining such network information in the requested format? A JavaScript object would be perfect.

    Read the article

  • .bat file to update loopback controller to external ip

    - by cable729
    Okay, so I've figured out how to get my external ip using wget: wget -q -O - http://whatismyip.com/automation/n09230945.asp that outputs the ip to the command console. adding currentip.txt to the end will write it to a text file. But what I want to do is use netsh interface ip set address name="Local Area Connection 2" source=static addr=[WHAT DO I PUT HERE] Also, a way to make the command prompt not flash would be nice too :)

    Read the article

  • DirectAccess client can't connect

    - by odd parity
    I've set up a DirectAccess server on Windows Server 2012 at my workplace. I'm using a Windows 8 Enterprise client to connect to it. It works fine over a mobile connection, but it fails when connecting from home. I've ruled out the firewall/router as the culprit as the issues persist when connecting the laptop directly to the cable modem. I'm not sure where to begin to debug this, does anyone have any pointers? Both Teredo and IPHTTPS interfaces are up (although as the server is behind a NAT and we only have 1 public IP I understand that IPHTTPS is the only protocol that will be used). The IPHTTPS tunnel also seems to be connected: netsh interface httpstunnel show interfaces Interface IPHTTPSInterface (Group Policy) Parameters ------------------------------------------------------------ Role : client URL : https://redacted:443/IPHTTPS Last Error Code : 0x0 Interface Status : IPHTTPS interface active however the DirectAccess link can't be activated - get-daconnectionstatus cycles between Status : Error Substatus : CouldNotContactDirectAccessServer and Status : Error Substatus : RemoteNetworkAuthenticationFailure Any suggestions on how to attack this are appreciated!

    Read the article

  • "No active network adapters found" Hyper-V 2008 R2

    - by mnemosyn
    I fiddled around with the virtual network settings of my Hyper-V server, because Windows Update failed to run in the VMs. I set the flag that makes the NIC exclusively usable by the VM. Now, the host system tells me it has no active network adapters. What does that even mean? According to netsh, there are three enabled network connections. I tried to restart the NICs using devcon.exe (the correct x64 version), but that doesn't make any difference - still, devcon reports the NICs are there and they are activated?! Is there any way I can force the host to re-enable the NICs?

    Read the article

  • MS Windows Server 2008R2 slow file copy, slow network connection

    - by MattrixHax
    i just setup a windows 2008R2 standard server, with the only installed app being Hyper-V, and only 1 windows XP VM is running. Whenever i try to copy a file from my windows 7 laptop over to the 2008R2 server machine's admin shares ( \\servername\c$ ) the files start transferring around 60mb/s and then drop to around 5mb/s. My windows 7 machine and the server 2008 machine are both in WORKGROUP (no domain here). when i try the same transfer to our server 2003 box the transfer speeds are fine. tried disabling autotuning (netsh interface tcp set global autotuninglevel=disabled) as well as turning off the checksum offload to the adapter (tx and rx) - i still see strange packet errors (bad header checksum) using wireshark and just cannot seem to track down what the issue is - over 1 hour to transfer 4gb of files from 1 server to another that are on the same GB switch is just crazy.... any ideas would be greatly appreciated!

    Read the article

  • windows 7 no internet access

    - by Kyle
    Just did a fresh install of Windows 7, and the network and sharing center says no internet access. Disabling and enabling the adapter seems to fix the issue temporarily, but the internet stops working shortly after. I have installed the latest NIC drivers and have installed all Windows updates. I have also tried manually setting the ip/gateway/dns and running netsh int ip reset in an elevated command prompt. I am running Windows 7 Home Premium 64bit with a wired connection. I have searched for hours, but have found no working solutions. Does anyone have any ideas?

    Read the article

  • how to reference a ppp adapter in windows command?

    - by ollydbg23
    When using the windows command ipconfig /all, the result will show a PPP adapter followed by a long name closed with braces. It looks like the below image: When I try to set the DNS of my PPP adapter, I encounter this problem: netsh interface ip set dns "PPP adapter {1C43A7B0-1173-40E2-96D6-1DA6457786B0}" static 208.67.222.222 Invalid interface PPP adapter {1C43A7B0-1173-40E2-96D6-1DA6457786B0} specified. I have also used the pure string "{1C43A7B0-1173-40E2-96D6-1DA6457786B0}", but with the same result. How can I reference this PPP adapter, so that I can change its configured DNS and other settings? What does this long string mean? I do not have this PPP adapter connection on my "show all connections" panel, because I have a VPN app - when running it, this PPP adapter will be automatically created for me.

    Read the article

  • Need help diagnosting a random BSOD

    - by diimdeep
    I have random BSOD even in idle .. Already tried: memtest - ok scandisk- ok netsh int ip reset Winsock fix. tcpip.sys+2c13e 21.06.2011 15:21:00 DRIVER_IRQL_NOT_LESS_OR_EQUAL tcpip.sys+2de08 22.06.2011 15:09:28 DRIVER_IRQL_NOT_LESS_OR_EQUAL tcpip.sys+2de08 22.06.2011 16:09:31 DRIVER_IRQL_NOT_LESS_OR_EQUAL tcpip.sys+2c13e 23.06.2011 9:48:16 DRIVER_IRQL_NOT_LESS_OR_EQUAL Fastfat.SYS+4dc 21.06.2011 11:55:10 SYSTEM_THREAD_EXCEPTION_NOT_HANDLED ipnat.sys ipnat.sys+6751 ntoskrnl.exe ntoskrnl.exe+699e0 tcpip.sys tcpip.sys+2c13e 0 HTTP.sys HTTP.sys+15d00 ipnat.sys ipnat.sys+6751 tcpip.sys tcpip.sys+2de08 ipnat.sys ipnat.sys+6751 ntoskrnl.exe ntoskrnl.exe+79d94 tcpip.sys tcpip.sys+2c13e Fastfat.SYS Fastfat.SYS+4dc ntkrnlpa.exe ntkrnlpa.exe+8d820 Here is .dmp files and report generated by BlueScreenView https://skydrive.live.com/redir.aspx?cid=7e5eafae5336f402&resid=7E5EAFAE5336F402!116 Please help !! I know this questions but answers in it not help Only browser causes BSOD -- all other TCP operations okay

    Read the article

  • Why would the IIS UrlRewrite module continue redirecting requests after the rule is removed?

    - by Jon Norton
    Our application uses the IIS UrlRewrite module to temporarily redirect requests during upgrades to a maintenance site. We have seen a few instances where even though the redirect rule has been removed, the server continues to redirect all requests according to the removed rule. There does not seem to be any pattern with this, and has only occurred once or twice. We have taken the following steps to try and determine the cause of this behavior. Verified that the original rule was a 307 temporary redirect Requested the application from machines that had never requested it before Used a different browser Added and removed a dummy rule from the IIS management console Checked the http kernel cache using netsh http show cachestate Modified the applicationHost.config file by hand (the rule was not still in the file, we just added a superfluous space) In the past when this has happened, we have been able to restart IIS and it solves the problem but that is not always an option and we really want to figure out what the root cause is. How or why would UrlRewrite be caching the response and not responding to configuration changes?

    Read the article

  • Downloads on Vista Home Premium start off fast but slow down to 0 Kb/s and hang

    - by user66265
    I have Windows Vista Home Premium on my computer and everytime I go to download something, it starts out at about 1.5 Mb/s and stays there for about 3 seconds, then it slows down to 800 Kb/s and continues to drop until it gets down to 0 Kb/s and hangs. I've tried just about everything I can find such as uninstalling all firewalls/antivirus, doing the netsh rss,autotune, and chimney disable, and updating everything but it still continues to happen. I'd prefer not to reinstall but if I have to then I have to... EDIT: Figured it out, the router needed a firmware update

    Read the article

  • Permission denied accessing windows firewall

    - by Simon Sabin
    It doesn't matter who I am logged in as I am getting the following error in the mmc console when I launch the firewall advanced settings There was an error opening the Windows Firewall with Advanced Security snap in You do not have the correct permissions to open the Windows Firewall with Advanced Security console, You must be a member of the Administrators group or the Network Operators group to perform this task. For more information, contact your system administrator. Error code: 0x5. Ive tried processmonitor to identify what permission is being denied but no luck. If I run netsh directly I get access denied as well. This is running windows server 2008 SP2. And yes I was running as an administrator. Any ideas?

    Read the article

  • What is the command to check if a command's results mention OK?

    - by Manuel
    Alright, so I was playing around with changing MTU size and wanted to make a batch file to automatically lower it and then raise it later. This is probably simple, but I just can't figure it out. Point is, is there a way to run a command, which would normally echo out "ok" but check to see if it does say ok? And if it doesn't say ok then, to end the rest of the file from running and exit out. The command I'm using is netsh interface ipv4 set subinterface "Local Area Connection" mtu=386 store=persistent which, as I mentioned above prints out an OK. I just want to check if it did run correctly, and if not, then do __

    Read the article

  • Disable "Windows Firewall with Advanced Security" for all profiles(Domain,Public,Standard) in local GP using script help! Windows 7 Clients

    - by JoBo
    We need Windows7 with windows firewall to be turned off , so the GOLD image has windows firewall turned off for all profiles(Domain,Public,Standard) and Windows Service disabled No the same GOLD image deployed with MDT (Apply local GPO) has enabled Windows Firewall under "Windows Firewall with Advanced Security" as part of task sequence Now we need to remove it. "These machines are now on Domain where in we have no rights/control on the domain level GPO", we have local admi rights on these machines We have a requirement do set the "Windows Firewall with Advanced Security" to "NOT Configured" or "OFF "on these machines In gpedit.msc if we manually go to "Windows Firewall with Advanced Security" after enabling Windows Firewall Services then can Clear the settings Do do the same manually on all machines is extra effort Changing values in registry will get reverted on machine restart as its getting applied from local GPO Also using GPMC can connect to remote computer and can manually or using wfw file we can make it not configured but we are looking for a script or a less effort method to accomplish this Please suggest NB: CIA has already reported similar issue//How do I turn off Windows 7 Firewall via script or through automation?// , but doing netsh advfirewall set allprofiles state off on already deployed machines did not make change (FW service on all machine is disabled in GOLd image)// Thanks and Regards Jose

    Read the article

  • Create manual IPSec policy on Window (like spdadd and add on Linux)

    - by hapalibashi
    Hello On Linux it is possible to create an a manual IPSec (no IKE etc) tunnel thus: spdadd 192.168.0.10/32[5066] 192.168.0.11/32[5064] udp -P in ipsec esp/transport//require; add 192.168.0.10 192.168.0.11 esp 2222 -m transport -E des-ede3-cbc "123456789012123456789012" -A hmac-md5 "1234567890123456"; I need to do the same on Windows. I am aware of netsh but I don't think its equivalent, I need to specific the SPI (thats the 2222 above) and this seems impossible. Any ideas or alternatives?! Thanks, Stuart.

    Read the article

< Previous Page | 1 2 3 4 5 6  | Next Page >