Posted on

[SOLVED] Using Wireshark to Troubleshoot Network Connectivity Issues: Follow TCP Stream

Using Wireshark to Troubleshoot Network Connectivity Issues: Follow TCP Stream

One of the most useful features in Wireshark is the “Follow TCP Stream” feature, which allows you to view the full conversation between two devices as a single stream of data. This can be especially helpful when trying to troubleshoot connectivity issues, as it allows you to see the entire exchange of packets between the devices, rather than just individual packets.

To use the “Follow TCP Stream” feature, first select the packet in the packet list that you want to start the stream with. Then, right-click on the packet and select “Follow TCP Stream” from the context menu. This will open a new window showing the full conversation between the two devices as a single stream of data.

You can use the “Follow TCP Stream” feature to identify any problems with the exchange of packets between the devices. For example, if you see a large number of retransmissions or errors in the stream, it could indicate a problem with the connection. You can also use the “Follow TCP Stream” feature to see if any packets are being dropped or blocked, which can also cause connectivity issues.

Posted on

[SOLVED]Troubleshooting Network Connectivity Issues

Troubleshooting Network Connectivity Issues with Wireshark

Network connectivity issues can be frustrating, but there are a few steps you can take to try and resolve them. One powerful tool that can help troubleshoot these issues is Wireshark, a network protocol analyzer.

To use Wireshark to troubleshoot connectivity issues, start by capturing network traffic on the device experiencing the issue. This will allow you to see all of the packets being sent and received by the device, and you can use Wireshark’s various filters and analysis tools to identify any potential problems.

First, try to identify the source of the problem. Is it limited to a specific device or network segment, or is it affecting the entire network? This can help narrow down the potential causes.

Next, try to isolate the issue by performing some basic troubleshooting steps. For example, you can try rebooting the device or checking to make sure it has the correct IP address and DNS settings. You can also try connecting to the network using a different device to see if the issue is specific to one device or if it is a wider network issue.

If the issue persists, you can use Wireshark to help identify the cause. Look for any unusual patterns in the packets being sent and received, such as an excessive number of retransmissions or errors. You can also use Wireshark’s built-in analysis tools, such as the “Follow TCP Stream” feature, to get a more detailed look at the traffic flow.

By using Wireshark and other diagnostic tools, you can often identify and fix connectivity issues quickly and efficiently.

Posted on

Quickly find AD user password expiration date

Knowing when a password should expire is sometimes useful information.
To find out all users password expiration date, open up powershell on the DC and run:

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties “DisplayName”, “msDS-UserPasswordExpiryTimeComputed” | Select-Object -Property “Displayname”,@{Name=”ExpiryDate”;Expression={[datetime]::FromFileTime($_.”msDS-UserPasswordExpiryTimeComputed”)}}

It will output for you a human readable list such as in the above post screenshot.
I have tested and can confirm that the above script is working on Server 2008, 2008 R2, 2012, 2012 R2, 2016 & 2019.

Posted on

WPBakery Page Builder not working in chrome and shows console errors

Just a quick one, hoping it will help someone,

If you have a wordpress site with WPBakery Page Builder running on it, and find the frontend builder is not working, and if you also happen to use cloudflare – Rocket Loader™ is your issue.

Go to cloudflare and under speed –> Optimization –> turn off Rocket Loader™

Go back to WordPress and within a few mins, or the time your cache takes to update – your visual composer/WPBakery Page Builder will be working again.

Posted in
Posted on

Force Active Directory replication on a domain controller

To force Active Directory replication, on the server which needs forced to update, run using elevated CMD:

repadmin /syncall /AeD

A = All Partitions
e = Cross Site (Enterprise)
D = Show server name in output.

This will initiate a pull replication.

OR if you are already on on your main DC, and need to update any other servers in the AD, you can do a push replication:

repadmin /syncall /APeD

A = All Partitions
e = Cross Site (Enterprise)
D = Show server name in output.
P = Push

The technet article with further info can be found here:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc770963(v=ws.11)

Perhaps, you like me are trying to move away from the old CMD comandlines, and migrate into PowerShell – if that is the case, bad news -currently there is no update alternative for repadmin in powershell – the Get-ADReplication commands are great for troubleshooting but offer no easy interface for updating AD.

Posted on

Stress Testing HDD

There are certain times that you will want to stress test a HDD or just get some info out of it for performance tuning.

Step in: Diskspd.exe


A microsoft developed standalone disk testing tool.
https://github.com/Microsoft/diskspd

Sample command can be found here:
https://github.com/Microsoft/diskspd/wiki/Sample-command-lines

Posted on

Find VPN Log Unifi USG

Ubiquiti kit is great, and Unifi is by far the best value for money WiFi kit out there. However once you get beneath the beautifully crafted UI and you’ll soon struggle to find CLI info and configuration help.

Yow to find your VPN log Unifi

SSH into your USG, using your site specified SSH credentials, or if you have never set any, then ubnt/ubnt.

Then simply type:
show vpn log

or:
cat /var/log/charon.log | tail -n 100

Simple.

Posted on

Block users from logging on to an RDS Server [SOLVED]

Do you need to block users from logging on to an RDS Server

Problem:
You are updating an RDS server, or an application on the RDS server, but another users process is stopping your install. You need to stop access to other users to the RDS server but still be able to work on it yourself. but how?

Solution:
Open up administrative CMD
Change Logon /Disable
Then log all other users off using Task manager (users tab)

And when you are finished simply revert:
Change Logon /Enable

Sorted.

Posted on

Install Kali tools on Debian

So you have a fresh install of Debian? You want to be able to install kali tools on your new setup, or at least some of them?

Enter Katoolin:

sudo su
apt install python-pip
git clone https://github.com/LionSec/katoolin.git && cp katoolin/katoolin.py /usr/bin/katoolin
chmod +x /usr/bin/katoolin
sudo katoolin
Then either select which tools you wish to install, or press 0 to install them all.

Simple.

Posted on

Remote Web Workspace not working [Solved]

Remote Web Workspace breaks. Alot.

In all versions of SBS (now end of life) Microsoft graced us with the ability for remote users to remote into the server to then hop accross to their own PC’s via RDP.

This was great in theory, and worked for a while, until updated servers broke this feature. The root cause was an update to .net framework, starting at version 4.5.1 which included memory checking to make sure you have at least 5% free memory.

Ok, so why the issues. Well anyone who knows Exchange, knows that the information store will use as much free memory as possible – which in turn often caused the Remote desktop Gateway service to crash, due to not having 5% free memory.

Here is the quick fix if you only have 5 mins;

– Restart the MS Exchange information store,
– Then restart/start the Remote Desktop Gateway Service

Here is the proper fix:

– Run adsiedit.msc
– Connect to: Select a well known Naming Context : [Configuration]
– Expand the following:
Configuration\Services\Microsoft Exchange\ (First Organization) \Administrative Groups\ (Exchange Administrative Group) \Servers\ (Server Name)
– Right click on CN=Information Store and click properties
– Update the values of msExchESEParamCacheSizeMin and msExchESEParamCacheSizeMax to something below 94% of your servers max ram capacity – i is in KB’s divided by a 32byte page so…

Basic maths is ==> Target Cache Size in GB = (# * 1024 * 1024) / 32

There is an excellent table over at meridian.ws which is much easier than doing the maths:
http://meridian.ws/wordpress/?p=239

Posted in