Mar14

The mystery of why Cisco AnyConnect stopped working

by Xenophane on March 14th, 2012 at 21:50
Posted In: Tech Stuff

A while back I tried to update my Intel Centrino Ultimate 6300 Wifi NIC to the latest drivers, to test Intel MY wifi while I was out travelling, but I never got it to work, it said it could not detect a suitable adaptor.. So I did not think more of that, until I had to connect to our corporate network, using Cisco AnyConnect, and I got through both primary and secondary authentication fine, but then the connection crapped out with “unable to establish vpn”.. So after a few reboots and troubleshooting I ended up uninstalling the new driver, and reverting back to the old Lenovo one, I was running before.

Tonight I thought I would try again, to see if I could figure out what went wrong. So I installed the latest Intel drivers, and AnyConnect stopped working right away. So I went into Services to see what was “new” in there. I looked through all the Intel ones, and none of them looked “suspicious”, until I noticed that right below the Intel services, was “Internet Connnection Sharing (ICS)” and it was running. So I disabled it, and AnyConnected connected right away.

So if you have trouble connecting with AnyConnect, see if your connection has ICS enabled, or if you do not need it at all, just disable the service.

└ Tags: , , ,
 Comment 
Jan25

Checking Site sizes in SharePoint 2007 and 2010

by Xenophane on January 25th, 2012 at 12:19
Posted In: Everyday

Our Sharepoint admin asked me to help him write a script, that found out how much space each DocumentLibrary in our sharepoint farm took up, so after some googeling I found that I could use the StorageManagementInformation Method on the SPSite object, so I cam up with this little script

#First we load the SharePoint assembly
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")

#Then we create a function that returns tje SPSite
function Get-SPSite($url){
return new-Object Microsoft.SharePoint.SPSite($url)
}

$site = Get-SPSite http://URL
# We use the StorageManagementInformation Method on the $SPSite object, StorageManagementInformation returns a DataTable, and takes 4 input values
# System.Data.DataTable StorageManagementInformation(Microsoft.SharePoint.SPSite+StorageManagementInformationType ltVar, Microsoft.SharePoint.SPSite+StorageManagementSortOrder sordVar, Microsoft.SharePoint.SPSite+StorageManagementSortedOn soVar, System.UInt32 nMaxResults)
#
# ltVar: What kind of storage management information to display
#   List = 1
#   DocumentLibrary = 2
#   Document = 3
# sordVar: the direction in which the items are to be sorted
#   Increasing = 0×10
#   Decreasing = 0×11
# soVar: whether the items are sorted by size or by date
#   Size=0
#   Date = 1
# nMaxResults: the number of results to return

$DT = $site.StorageManagementInformation(2,0x11,0,$(($site.allwebs).count));
$DT | Select @{Label="Size"; Expression={[INT]($_.Size/1MB)}},Directory  | out-gridview
$site.Dispose()

Seems as if I forgot the last line, where I dispose of the Site object, I have added that now.

 Comment 
Oct09

Updating .Htacces file based on Apache log files

by Xenophane on October 9th, 2011 at 20:12
Posted In: Everyday

I am still seeing massive amounts of referal traffic hitting my site, eating up my bandwidth.. I did not get time to update my .htaccess file for the last 2 days.. and within the last 24 hours I have had more than 6000 hits, generating in almost 24.000 pageviews… Generating more than 1 GB worth of traffic (So at that speed I will reach my 10 GB limit soon)

Looking through the Apache logs, figuring out which sites I get most referral traffic from, getting the hostnames, transforming them into a format that can be used by the Apache rewrite engine in the .htaccess file has been time consuming. So I decided that some powershell magic, might speed up the process a bit.

function Select-FileDialog
{
	param(
		[string]$Title,
		[string]$Directory,
		[string]$Filter="All Files (*.*)|*.*")
			[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null
			$objForm = New-Object System.Windows.Forms.OpenFileDialog
			$objForm.InitialDirectory = $Directory
			$objForm.Filter = $Filter
			$objForm.Title = $Title
			$Show = $objForm.ShowDialog()
				If ($Show -eq "OK")
					{
						Return $objForm.FileName
					}
				Else
					{
					Write-Error "Operation cancelled by user."
					}
}

#Function to create the http rewrite rules.

Function Create-Rewrite {
	Param (
			$Hostname
		  )

		$HtaRule = "RewriteCond %{HTTP_REFERER} ^http://" + "$($hostname.replace(".","\."))" +" [OR]"
		$script:BlockList += $HtaRule
}

Function add-htaccess {
	Param (
		$HtaRules
		)
	(Get-Content $htaccess) | foreach-object {
		$_
			if ($_ -match "RewriteEngine") {
				if (!(Select-String -simplematch "$htarules" -Path $htaccess))
				{
				$HtaRules
				}
			 }

		} |	set-Content $tempFile
	Copy-Item $tempFile $htaccess
}

Function Upload-Ftp {
Param ([Parameter(Position=0, Mandatory=$true)]
		[ValidateNotNullOrEmpty()]
		[System.String]
		$FTPHost,
		[Parameter(Position=1)]
		[ValidateNotNull()]
		$File
		)
			$webclient = New-Object System.Net.WebClient
			$uri = New-Object System.Uri($ftphost)

			"Uploading $File..."

			$webclient.UploadFile($uri, $File)
		}

#Variables
$log = Select-FileDialog -Title "Select an Apache logfile"
$htaccess = "c:\Temp\.htaccess"
$tempFile = [IO.Path]::GetTempFileName()
$URLCount = 15
$FTPUsername = "Username"
$FTPPassword = "PassW0rd"

$BlockList = ""
#Create list of sites to block
$script:BlockList = @()

#Get the list of URLS in the the logfile, capturing each element into different named capturing groups

$urls = Select-String '^(?<client>\S+)\s+(?<auth>\S+\s+\S+)\s+\[(?<datetime>[^]]+)\]\s+"(?:GET|POST|HEAD) (?<file>[^ ?"]+)\??(?<parameters>[^ ?"]+)? HTTP/[0-9.]+"\s+(?<status>[0-9]+)\s+(?<size>[-0-9]+)\s+"(?<referrer>[^"]*)"\s+"(?<useragent>[^"]*)"$' $log |
     Select -Expand Matches | Foreach { $_.Groups["referrer"].value } 

#Output statistics for the referer hostnames (Only show top 15)
$urls | group | ForEach -begin   { $total = 0 } `
	-process { $total += $_.Count; $_ } |Sort Count | Select Count, Name |
	Add-Member ScriptProperty Percent { "{0,15:0.00}%" -f (100*$this.Count/$Total) } -Passthru | select -Last $URLCount

#Getting the base hostnames from the complete URLS, and outputs statistics to the screen.

$hosts = $urls | Select-String '\b[a-z][a-z0-9+\-.]*://([a-z0-9\-._~%!$&()*+,;=]+@)?(?<host>[a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&()*+,;=:]+\])' |
Select -Expand Matches | Foreach { $_.Groups["host"].value }  | group | sort count |  where {($_.name -notlike "*xipher.dk*") -and ($_.Count -gt 100)} |
 ForEach -begin   { $total = 0 } `
	-process { $total += $_.Count; $_ } | Sort Count | Select Count, Name |
	Add-Member ScriptProperty Percent { "{0,10:0.00}%" -f (100*$this.Count/$Total) } -Passthru 

Write-Host "List of root hostnames"

$hosts

Foreach ($Url in $hosts) {

Create-Rewrite $url.Name
}

Foreach ($Block in $script:BlockList) {
add-htaccess $Block
}

notepad $htaccess

$script:BlockList

Upload-Ftp -FTPHost "ftp://$($FTPUsername):$($FTPPassword)@xipher.dk/httpdocs/.htaccess" -File $htaccess
Upload-Ftp -FTPHost "ftp://$($FTPUsername):$($FTPPassword)@xipher.dk/httpdocs/WordPress/.htaccess" -File $htaccess

Unfortunately my current hosting company, does not allow me to download the log files via FTP, but I have to connect to the Parallels interface and download it manually.. (I have not had the time looking into automating this part yet, so this is still a manual step)
That is why I added a little function to use a GUI to pick the access_log file.

function Select-FileDialog
{
	param(
		[string]$Title,
		[string]$Directory,
		[string]$Filter="All Files (*.*)|*.*")
			[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null
			$objForm = New-Object System.Windows.Forms.OpenFileDialog
			$objForm.InitialDirectory = $Directory
			$objForm.Filter = $Filter
			$objForm.Title = $Title
			$Show = $objForm.ShowDialog()
				If ($Show -eq "OK")
					{
						Return $objForm.FileName
					}
				Else
					{
					Write-Error "Operation cancelled by user."
					}
}

I then call the function like this:

$log = Select-FileDialog -Title "Select an Apache logfile"

A little Regex magic runs through the logfiles, and captures the different elements into different named capturing groups, in this step, I expand all referrer hostnames, and put them into the $urls variable

$urls = Select-String '^(?<client>\S+)\s+(?<auth>\S+\s+\S+)\s+\[(?<datetime>[^]]+)\]\s+"(?:GET|POST|HEAD) (?<file>[^ ?"]+)\??(?<parameters>[^ ?"]+)? HTTP/[0-9.]+"\s+(?<status>[0-9]+)\s+(?<size>[-0-9]+)\s+"(?<referrer>[^"]*)"\s+"(?<useragent>[^"]*)"$' $log |
     Select -Expand Matches | Foreach { $_.Groups["referrer"].value }

I modified a script by Joel Bennet, to get a little statistics as well, since there can be 1000′s of hostnames, I have selected only to output top 15 by default (using the $URLCount variable.

$urls | group | ForEach -begin   { $total = 0 } `
	-process { $total += $_.Count; $_ } |Sort Count | Select Count, Name |
	Add-Member ScriptProperty Percent { "{0,15:0.00}%" -f (100*$this.Count/$Total) } -Passthru | select -Last $URLCount

Then I loop through all the hostnames, and extract the base domain name, using regex again. (Here I choose to ignore all traffic from my own domain name Xipher.dk, and I choose only to look for referral domains, that have generated 100 hits or more

$hosts = $urls | Select-String '\b[a-z][a-z0-9+\-.]*://([a-z0-9\-._~%!$&()*+,;=]+@)?(?<host>[a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&()*+,;=:]+\])' |
Select -Expand Matches | Foreach { $_.Groups["host"].value }  | group | sort count |  where {($_.name -notlike "*xipher.dk*") -and ($_.Count -gt 100)} |
 ForEach -begin   { $total = 0 } `
	-process { $total += $_.Count; $_ } | Sort Count | Select Count, Name |
	Add-Member ScriptProperty Percent { "{0,10:0.00}%" -f (100*$this.Count/$Total) } -Passthru

The script expects to find a .htaccess file in c:\temp containing at least the following two lines:

RewriteEngine On
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]

 Comment 
Sep18

Finally got confirmation.. Grown men do cry when their Bitlocker encrypted SSD disk dies ;(

by Xenophane on September 18th, 2011 at 19:57
Posted In: Everyday

Had another visit from the ever present Mr Murphy, I have had a Lenovo T420 sitting on my desk for a while, as a replacement for my T410.. Finally last night I had some time to start moving over data to the new laptop. So I boot up both laptops, both have Windows Updates ready to install.. So I thought, I might as well, let it update, while I went out to get me something to drink. When I get back, my “old” laptop would’nt boot.. The SSD disk had suddenly stopped working. Even after 1 day at work, I have found that I have a lot of ad-hoc scripts, that I had not backed up… I am going on 7 weeks paternity leave next friday, so I had written a bunch of documentation, for my colleagues to have..

So sorry to all those people I have made fun of over time, for having elaborate backup solutions for their laptops :)

 Comment 
Sep05

Back to my old theme again

by Xenophane on September 5th, 2011 at 11:34
Posted In: Everyday

Updated my .htaccess file to prevent the massive flooding of my site..

 Comment