RDP Monitoring

If you maintain servers for clients and have “people” (owners, other techs, employees) that also have access and break the server but its still your responsibility to fix it this software is for you.

http://www.observeit-sys.com/

This will let your record RDP and local sessions on servers. Because it works via a web service, you can host the server and put the agent on their computers to monitor it.

Batch file example to collect a virus

Here is a small batch file i used to collect an autorun.inf virus from a previous post and submit to McAfee

rem stephen

:TOP
set /a counter+=1
set /a counter2+=1

subst p: C:\Virus\virusholder
@ping 127.0.0.1 -n 2 -w 1000 > nul

subst p: /d
attrib C:\Virus\virusholder\autorun.inf -r -h -s
attrib C:\Virus\virusholder\system.exe -r -h -s
move C:\Virus\virusholder\autorun.inf c:\virus\autorun_%counter%.inf
move C:\Virus\virusholder\system.exe c:\virus\system_%counter%.exe
copy c:\virus\system_%counter%.exe C:\Virus\avtest

if %counter2% == 9 GOTO CompressandDelete
GOTO TOP




:CompressandDelete
7zip\7z.exe a sample%counter%.zip *.inf -pinfected
7zip\7z.exe a sample%counter%.zip *.exe -pinfected
del *.inf
del *.exe
set /a counter2=0
goto TOP

2008 R2 Failover Cluster

After alot of pain and suffering, Mcafee 8.7i Patch 2 or Patch 3 was causing the cluster to fail. After uninstalling everything works 100%.

The error was:
 Node ‘%1’ failed to form a cluster. This was because the witness was not accessible. Please ensure that the witness resource is online and available.

Also, if you have a single node cluster you will not be able to add a 2nd node.

All validation tests will pass.

Exchange 2007 Mail Contact going to Gmail and Calendar Integration

A mail contact in Exchange 2007 that points to a Gmail account and the complaint was that they did not get proper calendar invites, they got a text email with the dreaded winmail.dat

The fix is to edit the mail contact in Exchange and change the Rich Text Format to Never for the contact.