Monday, March 10, 2008

Tarpitting IISFTP Service

If you have been running an FTP server on the internet for any amount of time at some point you have noticed hundreds or even thousands of errors in your System Event log with an Event ID of 100. In an attempt to stop these run the following command from the command prompt, but if you change the location of the script file put in the correct path for this to work.

eventtriggers /create /TR "Reset FTP Service" /TK C:\scripts\ResetFTP.bat /L System /EID 100 /SO MSFTPSVC /RU "system"

The batch file is very simple, I created mine in a folder I have on my drive called "Scripts" and named it ResetFTP.bat. The contents of the script are below.

net stop msftpsvc
ping -n 10
net start msftpsvc

Thats it! The script will run when someone enters the wrong username and password for a FTP session. It will effectively stop the server for 10 seconds (10 pings to localhost) and then restart the FTP service. On a side note it only works on Microsoft Windows 2003 Server (Windows XP) and later. Also does not work on Microsoft Windows 2000 Server as there is no "Eventtriggers" program native to Windows 2000.

Releasing queued messages from eTrust SCM (Secure Content Manager)

Today I had an issue with Microsoft Exchange 2007 adding my CA eTrust SCM gateway to it's IP Block List. This caused all inbound emails to be delayed and dropped into Dead mail.

The recovery is pretty simple if you know what you are doing.

First you have to rename all of the .bad files to .inb. To do this simply open up a command window, change directories to (by default) c:\Program Files\eTrust SCM\Workspace\SMTP\Deadmail. Then "rename *.bad *.inb" without the quotes. Now that you have renamed all of the bad files you have to release them from the deadmail queue. To do so run the program "C:\Program Files\CA\eTrust SCM\bin\queues.exe"

Here you need to check the box next to "dead mail" and enter in the IP address of the SMTP server to forward the mail to and the port. Then click on the button. It might take some time to send all of the email through depending on server load and number of stuck emails.

On a side note while it eTrust SCM works on a x64 platform, offically its not supported or recommended.

uCertify Test Engine Review

To be totally up front I was asked to do this review by the company, but I won't let that affect my opinion of the product offered.

The download and installation of the product was straight forward. They even offer you a chance to do some practice tests for free to test out the software. The test itself is inexpensive coming in at $49.99 for a single user. Not bad in my opinion. So far I have only gone through the 15 question diagnostic test once, but the questions where challenging none the less.

I will be using this practice test for my 70-284 exam to truely test it out and to be honest I think it will work. I have to go through all of the exams first and then start using the "Adaptive Test" to really hone in on areas I have trouble in. Also the custom test allows you to pick areas of the exam that you are really struggeling with so you can "turn your weakness into stenght".

Friday, March 07, 2008

Follow Up: Failed to access IIS metabase.

As a quick followup post, if you need to do this procedure on a x64 system run this command instead: "%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i"