Fixed: Windows 2008 server “No logon Servers Available”

This was a strange issue, usually resolved with a reboot. The server would not process jobs that were scheduled and when we tried to RDP, it would say ” No logon servers available” The issue was unrelated to Kerberos or time settings, instead it was an exhaustion of available ports to communicate with the domain…. Continue Reading


Tool for analyzing and comparing sets of Group Policy Objects (GPOs).

If you are like me, you are often asked to consolidate Group Policies and validate the existing policies for best practices and duplications that can lead to policy failure. I ran across this tool recently and thought I would share. According to Microsoft: Policy Analyzer is a utility for analyzing and comparing sets of Group… Continue Reading


Apache Struts2 Vendor bulletins

Every time there is a critical vulnerability that is discovered, I often get the question “how am I impacted?” The challenge is this, even if you have a vulnerability management toolset (Nessus, Qualys etc) you may not see the entire picture of what is impacted. There could be many reasons for this such as permissions… Continue Reading


HOWTO: Determine if an Office Update is installed on Win7

Previously, I would check the following registry location for Office updates: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall There are entries something like: {90140000-0011-0000-0000-0000000FF1CE} I would then use a reporting tool to look for this to identify where office updates are installed. (LANSWEEPER is a great tool for this kind of reporting) Recently I needed to do this for an Office… Continue Reading



Blatant promotional post: Patch and Vulnerability Management as a service

NETSYNTROPY – Mission statement: Our goal is to provide a complete simple to implement solution to solve for information security. Many large companies have security operations centers, an operational security response team, with large budgets and many layers of process, technology and end user training. At NETSyntropy we aim to provide a combination of information… Continue Reading



Chinese IOT firm siphoned text messages and call records.

This article is the reason why I do not fully trust Andoid phones.. All of us need to be wary of cheap tech, you never know what will come bundled with affordable technology. https://krebsonsecurity.com/2016/11/chinese-iot-firm-siphoned-text-messages-call-records/    


Fixing high Windows memory usage caused by large metafile

If you are having a windows 2012 server that seems to need rebooting from time to time and goes unresponsive, you may want to consider downloading RAMMAP and seeing if the “Metafile” is quite large when the server has been on for some time. This can happen on file servers with a lot of activity… Continue Reading


Long Term packet captures using Wireshark.

Over the years I used wireshark to capture packet traces on windows devices. It did the job and for the most part was an invaluable tool. Until that is, I had the need to capture packets over a period of time. Usually when troubleshooting an intermittent network problem. Just when I needed the tool to… Continue Reading