Wednesday, April 16, 2014

NetScanTools Pro v11.60 Released April 10, 2014

NetScanTools Pro v11.60 (installed version) was released on April 10, 2014. It adds a new tool called Graphical Traceroute and significantly updates the SSL Certificate Scanner. It also marks the beginning of the changeover from compiling with VC2008 on Windows XP to VC2012 on Windows 8.1. We will still support XP at least through the end of 2014.

Graphical Traceroute (found under Manual Tools/Traceroute - Graphical) is similar to an old command line utility called MTR, but with some important differences: it was written from the ground up before I even knew about MTR to support both IPv4 and IPv6. It has a graph that shows hops vs. response time with minimum, maximum, average and last traces shown. There is also a list view showing more stats like dropped packets. Exporting to files is supported and you can print the graph too. To use it, simply put in a target and press Run. It will run until you stop it. You can control some packet parameters and how long to wait between doing traces. Here is what it looks like:


SSL Certificate Scanner was enhanced to add retrieval of the whole certificate chain up to and including the root certificate for each target - we also now show you whether the certificate is valid. You can now view those certificates and export the details to a text file. In this image we are showing the certificate chain for Google:



We also added over 180 new Whois domain servers for the many new top level domains the IANA has approved. Whois also now has a minor algorithm change to handle new TLDs too. This is an important addition that will eventually prove useful as people begin to register domains in those new TLDs.

These are the other changes:
-Added test for a security program known to block access to the clipboard preventing copying and pasting in NetScanTools Pro.
-Wording changes for the controls in Packet Capture.
-Updated SQLite to 3.8.4.3
-Updated database files.

How to get v11.60:
If you have an active version 11 maintenance plan you can click on Help/Check for New Version to login and download the full install.

The USB version patch will be ready on or before April 18.

Friday, April 11, 2014

Windows 8.1 Update KB2919355 woes and my solution

Keywords: KB2919355, 0x80070005, 0x80073712, FAIL

On April 8, my Windows 8.1 64 bit desktop computer (16GB ram, 240GB Sandisk SSD boot drive) did the automatic Windows Update and I had to let it go overnight because of the size of the total update. When I got up I found that KB2919355 had failed with error 0x8007005. I tried it again and again. Same failure. But I had other stuff to do so I just did some research.

Next day I went to Microsoft support directly downloaded all the .msu update files associated with the April 8 patch set. I even downloaded the KB2919442 msu because it is a prerequisite. I spent the next two days trying to install KB2919355 manually and I kept getting a new error 80073712 which means there was corruption. By following other people's posts I was directed to use these in an administrator privs command prompt:
DISM /online /cleanup-image /restorehealth
DISM /online /cleanup-image /startcomponentcleanup
sfc /scannow

When they worked (not always successfully) I would try to install KB2919355 manually again and each time it failed. A number of tries...

Aside: in my research, I found in several places this statement:
These KB's must be installed in the following order: KB2919442, KB2919355, KB2932046, KB2937592, KB2938439, and KB2934018

Here is what I did to get it to work:
1. I backed up the system with Acronis True Image 2014. This turned out to be a very important step!
2. When to Control Panel/Recovery/Open System Restore and chose a Restore Point that was BEFORE the April 8 mess.
3. Did the System Restore.
4. Manually installed starting with KB2919355 msu in the order above. (KB2919442 was already there) I had each in Downloads and I simply double clicked to run them.
5. Each one required a reboot. Fortunately SSD reboot time is super fast.
6. Everything looked good EXCEPT the System Restore went to older versions of a number of source code files I had in Documents folder. Not good. So I examined each folder and decided to restore the whole thing from the Acronis backup. I also use Pegasus Mail and there was a PMAIL.INI file that got changed, but I was able to put it back correctly without using restore. I also found that 2 favorites were removed, but I was able to restore those with Acronis.

That worked. I am relatively happy, but quite concerned as to why System Restore removed some files I had created.

It is my belief that the order of the KB's being installed on April 8 was SUPER IMPORTANT and the automatic Windows Update didn't know that so it installed the others first, then tried to install KB2919355 out of order. Mostly because of my slow internet connection. The others were downloaded first so it installed them.

I hope this helps someone.

Kirk


Friday, April 4, 2014

Legacy ASP problem -again-

Disclaimer: yes, I know I should be using newer software on a newer OS, but I haven't had time to update it.

I have a legacy ASP script running on an ancient 2003SP2 server and this morning I did a Windows Update that successfully installed KB2929961 and KB2930275. Later in the day I found out an ASP form was not working. It was giving the error: "asp 0177 : 800401f3" and a line number pointing to a CreateObject("Scripting.FileSystemObject") as the source of the error. I've seen this before but it's been quite awhile and always after doing a Windows Update.

I did the regsrv32 /u scrrun.dll and regsrv32 scrrun.dll thing successfully, but it didn't work - as usual.

Next I ran Procmon.exe from SysInternals to see where the error was and I found it by running the script then stopping procmon. Way too much data, but I searched for FileSystemObject and found that there was ACCESS DENIED on HKEY_CLASSES_ROOT/Scripting.FileSystemObject. Now I remember!

I opened regedit and went to that key. It had Administrators and SYSTEM as read only etc., so I added "EVERYONE" and made it read-only. That fixed it. But then I went back and removed EVERYONE and added just the Internet Guest Account (IUSR_computername) as read only. It seems to work fine - at least until the next Windows Update.

Or until I put the Server 2012 machine in service that's been sitting here for a couple months.

KIrk

Managed Switch Port Mapping Tool 2.32 Released

Two releases of the Switch Port Mapper were done quickly on the heels of v2.30 - the reason was to address issues with SQLITE_BUSY messages seen by some users (but never by us). It occurs during a SELECT of one table and using some of the data from that SELECT to do an INSERT into a different table - same database file. By doing a BEGIN IMMEDIATE wrapping the statements, I was able to solve the problem. It didn't used to happen so it must be a change in SQLITE operation.

I also added in a message to tell the user when Ping Sweep is activate but the IP range for Ping Sweep is empty. That's important because if you want to use Ping Sweep to prepopulate arp tables or to get NetBIOS info from a set of target, you had better define the targets. Why is this needed? simple: most people are using the Switch Port Mapper to map Layer 2 switches that don't keep track of IPs, layer 2's keep track of MAC addresses. So you have to get the IPs by retrieving ARP tables and looking for the MAC addresses so you can work backwards and get the IP addresses.

Get Managed Switch Port Mapping Tool v2.32 here:
http://www.SwitchPortMapper.com/