Posts Tagged ‘Networking’
Posted by William Diaz on May 10, 2012
A lot of vague networking issues on user workstations are sometimes troubleshot by running the netsh winsock reset catalog command, often without knowing what it does. When you run this command, you are resetting the layered service providers that come with Windows and removing all others that did not come with Windows. These “others” might be MS firewall clients, security proxies or 3rd party wireless communication apps that come with “Air Cards” used by mobile users.
In the environment that I work in, our workstations have the Microsoft Firewall Client or TMG client installed. You can directly see this as a layered service provider by opening msinfo32 and going to Components > Network > Protocol:
If you run netsh winsock reset you end up removing any LSPs that are not part of the Windows-Out-Of-The-Box installation. If your LSP application is self-aware, like in the case of the MS FWC or TMG client, you might notice a warning of some type:
This is a sign you need to run a repair or reinstall your LSP application (in this case, a repair of the FWC\TMG client is enough to fix and put the LSPs back in place).
The irony is that, if running netsh winsock reset resolved whatever mysterious networking issue you encountered, then you might have isolated the cause of the issue to a problem with the LSP application. I encountered this myself way back in my first blog post of the The Case of the Random Internet Explorer Crashes.
Posted in Troubleshooting | Tagged: Networking | 2 Comments »
Posted by William Diaz on November 1, 2011
Account locks normally are not a big deal to troubleshoot. Often times it is a user typing in an incorrect password to the account they are trying to logon to too many times. Other times, it is being caused by expired or incorrect cached credentials being used to authenticate to some network resource. In the latter case, this is a simple matter of going onto the workstation that has been identified as one locking the account and removing the cached credentials.
In Windows XP, this can be done by going to Start > Settings > Control Panel > User Accounts > Advanced (or Manage Passwords for non-admins) > Advanced > Manage Passwords. Alternatively, you can just use the control userpasswords2 command.
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking, Printing, TCPView | Leave a Comment »
Posted by William Diaz on October 14, 2011
Our Production ISAs’ have an added cloud-based layer of security to protect our network from malicious web content. Every now and then, though, we run into false-positives. Some of these are:
Intentionally Corrupts Downloads
The Case Of The Corrupt Download & The Case of the Zip File That Wouldn’t Open
Stops web pages from loading by preventing the execution of legitimate scripts: Read the rest of this entry »
Posted in Troubleshooting | Tagged: IE, Networking, Security | Leave a Comment »
Posted by William Diaz on August 23, 2011
The following error was being reported while internal users were trying to install the latest Flash Player from Adobe: “Internal error… ABORT: Certificate authentication failed, please re-install to correct the problem. (/0)”
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking, Process Monitor | 5 Comments »
Posted by William Diaz on July 1, 2011
This case demonstrates the importance of understanding basic networking components in Windows and how they work in an environment that sits behind a proxy. The methods used to uncover the culprit did not involve a detailed analysis of network traffic or using any utilities or tools that do not already come with Windows. In fact, because this was time sensitive and I was not afforded the luxury of troubleshooting afterhours, I could not rely on any of the various tools I turn to, like Process Monitor, crash dumps, or Network Monitor. Previous troubleshooting steps taken before it got me involved timely uninstall and reinstall of the Java client, an IE Reset, and upgrading from IE 7 to IE 8, all to no avail and creating irate user syndrome.
To start my analysis, I used Process Explorer to easily see which processes were involved in starting the problem application (Task Manager makes it difficult to quickly see which processes are starting and stopping). An Internet Explorer shortcut to a login page actually initiates the launching of the stock trading application, and, after logging in, two processes are spawned, javaws.exe and javaw.exe:
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking | Leave a Comment »
Posted by William Diaz on May 4, 2011
Every now and then I use Word 2010 to blog. I recently ran into an issue where I could no longer post to my SharePoint blog at work from my workstation and the error was rather generic, not alluding to anything: “Word cannot publish this post. The provider where you are trying to publish is unavailable…”
This was odd because previously blogs posted normally. Additionally, I was able to post to my Word Press blog on the Internet and a different internal blog. To see what was happening, I turned to Process Monitor and set a filter for winword.exe. There was nothing unusual with the file and registry activity. However, network activity stood out:
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Blogging, Networking, Process Monitor, Word | Leave a Comment »
Posted by William Diaz on February 14, 2011
If you enable “Show icon in the notification area when connected” for your LAN or other network device, a small icon will blink on and off in the system tray, which gives you a simple visual indication of network activity.
One day I noticed that this icon was solid … always. I double-clicked on the icon to see the number of packets passing to and from the Local Area Connection. Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking | 2 Comments »
Posted by William Diaz on February 10, 2011
Among the various types of operations Process Monitor traces, TCP/UDP activity is often overlooked. If you want to examine packets, Process Monitor is not going to do it for you. But it can sometimes present some important clues to a problem and point you in the right direction.
In the case here, our user was not able to get our in-house chat program to go online. You can usually force this by selecting the “List” button, but after several seconds of “Loading…” it would go back to offline. In hopes of finding something revealing, I opened Process Monitor from our lab and set a filter for the executable of the chat program. There were only a dozen operations but the ones that stood out were the last 5 UDP Send operations.
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking, Process Monitor | Leave a Comment »
Posted by William Diaz on January 27, 2011
I was asked to troubleshoot a user’s connectivity issues with AIM. I am not too enthusiastic about anything AOL related but I would look anyway. One of the things I wanted to do was see if AIM had some internal network logging built into it. Starting with version 7.5.8.2 there is an option that resides under Settings > Connection that enables diagnostic network logging. Read the rest of this entry »
Posted in Uncategorized | Tagged: Networking, Security | Leave a Comment »
Posted by William Diaz on December 8, 2010
While trying to extract the SysInternal PSTools.zip, I was running into the following error: “The Compressed (zipped) Folder is invalid or corrupted.”
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Networking, Process Monitor | 1 Comment »
