Alexander’s Blog

In earlier versions of Windows, TCP/IP was a separate optional component that could be removed or added like any other protocol. In Windows XP/2003, TCP/IP is a core component of the operating system that cannot be removed. Especially on a Windows Server 2003, TCP/IP functionally is critical for network operations and Active Directory domain environment. The entire Active Directory architecture is based on DNS hierarchy, which relies on TCP/IP.

There are situations where one may encounter a corrupt TCP/IP stack. Although rare, this situation causes a major problem because you can’t remove and reinstall TCP/IP anymore. So what’s the solution? Re-installing the operating system? Well, that’s one option. Another option is to reset TCP/IP to the default state at the time when the operating system was installed. You can use the NetShell (netsh.exe) utility to reset TCP/IP. This document describes how you can use the NetShell utility to reset TCP/IP on Windows XP and Windows Server 2003. When you reset TCP/IP, it will rewrite all the important keys in the registry which has the effect of removing and reinstalling the entire TCP/IP stack.

Resetting TCP/IP
The NetShell utility is a command line tool (netsh.exe) that allows you to monitor and configure networking components on Windows XP/2003. To run this tool, go to the command prompt and type netsh. To display a list of commands that are available, type help, or simply type a question mark “?”.

C:\>netsh
netsh>?

To view help for a command, type the command, followed by a space, and then
type ?.

Tip: You can use abbreviations, or just the beginning part of a command instead of typing the entire command. For example, you can type int for interface, h for help, and either q or b to exit the program. If you want to go one level up in the path, type “..” without the quotes. You can also type the entire command without going into the individual contexts of netsh.

To reset TCP/IP, type the following at the command prompt.

netsh interface ip reset logfile_name

Where logfile_name is the name of a log file in the current directory, e.g. resetlog.txt. You can also create a log file in a different folder if you provide the full path.

When you reset TCP/IP, the two areas of registry that are affected include:

SYSTEM\CurrentControlSet\Services\DHCP\Parameters\
SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

For a sample Windows XP TCP/IP reset log, check out resetlog.txt. If you notice that your log is empty, it could be because the TCP/IP entries on your computer have not been changed since the default installation.

According to an online survey of 1,200 corporate end users in the US, Germany and Japan, most corporate users are rather complacent about the risk of viruses, phishing, spam and spyware because they tend to depend on their IT department to take care of the security issues.

The survey said that 39% corporate users believe that the IT department will prevent them from outside security threats so they tend to have an attitude that they are relatively safe to take risks and can surf the Web in ways that they perhaps won’t at home. In U.S. 40% of workers said that they are more likely to open suspicious e-mail or click on links that they normally won’t at home. The assumption is that the IT would have already taken precautions so they can’t really do much harm. And if they did, IT can always come to the rescue.

Obviously, this is bad news for the companies and one more reason to tighten all-around security on the network with Group Policies and other methods to protect your organization from security disasters. The study that I mentioned above was conducted in July by IT security firm Trend Micro.

More info…

With Apple’s release of Mac OS X Tiger 10.4 users discovered the first security issue that effected the Apple portion of the operating system directly. The security issue has to do with the ability to automatically install Widgets when a user accessed a Web site.

Apple fixed the problem with Mac OS X Tiger 10.4.1 so now if you download a Widget you will be asked if you want to download the Widget. The idea being that you won’t be installing Widgets unknowingly in the background. If you are running Tiger OS X make sure you have the latest version which is 10.4.2. The 10.4.2 Update delivers overall improved reliability for Mac OS X 10.4 and is recommended for all users. It includes fixes for:

1. File sharing using AFP and SMB/CIFS network file services
2. Single sign-on authentication and reliable access to LDAP and Active Directory servers
3. Autologin for managed user accounts
4. AirPort and wireless access
5. Core Graphics, Core Audio, Core Image, including updated ATI and NVIDIA graphics drivers
6. Finder updates including finding on Kind and using Slideshow
7. Synchronization with .Mac
8. Managing Dashboard widgets and for Address Book, Flight Tracker, Phone Book, and World Clock widgets
9. Address Book, Automator, iCal, iChat, Font Book, Mail, Preview, Safari and Stickies applications
10. Creating and burning disk images using Disk Utility
11. Installation reliability
12. Compatibility with third-party applications and devices

For detailed information on this update, click here. For detailed information on Security Updates, please click here.

MacScan (currently in beta) is the world’s first remote administration software detection title for the Macintosh. Using advanced detection methods MacScan can detect, isolate and remove the program which could allow remote administration and violate security.

Anti-virus software does not commonly protect you from spyware. Many remote administration programs used by hackers to gain remote access to your computer, often goes undetected. Keystroke loggers have been undetected for years.

MacScan detects, isolates, and removes as well as notifing you of any remote administration applications that may be active. MacScan also audits and protects your system from spyware programs such as keystroke recorders.

MacScan 2.0 Beta for Mac OS X is available for download, this time limited beta can be downloaded and has been tested for Mac OS X 10.2+.

Have you looked at the new iPod from Apple? With 2GB (500 songs) models for $199 and 4GB (1,000 songs) models for $249, the new iPod nano is pencil-thin. Check out some other cool features.

- It holds up to three days’ worth of music.
- It plays for up to 14 hours between battery charges.
- It carries your photos, podcasts and audiobooks.
- It syncs seamlessly with iTunes.

You could wear it aroung your neck (headphones cost $39), or jog around with 1000 songs on your arm (Armband costs $29). To check out other accessories. click here.