Tochukwu Okoroafor and
PowerMe! are now friends 3 months ago
PowerMe! replied to the topic Unresponsive PowerShell in WIndows Server 2022 in
PowerShell Forum 6 months ago
Thanks Surender.
I thought it was a profile issue and tried that earlier- no help.
I even added Windows PowerShell to the exclusion in defender, no help.
Its a lab machine where I had my Hyper-v server – I could refresh it but wanted to know the issue in case it affects a production server.
PowerMe! started the topic Unresponsive PowerShell in WIndows Server 2022 in
PowerShell Forum 6 months, 1 week ago
Hi all,
I have a strange issue with PowerShell. All forms of access take a long time (~5 min) to load. The window stays in a partially open state as in the screenshot.
- PowerShell 5.1, 7
- PowershelISE
- PowerShell launched from the CLI
I tried to remove it from Server Manager and restart. I wonder how to troubleshoot this.
Thanks Wolfgang for the note.
1)
I liked Windows Admin Center as it gives everything on the same platform. A quick and nice way to monitor updates on a remote machine, RDP, PS-remote-ing and also SMB. It uses TLS too. Windows Admin Center seems to have a module (to be subscribed) for accessing Windows servers on Azure.
2)
With the rise of Ransomware, RDP and PowerShell based remote-ing is always under scrutiny by security teams.
3)
Anyone have successfully implemented a 2FA with the RDP? I would be interested in that. I tried a 2FA using JumpCloud that was not possible, although it worked perfect on the host’s terminal. Absence of an MFA option in the Windows machines scares me most. Sometime I wonder why Microsoft is ignoring that.PowerMe! liked the comment of Wolfgang Sommergut (Rank 3) on Different ways of gaining remote computer access. (So far, Wolfgang Sommergut (Rank 3) has 1 likes for this comment) 6 months, 1 week ago
Thanks Bo for the info about Cygwin- I never realized that as I always used linux too. Thanks for the reference too. Now there you go- if we are using the tool from Cygwin (unix-like) why not use a dedicated linux host.
In my experience, adding troubleshooting-tools to a production server (may be a bit our of scope. for our discussion) should be a last resort. The problem is that if you are using a buggy piece of software or forgot one that has acquired a vulnerability, you expose the production server to security risks. The only one I ever used was a portable wireshark and winpcap to troubleshoot LDAP authentication issues and to analyze packets that uses older protocols such as SMB1. But I remove them once the troubleshooting is done.
PowerMe! liked the comment of Bo Geitz (Rank 2) on Free network speed test tools. (So far, Bo Geitz (Rank 2) has 1 likes for this comment) 6 months, 3 weeks ago
PowerMe! liked the comment of Bo Geitz (Rank 2) on Free network speed test tools. (So far, Bo Geitz (Rank 2) has 1 likes for this comment) 6 months, 3 weeks ago
PowerMe! liked the comment of Surender Kumar (Rank 3) on Free network speed test tools. (So far, Surender Kumar (Rank 3) has 1 likes for this comment) 6 months, 3 weeks ago
Nice article.
1) When working on network servers, I tend not add any tools unless required. My favorite in windows was pathping where I was able to assess packet loss and latency in the different hops in the connectivity test. In one used case, it helped us identify packet loss in a BGP route that was affecting a VPN to a data center. With the path ping data we were able to convince the ISP to adopt a different route.
2) When troubleshooting network congestion, I normally create test VM / host with iperf to simulate the server-client traversing a switch or firewall.
3) Thanks for the tip about fast.com. It seems like with the settings button there one can configure it to use multiple servers.PowerMe! liked Free network speed test tools. (So far, This post has 1 likes) 6 months, 3 weeks ago
Surender Kumar and
PowerMe! are now friends 6 months, 3 weeks ago
PowerMe! liked the comment of Surender Kumar (Rank 3) on Enable two-factor authentication for SSH in Linux. (So far, Surender Kumar (Rank 3) has 1 likes for this comment) 6 months, 3 weeks ago
Ah makes sense. You are right that is not available with ciminstance!
I was reading, it appears they have removed get-wmiobject in powershell-6: https://docs.microsoft.com/en-us/powershell/scripting/whats-new/differences-from-windows-powershell?view=powershell-7.2#wmi-v1-cmdlets
I found a reference that used cim to achieve this, doing a Query – thought might be of interest:
https://powershell.one/wmi/root/cimv2/win32_networkadapterconfiguration-SetTcpipNetbios
win32_networkadapterconfiguration seems to be an interesting class for network config tweaking.
PowerMe! liked the comment of Surender Kumar (Rank 3) on SMB port number: Ports 445, 139, 138, and 137 explained. (So far, Surender Kumar (Rank 3) has 2 likes for this comment) 6 months, 3 weeks ago
PowerMe! liked the comment of Surender Kumar (Rank 3) on Set up a VPN server on Windows with SoftEther and connect clients. (So far, Surender Kumar (Rank 3) has 1 likes for this comment) 6 months, 3 weeks ago
Great discussion on SMB.
– If you deploy Windows Admin center it alerts hosts using SMB1.
– I then wrote an brief NMAP (https://nmap.org/nsedoc/scripts/smb-protocols.html) to map the SMB version of hosts in my network. It was amazing- there were old linux servers people forgot running SMB1!
– Then I wrote a powershell script, similar to what you have shown, to change the SMB version on the windows hosts and we had people fix the linux ones.
>>> Careful though running NMAP in a network – it is always advisable to get approval from the security team!PowerMe! liked The SMB protocol: All you need to know. (So far, This post has 8 likes) 6 months, 3 weeks ago
Very nice article! The netbios ports (137-139) are scary I manually turn them off on firewall. But this is cool.
Just to share my favorite gcim (or Get-CimInstance) over Get-WmiObject. Its been a few years I am away from powershell but I remember there was a recommendation on using gcim over get-wmiobject. I think it was a security concern related to get-wmiobject (TCP 135). Here is a nice short artcile: https://devblogs.microsoft.com/scripting/using-the-powershell-cim-cmdlets-for-fun-and-profit/. Gcim also formats outputs nicely, e.g., try $adapters = (Gcim Win32_NetworkAdapterConfiguration | where {$_.IPEnabled -ne $true}) ; $adapters, I set it to “-ne ” as you probably have nbt turned off.
PowerMe! liked SMB port number: Ports 445, 139, 138, and 137 explained. (So far, This post has 3 likes) 6 months, 3 weeks ago
- Load More