Monthly Archives: June 2012

Portquery and Port Reporter

Port Query is a tool to display the status of TCP and UDP ports.

It is useful when troubleshoot TCP/IP connectivity and security, return LDAP base query info, SMTP, POP3, IMAP4 status, enumerate SQL Server instances (UDP port 1434), Local ports, local services running (and the DLL modules loaded by each).

Command line mode:
portqry -n name_to_query [-p protocol]
[-e | -r | -o endpoint(s)]
[other options]

Command line mode options:
-n [name_to_query]   IP address or name of system to query
-p [protocol]        TCP or UDP or BOTH (default is TCP)

-e [endpoint]        Single Port to query (valid range: 1-65535)
-r [end point range] Range of ports to query (start:end)
-o [end point order] Range of ports to query in an order (x,y,z)

-l [logfile]  Output a log file
-y            Overwrite existing log file without prompting

Initial source port to use for query
-sl    ‘slow link delay’ Wait longer for UDP replies from remote systems
-nr     By-pass default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn     Specify SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q      ‘Quiet’ operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered

Local Mode:
Local Mode gives detailed data on local system’s ports

portqry -local [-wt seconds] [-l logfile] [-v]
portqry -wpid pid [-wt seconds] [-l logfile] [-v]
portqry -wport port [-wt seconds] [-l logfile] [-v]

Local mode options:
-local   Enumerate local port usage, port to process mapping,
service port usage, and list loaded modules

-wport [port_number]  Watch the specified port
report when the port’s connection status changes

-wpid [process_ID]    Watch the specified process ID (PID)
report when the PID’s connection status changes
-wt [seconds]   Watch time option
specify how often to check for status changes
valid range: 1 – 1200 seconds (default = 60 secs)

-l [logfile]  Log file to create

-v            Verbose output

Interactive Mode:
An alternative to command line mode

portqry -i [-options]

portqry -n MailServer -p tcp -e 25
portqry -n LDAPserver -p udp -e 389

More read from

Port Reporter – This is a service that can capture port information and give nice statistics.

More read from

Installing and configuring HA Proxy on Ubuntu

Installing and configuring HA Proxy on Ubuntu

Install HA Proxy using folowing command
sudo apt-get install haproxy

Save the original configuration as backup
cp -R /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bkp

And edit the configuration file using your favourite editor
sudo vi /etc/haproxy/haproxy.cfg

maxconn 4096
user haproxy
group haproxy
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
listen webcluster *:80
mode http
stats enable
stats auth us3r:passw0rd
balance roundrobin
option httpchk HEAD / HTTP/1.0
option forwardfor
cookie LSW_WEB insert
option httpclose
server websvr1 10.1.1..10:80 cookie LSW_websvr1 check
server websvr2 10.1.1..11:80 cookie LSW_websvr2 check
server websvr3 10.1.1..12:80 cookie LSW_websvr3 check
server websvr4 10.1.1..13:80 cookie LSW_websvr4 check

startup parameter for HAProxy set enabled as 1
sudo vi /etc/default/haproxy

# Set ENABLED to 1 if you want the init script to start haproxy.

sudo /etc/init.d/haproxy start

For enables HAProxy’s statistics interface which you can access by browsing to your HA proxy’s ip http://haproxy’s IP/haproxy?stats login with the username and password(stats auth us3r:passw0rd)

When you see load balancers ip in apache web servers logs and want to change with origins

Edit apache configuration file
vi/etc/apache2/apache2.conf  and replace logformat
#LogFormat “%h %l %u %t \”%r\” %>s %O \”%{Referer}i\” \”%{User-Agent}i\”” combined
LogFormat “%{X-Forwarded-For}i %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined

And restart your apache
apachectl -k restart

Using with keepalived for real scenario
Up to this stage we have only one proxy server and it was used with round robin DNS,now we are changing one proxy with multiple proxy load balancers.

For that we need to install another package called keepalived
sudo apt-get install keepalived

edit sysctl.conf
sudo vim /etc/sysctl.conf
# Allow HAProxy to bind to external address

and update sysctl using command
sudo sysctl -P

Now create keepalived configuration files on proxies
sudo vim /etc/keepalived/keepalived.conf
vrrp_script chk_haproxy { # Requires keepalived-1.1.13
script “killall -0 haproxy” # cheaper than pidof
interval 2 # check every 2 seconds
weight 2 # add 2 points of prio if OK

vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 101 # 101 on master, 100 on backup
virtual_ipaddress {
track_script {

Start up keepalived
sudo /etc/init.d/keepalived start

Note : Here we can change our web server listening ip with virtual ip( the haproxy.cfg

listen webcluster

And finally stop and start your HA proxy and test it switch over is working
sudo /etc/init.d/haproxy stop
sudo /etc/init.d/haproxy start

Graceful restart and restart

Normal restart
During a normal restart, the server is stopped and then started which means the parent causes it to immediately attempt to kill off all of its children. It may take it several seconds to complete killing off its children. Then the parent itself exits.

for apache web server
apachectl -k stop/restart

Graceful Restart
Graceful signal causes the parent process to advise the children to exit after their current request
Then parent re-reads its configuration files and re-opens its log files.When each child dies off the parent replaces it with a new child and serving new requests immediately.

eg. for a graceful restart in apache web server
apachectl -k graceful

adobe reader 9 -10 without restarting or silent install

Adobe Reader 9 and 10 installations required a restart after the installation on windows servers.So how we can avoid restarting while installing.

Below command will install Adobe Reader 9 silently, suppressing the restart, accepting the end user license agreement and suppressing the launch of adobe reader 9 once complete

For Adobe 9
AdbeRdr90_en_US_Std.exe /sAll /rs /l /msi”/qb-! /norestart ALLUSERS=1 EULA_ACCEPT=YES SUPPRESS_APP_LAUNCH=YES”

For Adobe10
AdbeRdr_1000_en_US.exe /sAll /msi /norestart ALLUSERS=1 EULA_ACCEPT=YES

Command Line Switches  for Reader from provider:
/sAll Silent Mode for product
/sPB Silent Mode with Progress Bar for product
/rs Reboot Suppress
/rps Reboot Prompt Suppress
/ini “PATH” Alternative initialization file
/sl “LANG_ID” Set Language; LANG_ID – Code in decimal digits
/l Enable Error Logging.  Log file Bootstrap.log will be generated in temp directory
/msi[Command line] Parameters for MSIEXEC

AdobeReaderInstallFile.exe /sAll /rs /l /msi “/qb-! /norestart ALLUSERS=1 EULA_ACCEPT=YES SUPPRESS_APP_LAUNCH=YES”

AD snapshot from windows 2008

AD snapshot from windows 2008
There is a new feature from windows 2008 for backup is AD snapshot(VSS- volume shadow copy service allow to take a snapshot of AD backup).

How to take AD snapshot
Start > CMD > ntdsutil and type snapshot from ntdsutil
ntdsutil: snapshot
snapshot: active instance ntds
snapshot: create

this wll create snapshot and quit from there
snapshot: quit
ntdsutil: quit

And now our AD backup is ready.So next we need to mount the snapshot to access

again go to ntdsutil
ntdsutil: snapshot
snapshot: list all

this will list all the available snapshots,select the right one

snapshot: mount(which is the one you want choose) and quit

snapshot: quit
ntdsutil: quit

Once snapshot is mounted quit from ntdsutil use dsamain command to bind with ldap(different port)

dsamain –dbpath c:\$SNAP_name_VOLUMEC$\WINDOWS\NTDS\ntds.dit –ldapport 10389(what ever the port you want)

Now the data is ready to access using LDAP

Start > Administrative Tools > Active Directory Users and Computers > Change Domain Controller > Type Directory Server name [:port]

Split your page file among multiple drives

Generally,you should set the size of the paging file size as system RAM plus 12 MB and you still get low memory warnings increase to 1.5 X RAM(default setting).
if your machine is running disk and memory intensive applications like SQL Server then you may want to increase the initial pagefile size to 2 x RAM or even larger for better performance you can split into multiple disks or create multiple pagefiles on same volume.

Registry settings
c:\pagefile1\pagefile.sys lowerlimit upperlimit
c:\pagefile2\pagefile.sys lowerlimit upperlimit


c:\pagefile1\pagefile.sys lowerlimit upperlimit
d:\pagefile2\pagefile.sys lowerlimit upperlimit
e:\pagefile3\Pagefile.sys lowerlimit upperlimit


What is a Browser Add-On

Browser add-ons or plug-ins are add features(software which enhances another application) to the web browser.

For example you want feature in your browser backup and synchronize favorites accross other computers use a free add-on xmarks from

Where i can see the add-on?
In Internet explorer from Tools > Manage add-on can see the enabled/disabled add-ons

Some times add-ons cause problems to load the internet explorer or some times it will hang.For such conditions you can disable the add-ons which causing problems.
when you are not able to move to tools while IE hungs try to open from run window using command inetcpl.cpl it will open the window.

For mozilla add/remove add-ons from tools add-on.
For Chrome click on settings and then extensions.

Ad-on Galery site for Internet Explorer

Read more about IE Add-on from

RPC Server is unavailable when try to RDP

What is RPC sever.
Remote Procedure Call is a interface provided by an application or service which allows a
remote computer connect and run.

RPC Server is unavailable when try to RDP
Try putting this registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

IgnoreRegUserConfigErrors =Dword:1

Troubleshooting RPC

%d bloggers like this: