Archive for June, 2010

Kaspersky Anti Virus Policy Not Enforced…….

Thursday, June 24th, 2010

Following the renewal of our Kaspersky anti virus products for another 12 months, the friendly sales person was also kind enough to point out that the license entitled us to upgrade to the lat[er|est] version, and that the new version supported Windows 7.

Sold !

We were previously running Administration Kit version 6 (6.0.1710) and were pushing out Anti Virus 6 for Workstation (6.0.3.837) to Vista desktops. That particular version of the client would not work under Windows 7, it would cause an exception and the process/service would shutdown (Windows kept going though, well done MS).

During a period of performance issues experienced last year, I had to dial back most of the Kaspersky features and functionality under Vista. The ‘Web Protect’ component increased some page load times to well over a minute if there were a lot of links on a page. And the ‘Proactive Defense’ component (which watches and protects the registry) would fire up so many alerts that just launching any approved application would result in so many popup alerts it resembled one of those naughty web sites with boobs all over them that hi-jack your screen with popups !

So all the components of the Anti Virus application were installed, but the Kaspersky policies were used to deactivate the bits causing problems. The only components left enabled were the ‘File Anti-Virus’ and the ‘Anti-Spy’ features. All the others components were unchecked.

I decided to create a new server instance and install the updated version cleanly onto it rather than upgrade the in place install. This gave me the luxury of migrating computers across to the new version in a more relaxed manner, and also leaving behind any bugs/isssues with the existing version on the old server.

So the new versions now in play are Administration Kit 8 (8.0.2090) and Anti Virus 6 for Workstation MP4 (6.0.4.1424). I have no idea what the MP4 stands for (if anything).

This time, I decided to save time and resources, I would only install the anti virus package components we wished to use, namely file and spyware scanning. So I attempted to modify the package as shown below

av package components

However, it became apparent that when the application was pushed out to the client something was not quite right. No matter what I tried, the policy for the workstation was not being applied. I tried removing and re-installing the AV client, but it did not change anything. Many google searches later did not return anything definative or useful (hence my writing this blog post, maybe someone else also tried to save a bit of disk space and found that their policies no longer worked !?!?).

So I went back to defaults and put all the components back into the package and re-deployed to the workstation. This had the effect that the policy was now being detected and applied to the workstation ?!? So now I just go in and modify the policy to deatcivate the protection components I am not using as per the previous version.

av component configuration

Happy to report that the new MP4 version of the AV client works fine under Windows 7 for both x64 and x86 bit, as well as Vista. CPU and memory utilisation would appear to be greatly reduced (the avp.exe process on my workstation is using a little under 17MB).

I am a little miffed that I had to install all the package components onto the workstation in order for policies to work (especially as I then just use those policies to deactivate over 75% of the products features !).

In summary, if you are having trouble with Kaspersky policies not being applied to AV workstation clients, check to see if you removed any of the components from the deployment package, it may be a factor.

Tags: ,
Posted in anti virus, kaspersky | 1 Comment »

Powershell Log File Zipper…….

Wednesday, June 23rd, 2010

Another annoying repetitive task automated ! Ahhhhhhh :o)

The log files for our IIS servers build up over a couple of months and consume disk space to the point of becoming an issue. I had been manually logging on and creating a .zip file for each month and then dragging the individual files into the zip file.

Tedious and repetitive, just the sort of thing scripting was made for. Typicaly my scripts for Windows are in vbscript, but this time I decided it was time to look at powershell.

The logic was simple enough. First create a zip file for the previous month. The logfile names are in the format ‘u_ex.log’ where mm is the numerical month. I needed to get the current month, subtract one (compressing previous months logs) and then move any file with a mm figure that matched into the .zip file.

I found this article for creating the actual zip file itself. Then is was just a case of setting the paths and looping through each file in the directory (get-childitem makes this a breeze).

Debugging the script was a bit of a pain in the arse using the built in Windows tools, so I downloaded and installed PowerShell GUI from here. It’s still a work in progress in some respects, the built in intellisense isn’t 100% there just yet, but it does allow you to step through code and what the vaule of your variables and figure out what is happening.

Once I had the script working of the command line, it was just a case of scheduling the job to run on the 1st day of each month recurring. However, this proved to be almost as big a task as the script itself.

For some reason, running powershell.exe and passing the script to it as an argument, ever using the full -command “$ syntax failed to execute the script. In the end I had to create a batch/.cmd file and place the powershell command in there and schedule the batch file to run instead.

My only gripe is that the command to move the file into the zip file is asynchronus so I had to include a sleep/wait period to give the file time to be compressed before being moved into the .zip file. That being said, there will never be more the x31 files, and allowing x2 mins for each file to compress (extremely generous) means the script should never take more than x1 hour to complete, so as long as I run it during a quiet period it should not impact anything else.

I eagerly await the 1st of July to see if the scheduled job kicks in automatically on the live evironment……:o/


#declare functions here
function new-zipfile {
param ($zipfile)
if (! $zipfile.endswith(‘.zip’)) {$zipfile += ‘.zip’}
set-content $zipfile (“PK” + [char]5 + [char]6 + (“$([char]0)” * 18))
(dir $zipfile).IsReadOnly = $false
}

#define variables here
#some strings and numbers we will need
$thismonthint = get-date -f “MM”
$prevmonthint = (get-date).addmonths(-1).tostring(“MM”)

$thismonthstr = get-date -f “MMM”
$prevmonthstr = (get-date).addmonths(-1).tostring(“MMM”)

$thisyearlongint = get-date -f “yyyy”
$thisyearshortint = get-date -f “yy”

$thislogdir = ‘C:\weblogs\’
$thiszipfile = $thislogdir + $prevmonthstr + $thisyearlongint + ‘.zip’
$zipexists = test-path $thiszipfile

#start program here
#first pass, check for .zip files of previous months. if exists exit. if not exist, create empty .zip file
if (! $zipexists)
{
echo ‘zip file does not exist, creating zip file’
new-zipfile $thiszipfile
}
else
{
return
}

# move all log files where the month number matches the month number of the .zip file
# Jan = 01, Feb = 02, Mar =03 etc. etc.

foreach ($file in Get-ChildItem $thislogdir)
{
# exclude the .zip files already in the directory (just in case we get a random month match in their filename
if (! $file.name.endswith(“.zip”))
{
# if the
if ($file.Name.substring(6,2) -match $prevmonthint)
{
$zipfile = (New-Object -ComObject shell.application).NameSpace($thiszipfile)
$zipfile.MoveHere($file.fullname)
Start-Sleep -Seconds 120
}
}
}

squish !!

Tags: ,
Posted in IIS, powershell, windows | No Comments »

Happy Birthday Stuface Part II…….

Monday, June 14th, 2010

Well wasn’t that a knock about of fun. The pics tell the whole story, but to any members of staff of the unamed department store get into any trouble over this we are truely sorry, but leaving us a whole alphabet to play with was rather asking for it dontcha think ?

Nuff Said !

Cool Colours

Bunny

Mutilated Bunny

Tags: ,
Posted in birthdays, friends, meh ! | No Comments »

Happy Birthday Stuface !!!…….

Thursday, June 10th, 2010

Ahhhhh, another year older eh ! Yep, Stuface has managed to put another 12 months on his clock.

I won’t bother saying “I hope you have a nice day” as I know he is far too busy doing things arty to even notice the day going on, and yes I realise this is the same photo from last year, but I’ll get some new pics on Saturday and replace them then.

Stuface, Happy Birthday Dude !! :oD

stu's birthday (repeat !)

Tags: ,
Posted in birthdays, friends | No Comments »

.NET4 Framework Install Lacks MVC

Saturday, June 5th, 2010

I just upgraded all our Windows web servers to .NET4 to keep up with the Jones and take advantage of new features and capabilities that it pertains to offer. Soon after we discovered that the bare bones framework installation lacks some of the features that our developers make use of, in this case MVC.

Our developers and anyone who touches the web solution in any shape or form (including myself) all have the full blow installation of Visual Studio 2010 installed, which comes with everything and the kitchen sink (this was a seriously long list of components on the install list) so when they run against their local IIS instances all the VS bits are in place and it works.

However, the .NET4 framework install for Server 2008 does not include all the bells and whistles of Visual Studio 2010 and so we found some bits seemed to be *missing* when we deployed the solution, specifically MVC/MVC2 associated binaries.

More verbose details can be found here after one of our developers figured out how to make the missing bits copy to the web servers as part of the deployment.

Huge thanks to Colin :o)

Tags: ,
Posted in IIS, visual studio, windows | No Comments »