Network Audit and Documentation, CENTREL Solutions Blog

Automate your Network Audit and Documentation We have been testing Windows Server 2012 for a few weeks now and the latest version of the Microsoft Operating system has become a bit of a talking point especially around the new Metro interface. Let me be clear, this is my own personal opinion however it seems to be reflected in the forums such as here in the thread  New Start menu is slowing me down in Server 8 There are some nice features included too. I thought I'd list my feelings so far on the latest UI It looks like Windows 3.11 on high contrast You can now copy the full path of a file from the Ribbon Microsoft are sending mixed messages by on one hand stating that we should be using Server core and no user interface but then sending a conflicting message of asking us to use a mobile device user interface to manage servers. Microsoft seem to have doubled back and started saying we should be using Remote Tools rather than RDP as the primary met

With the new XIA Configuration Server 4.2 it is now possible to document SQL server 2012 instances and databases. The same level of detail continues as with previous version of XIA Configuration and SQL database instances. General Server Information Name Product Product Level (e.g. SP3) Edition Host Operating System Platform Version Version Name Language Processors Root Directory Server Collation Is Clustered Use AWE to Allocate Memory Minimum Server Memory Maximum Server Memory Index Creation Memory Minimum Memory Per Query Maximum Worker Threads Default Index Fill Factor Default Backup Media Retention Default Data Location Default Log Location Boost SQL Server Priority Allow Triggers to Fire Others Cursor Threshold Default Full-Text Language Default Language Max Text Replication Size Scan for Startup Procs Two Digit Year Cutoff Network Packet Size Remote Login Timeout Cost Threshold for Parallelism Locks Max Degree of Parallelism Security

XIA Configuration has been tested against the release client of Windows Server 2012 XIA Configuration is able to automatically document, audit and inventory your physical and virtualised Microsoft Windows based servers and workstations. Detect changes to a server's networking or services, expose incorrectly configured servers or security vulnerabilities easily with XIA Configuration. All of XIA Configuration's features are supported when documenting Windows, including version control, production of PDF reports, change tracking and XML output. http://www.centrel-solutions.com/XIAConfiguration/capabilities.aspx?capability=WindowsMachine

Windows Server Security Audit Software Update The new version of XIA Configuration Server version 4.2 it is now possible to obtain a more detailed security audit of your Windows servers and workstations. The new version includes Improved documentation of local user accounts Local account lockout policies Local password policies Local Security Options Continued support for user rights assignment Full list of Windows Local Security Options Documented Accounts: Limit local account use of blank passwords to console logon only Accounts: Rename administrator account Accounts: Rename guest account Audit: Audit the access of global system objects Audit: Audit the use of Backup and Restore privilege Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Audit: Shut down system immediately if unable to log security audits DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syn

XIA Links is our application launcher product used to simplify desktop shortcut management on networks. We've found the product very popular in both the education and private sector especially when replacing Novell Application Launcher. XIA Links resolves some of the traditional issues with desktop icons and the start menu in Windows in a networked environment Target applications based on user, group or computer Support for multiple installation locations (for example whereby Microsoft Office maybe installed on the C: or D: drive) Hide shortcuts applications that are not installed on the local machine For more information please see the following site XIA Links Application Launcher

XIA Configuration can now document the local account policies similar to what you would see in the Local Security Policy MMC. This includes both the effective password policy and account lockout policy for a given machine. These settings can be configured locally or through a domain based group policy object (GPO). This can be useful in tracking security vulnerabilities on network servers. Information includes Enforce password history Maximum password age Minimum password age Minimum password length Account lockout duration Account lockout threshold Account lockout reset duration For more information see the Windows machine agent capability on the XIA Configuration web site http://www.centrel-solutions.com/XIAConfiguration/capabilities.aspx?capability=WindowsMachine

Automate your network audit and documentation When trying to use the Request.Browser.IsMobileDevice property in ASP.NET you may be disappointed to see it return false even when using a mobile device such as an iPhone. This is because ASP.NET relies on browser definition files (with an extension of .Browser) such as iPhone.browser to detect the capabilities of a remote browser. Though there are a number of more advanced solutions than Browser definition files they are still useful in simple situations. Codeplex has an update of the browser definition files that came with ASP.NET 4 however these do not include a browser definition file for Android devices. http://aspnet.codeplex.com/releases/view/41420 The following should provide some help - just save to the App_Browsers directory as Android.browser. The following is the output from some ASP.NET sample code Is Mobile Device: True Browser: Android Browser: ID android Browser: Version 4.0.4 < browsers >  

Local groups on remote Windows Servers pose a particular problem for centralising the administration and security on Windows networks. XIA Configuration allows you to remotely audit the local user and groups of remote machines allowing you a simple user interface to view Which user accounts are local administrators of servers and workstations Group Membership Renamed Administrator accounts Renamed Administrator groups Guest account status Showing details of local group membership Showing details of local users

When using .NET 3.5 or earlier you find that you can detect a mobile browser using the following property. However when using new devices such as iPhones the value always returns false. HttpContext .Current.Request.Browser.IsMobileDevice This is because this version of the .NET framework is not aware of new devices such as iPhones For this property to be correctly detected you need to download the browser definition files from CodePlex and place them in the app_browsers directory http://aspnet.codeplex.com/releases/view/41420 The IsMobileDevice should now return the correct value.

Network Audit and Documentation     Sometimes we forget about some of Microsoft's very annoying "helpful" additions. This is one I just got stuck on when trying to access a UNC share you are constantly prompted for a username and password. When you try to map a network drive you receive the following error System error 86 has occurred. The specified network password is not correct. After a while of trying to remember what this meant, I realise this is the following option in Folder Options. Use simple file sharing (Recommended) I'll add this to the ever so painful "Desktop Cleanup Wizard" and the forthcoming Metro user interface.

Several of our customers have been asking for the ability to document and audit their DHCP server configuration including Server Configuration Scopes Reservations Exclusions Server Options Dynamic DNS Settings We're pleased to say that this capability is now built into XIA Configuration version 4.2. One important aspect of this DHCP server agent is to be able to track changes made to the DHCP server configuration. In the screenshot below a DHCP server has been reconfigured at the server option level  The 003 Router  option has been added  The 006 DNS Servers option has been changed with a new DNS server IP address For more information on the new DHCP server agent please see the following site http://www.centrel-solutions.com/XIAConfiguration/capabilities.aspx?capability=DHCPServer