DID YOU KNOW : Advanced Search in Microsoft Explorer

I was trying to search for some files on my laptop today and wanted to filter the search for filed modified in the last few weeks. Like, show me all files that contain the word “American” and modified in the last 2 weeks. Doing this on a Linux machine would have been a simple filter using find. But this is Microsoft :).

Thanks to some Googling, I ran across something called “Advanced Query Syntax” that is a core part of Microsoft’ ecosystem (OS, Office etc).

So the same search ended up being

American datemodified:this month

There are a lot of cool ways you can filter your queries using the other keywords in AQS.

HOW TO : count lines in windows command line

Say you are using netstat to checl all established network connections on a windows machine (confirmed to work on windows 7+ and windows server 2008+) and want to find out how many connections you have, you can use

netstat -an | find "ESTABLISHED" | find /v /c ""

breaking down the command string

netstat -an : Uses netstat command to display all connections and listening ports (-a) and displays them in numerical form instead of resolving DNS or using common names (-n)

| : piping (passing) output of one command to the next one

find “ESTABLISHED” : Uses find command to filter out to just lines that contain the string “ESTABLISHED”‘

find /c /v “” : exclude blank lines (/v “”) and count the number of remaining lines (/c)

If you wanted to something similar in linux, you can use

netstat -an | grep "ESTABLISHED" | wc -l

HOW TO : Parse IP Address in Windows Batch File

We had a recent challenge at work which required us to execute different actions based on which office a particular workstation was located in. Since we have unique network ranges per office, I thought this would be a good variable to use. Just for future reference, here is how we accomplished this in a batch file. The workstations were running Windows 7

[code]

@ECHO OFF

FOR /f "tokens=3" %%I IN (
‘netsh interface ip show address "Local Area Connection" ^| findstr "IP Address"’
) DO SET ipAddress=%%I

REM "Office 1"
IF NOT x%ipAddress:10.130=%==x%ipAddress% (
ECHO "Office 1" + %ipAddress%
ECHO "do_something_else" )

REM "Office 2"
IF NOT x%ipAddress:10.140=%==x%ipAddress% (
ECHO "Office 2" + %ipAddress%
ECHO "do_something_else" )

[/code]

Details of function used

  • netsh interface ip show address “Local Area Connection” : With this command we are extracting the IP information of just the LAN port
  • findstr “IP Address” : returns the line containing “IP Address”
  • IF NOTĀ x%ipAddress:10.130=%==x%ipAddress% : We are using the substitution function and returning false if the new string doesnt match the original
  • FOR /f “tokens=3” : Using the functions in the FOR loop to extract the third variable in the matching line

HOW TO : Combine landscape and portrait page layouts in Microsoft Word

Blogging this as a “memory” note for myself šŸ™‚

I was putting together a report for work and needed one of the pages in the word document to be in landscape mode, instead of the regularĀ portraitĀ mode. I thought it was a simple thing of adding a page break and applying the “landscape” layout in the page setup. But ended up either having all pages in landscape mode or inĀ portraitĀ mode. A bit of googling finally helped out :). Looks like the trick is to use section breaks instead of page breaks.

Here are the steps to do it in Microsoft Word 2010

  1. Add the content you want into word. In this example, I created two paragraphs, test landscape and test portraitĀ 
  2. At the place you want to split the page format, insert a section break, by going to Page Layout –> Breaks –> Section Breaks –> Next PageĀ 
  3. Now change the page orientation by going to Page Layout -> Orientation –> Landscape. This will only change the orientation for the current section.
  4. And voila you document now has two different page orientations šŸ™‚Ā 

 

 

Interesting (infrastructure) tidbits about Microsoft Azure

I attended a session organized by aditi regarding Microsoft Azure and Windows 8, called “Go Cloud 8” today. One of the speakers in the event was Deepak Rao, Microsoft’ Director of Cloud Computing. He shared some interesting numbers about the infrastructure running Microsoft Azure

  • 8 carrier grade data centers around the world. “Carrier” grade because of the sheer size of them.
  • The data center in Chicago houses more than 350,000 servers and is supported by only 30 FTEs (which makes me think about the number of contractors they have there šŸ™‚ )
  • 1 in 4 x86 servers produced were bought by Microsoft. Not sure if it was in 2011 or 2012!!

Deepak also gave an real world example of how one of their customers used Azure.

BPro Inc provides software to counties and states for helping report election results. They run their backend on the Azure platform. During normal periods, they run ~10 instances of compute nodes. But during the election day (11/6) this week, BPro spun up 8600 compute nodes in less than 15 minutes at 4:00 PM EST, to help support the load created by the demand for election results and than again shutdown all of them at around 1:00 AM EST when the demand decreased. Using the “list” pricing of $0.12/hr/compute node, that massive increase in capacity cost them ~$8K!!.

That is pretty impressive and I usually don’t use the work impressive in the sameĀ sentenceĀ as Microsoft šŸ™‚

For loop in Windows command shell

For my records, syntax for running a simple for loop in command prompt

[code]for %i in (SERVER1 SERVER2) do nslookup %i [/code]

note :

  • Looks like the variable can only be single characters. i.e you cannot name the variable %server
  • For using the same syntax in a batch file, you have to add another % to the variable. i.e. %i becomes %%i

DID YOU KNOW : Windows mobile and wildcard certs don't work together

Wildcard SSL certificates allow you to use one certificate for all sub domains (up to one level) of a host. Say I got a wildcard SSL certificate for *.kudithipudi.org, I would be able to use it to provide SSL on blah.kudithipudi.org, ssltest.kudithipudi.org, youcannotbeserious.kudithipudi.org and the clients won’t complaint about it.

For some reason though, Windows Mobile phones don’t like wildcard certs. So if you are ever scratching your head, why every other client works, but windows mobile devices don’t..stop scratching and get a regular SSL certificate for your website/application.

Apparently, this is the case with

  • Windows CE
  • Windows Mobile 5.0
  • Windows Mobile 6.0
  • Windows Mobile 7.0

Don’t you get the feeling that someone keeps using the same library and never bothered to check/fix it? And searching on MSDN or any other Microsoft resource won’t provide you this information. This is my own deduction after beating my head against the wall for more than 3 days :).

HOW TO : Use netcat (nc) on Windows 7

netcat is a swiss army tool for network/security professionals. You can use it to listen on certain ports or connect to certain ports. For example, say, you configured your firewall to allow TCP 80 traffic to your web server. But your web server is not built yet and you want to validate the rule. You can run netcat on your workstation to listen on port 80, assign the IP address of the web server to your workstation and test the rule.

If I am not mistaken, nc comes as a default tool in most of the Linux distros. You can download the windows port of the tool atĀ http://www.securityfocus.com/tools/139

The command to have netcat listen on a specific port is “nc -l PORT_NUMBER”. If you run this on a Windows 7 machine, you will get this dreaded message “local listen fuxored: INVAL”. The fix is to run it with a -L option. So the command would like this

[code]nc -L -p 80[/code]

The -L means “listen harder, re-listen on socket close” :).. Have to dig deeper and see what it really means though. I will leave that for another blog post.

And if you want to validate that netcat is indeed listening on that port, you can connect to that port from another workstation by using nmap.

HOW TO : Advanced search and replace in Notepad++

Jhanvi asked me to help with editing a text file recently. She had a file in the format


'512'
'345'
'876'

and needed to convert it into the format below


INSERT INTO BLAH VALUE ('512');
INSERT INTO BLAH VALUE ('345');
INSERT INTO BLAH VALUE ('876');

There are multiple ways, one can do this. Here is how I did this using Notepad++, an open source text editor. I used the regular expression capability of Notepad++ it’s search and replace function.

  • Press “Ctrl + h” to bring up the search and replace window.
  • Replace the single quote at the beginning of the line by using ” ^’ “
  • Replace the single quote at the end of the line by using ” ‘$ “

Screenshots from the operation

The data in it’s original format

Replacing the first quote mark

Data after the first search and replace operation

Replacing the second quote mark

Data in the final format

HOW TO : Install Wireshark on Windows 7

[UPDATE] Wireshark works without any issues as of version 1.2.3. This release includes WinPcap 4.1.1, which has support for Windows 7 and 2008. Looks like the issue was with the drivers not being signed digitally.

I recently upgraded my laptop to Windows 7 RC from the beta version I was testing earlier. As part of installing my standard set of tools, I tried to install Wireshark (open source network capture tool), and ran into an error due to the UAC security settings. Essentially, Windows was blocking the install of WinPcap (network capture driver). I solved it by enabling compatibility mode on the install executable. Here are the steps to install Wireshark on Windows 7.

  • Download the install file from http://www.wireshark.org/download.html
  • Right click on the install file (I happened to download the 64 bit install) and click on properties
  • In the properties window, click on the compatibility tab and change the option for “Run this program in compatibility mode for” to “Windows Vista (Service Pack 2)” and click on OK. Here’s a screenshot for reference

  • Right click on the install and click on “Run as Administrator”
  • Make sure you choose the option to install the NPF as a service during the install prompts. This will allow all users on the machine to use Wireshark without admin privileges.

P.S : WinPCap is apparently going to come out with a new version soon that is compatible with Windows 7.