How do I reset Windows Update components?

Sometimes you just can’t seem to get a workstation of server to register in correctly with Windows Server Update Services (WSUS). It may just keep reporting that it has not reported yet.

Resetting the Client systems Windows Update components can resolve this issue, to do this follow the steps outlined in this MS KB article:

Cipherdyne Script Update

The Cipherdyne website has updated the IPTables Script to include loopback logging and IPV6 awareness and issues. Specific details are blogged at:

The excellent book of Linux Firewalls is a must read and talks about this script, get the book if you don’t have it yet. See for more.

Outlook 2007 and Windows 7 – update fixes performance isssues

The June 30th, 2009 Outlook update (KB 970944) includes many updates that are of interest.
Most of all though it fixed an issue I had once loading Windows RTM with Outlook 2007, it was running slower and not responding to commands for about a second or two.

Definitely installing this update resolved the issue, so make sure you install it if you have the same issue.

Link to KB 970944:

Remember to update or renew Exchange 2007 TLS Certificates

Loading Outlook and getting a Certificate error could mean you have an expired Exchange 2007 certificate.

If you have this in your event log, you certainly do:
Event ID: 12016 – There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of EXsrv01.domain.local. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of EXsrv01.domain.local. should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task.

Great post at:

Basically you need to:
Which will generate a new certificate.

Thumbprint Services Subject
———- ——– ——-

Enable-ExchangeCertificate -thumbprint “6FS543HSGGI764FGSLOIYTV5666C8F4DF7A07756″ -services IIS

Remove-ExchangeCertificate -thumbprint “Remove-ExchangeCertificate -thumbprint “98HGBDIBBF87656548969DBC2587325366KGHVHG

You are now right to go for another 12 months.

Juniper set flow tcp-syn-check

Some time ago I had a Juniper SSG 140 issue where by certain connections could not be made from other networks within the WAN, in particular RDP connections, however HTTP and ping would work fine.

It turned out that for some reason there was no syn packet reaching the SSG firewall so it was doing the right thing and dropping the packet. I discovered this from the diag console and also a quick Google search resulted in some other people having the same issue.
See here:

Running “unset flow tcp-syn-check” fixed the problem and once we had changed all the default routing to have the data centre router handle routing the way it should, we turned tcp-syn-check back on with “set flow tcp-syn-check”.

Juniper Knowledge Base ID: KB4444 explains the details and commands.
The ScreenOS Cookbook talks about it in Chapter 9 page 306.

In short it’s a bad idea to unset this and you should only use it as a last resort or to get something resolved and then research the main problem and fix it correctly.

Here are some quotes from Google searches to back this up:
This is another reason why turning off syn checking to try to fix poor applications is a BAD idea because it’s a nasty slope to try to get things to work.

I think you need to really look at why the session is timing out. Why is the application going idle for so long? Can you enable keep alives on that application?

“unset flow tcp-syn-check” should only be used as last resort, it turns off … well, SYN-checking

You should resolve your routing issues, not turn off security features of your firewall.

Spell checker from the Command Line only with Unix/Linux

The Unix and/or Linux command line is without doubt the most powerful tool and here is another example of why that is.

Check the spelling of a word with the look command!
Example: look sensation will give you the spelling of it and the other words similar.

You can also optionally install from your distributions repo mean and dict for the meaning and the dictionary terms of words.



Save more disk space in Windows – Hibernation

Disable and re-enable hibernation on a computer that is running Windows Vista or Server 2008.

The Hiberfil.sys hidden system file is located in the root folder of the drive where the operating system is installed. The Windows Kernel Power Manager reserves this file when you install Microsoft Windows. The size of this file is approximately equal to the amount of random access memory (RAM) that is installed on the computer.

The computer uses the Hiberfil.sys file to store a copy of the system memory on the hard disk when the hybrid sleep setting is turned on. If this file is not present, the computer cannot hibernate.

If the computer is a server you probably don’t want it to sleep anyway and so you can gain back some disk space by deleting this file.

To make hibernation unavailable and gain back some disk space:

1. Click Start, and then type cmd in the Start Search box.
2. In the search results list, right-click Command Prompt, and then click Run as Administrator.
3. When you are prompted by User Account Control, click Continue.
4. At the command prompt, type powercfg.exe /hibernate off, and then press ENTER.
5. Type exit, and then press ENTER.

See MS KB article for more details: KB920730

Vista WS2008 SP2 Cleanup Tool

After the installation of SP2 on either Vista or Windows Server 2008, you may notice the hard disk’s space has been substantially reduced. This is due to the RTM and SP1 backup files not being deleted after the installation of SP2.

Maybe this is not an issue if you have huge amounts of disk space available, however if you don’t you can use this nifty tool that was included with the SP2 package.

CompClean – compcln.exe found in WindowsSystem32 directory.

Simply run the utility from the command prompt and you will gain back that valuable disk space!