Hi All, Something I like to do is to ensure that my network cards are not using auto discovery and actually set them to be full duplex manually. I have found more often then not that if you don't do this the cards don't operate at full duplex. Then under the TCP/IP settings in the system registry for the interface [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Inter faces\] that is assigned to the nic card I also manually set the "MTU" value of the card to at least "1440". There are some other settings that can be set that ensures consist speed and packet transmission between various routers. The enclosed file UpdateMTU.vbs.txt will update the MUT values on all appropriate interfaces. Just rename the *.txt back to *.vbs This will give you noticeable increase in bandwidth that you can measure with perfmon. Thank you, Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Thursday, January 23, 2003 1:32 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: blocking connection by application http://www.ISAserver.org Hi Rami, To set effective bandwidth for a network card In the console tree of ISA Management, right-click Bandwidth Rules and click Properties. Where? Internet Security and Acceleration Server Servers and Arrays Name Bandwidth Rules On the General tab, click Enable bandwidth control. In Effective bandwidth, type the effective bandwidth for the network connection. HTH, Tom Thomas W Shinder www.isaserver.org/shinder http://tinyurl.com/1jq1 http://tinyurl.com/1llp -----Original Message----- From: Rami SIK [mailto:rami@xxxxxxxxxxxxxxx] Sent: Thursday, January 23, 2003 3:02 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: blocking connection by application http://www.ISAserver.org Do we have to click "Enable Bandwidth Control" check box in the properties tab of the Bandwidth Rules container in order for the bandwidth rules to take affect? -------------------------------------------------------------------- Rami SIK System & Network Administrator CCNA Kimyatas Istanbul / Turkey Tel:90-212-334 4963 -------------------------------------------------------------------- -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Thursday, January 23, 2003 4:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: blocking connection by application http://www.ISAserver.org Hi Thaps, If you want to have some fun, keep a list of Kaaza abusers and then create a bandwidth rule and assign that rule a bandwidth priority of 1 and 1. Then assign your Kaaza abusers to that bandwidth rule. When they complain, tell them that file sharing applications are hurting bandwidth. After they stop using the warez apps for a month, then you can take them out of the group assigned to the throttled bandwdith rule. HTH, Tom www.isaserver.org/shinder -----Original Message----- From: Thapeli Matsabo - CPX Mngd Services [mailto:ThapeliM@xxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, January 22, 2003 4:05 AM To: [ISAserver.org Discussion List] Subject: [isalist] blocking connection by application http://www.ISAserver.org Hi, I have a lot of users on my network that connect to P2P sites (i.e Kazaa)using firewall client. On my logs I see all kazaa connections going to different IP's. This makes blocking by IP too much a hassle. Is there a way I can block by application. Since ISA already picks up the application (kazaa.exe). Regards, Thaps ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rami@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
'****************************************************************" ' Module/Class: UpdateMTU.vbs ' ' Version: 1.00.0000" ' Description: Admin tools for automating updating MTU info ' ' ' Last update: 12/18/2002 Joseph Kravis(joseph.kravis@xxxxxxxxxx)" ' Last Time : ' ' Notes: from the command line run as: cscript.exe UpdateMTU.vbs ' ' ** REVISIONS**" ' ' Date By Description" ' -------- ---------- ------------------------------------------" ' See individual subs for revision information" '****************************************************************" const HKEY_LOCAL_MACHINE = &H80000002 strComputer = "." Set StdOut = WScript.StdOut '*** ' Set WMI to impersonate at the root defalut level for reading selected key '*** Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv") strKeyPath = "SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys '*** 'Retreive the sub keys for looking at DHCP and IP address fields '*** '*** ' For each interface sub key process values we are looking for (DHCP and IP) '*** For Each subkey In arrSubKeys StdOut.WriteLine " " StdOut.WriteLine "New Interface " & subkey '*** 'Retreive the sub keys for passed in subkey data '*** strKeyPathB = "SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" & "\" & subKey oReg.EnumValues HKEY_LOCAL_MACHINE, strKeyPathB, arrValueNames, arrValueTypes StdOut.WriteLine strKeyPathB For i=0 To UBound(arrValueNames) oReg.GetExpandedStringValue HKEY_LOCAL_MACHINE, strKeyPathB, arrValueNames(i) , strValue '*** ' If we have either a DHCP or IP address '*** IF arrValueNames(i) = "DhcpIPAddress" or arrValueNames(i) = "IPAddress" Then '*** ' If we have either a DHCP or IP values add the MTU keyword '*** IF strValue <> "" or strValue <> "0.0.0.0" THEN StdOut.WriteLine "Value Name: " & arrValueNames(i) & " = " & strValue strValueName = "MTU" dwValue = 1440 oReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPathB, strValueName, dwValue END IF END IF NEXT NEXT 'End arrSubKeys Collection