Tuesday, July 29, 2014

Everyday Powershell - Part 26 - Check Server last boot time

Here's a quickie that was useful this week.
$servers = Get-ADComputer -filter {OperatingSystem -like "*Server*"}
$report = @()
foreach ($server in $servers){
    $temp = "" | Select Name, Lastboot
    $temp.name = $server.dnshostname
    if(test-connection $temp.name -Count 1 -quiet){
        $temp.lastboot = [datetime]::ParseExact(((Get-wmiobject -ComputerName $temp.name Win32_operatingSystem).lastbootuptime).Substring(0,12), "yyyyMMddHHmm", $null)
    }
    else{
        $temp.lastboot = $null
    }
    $report += $temp
}
$report | sort name

Original inspiration was from here;

You see the great thing with powershell is once you know how to do something on one server you can do it on many servers relatively easily. To support some of our older fleet we had to change that query from CIM to WMI and meant some trickery with the Datetime but that’s all pretty simple stuff.

This could be combined with the server shutdown comments script from part 11 to get the reason for the last reboot too!

Monday, July 28, 2014

Run Need For Speed Rivals at 60FPS

So I watched the Need for Speed movie on the weekend... Despite being pretty bad it did impart a longing to drive exotic cars through scenic landscapes.

So I grabbed the latest game in the franchise; Need for Speed Rivals. It was a PS4 Launch title and runs on the Frostbite engine that powers battlefield games. So it should be a really good bunch of eye candy running nice and smooth on the new(ish) rig!

So after loading it up and sitting through an eternity of tutorial videos I got into the game... What's this? It's bloody capped at 30FPS!!!

This is an atrocity in the modern age of gaming! Capping performance of a PC title to run at a lower frame rate to, presumably, maintain compatibility with the console versions.

Luckily before returning the game I did a quick Google and found that the arbitrary limit on the frame rate could be be changed with two command line arguments...

-GameTime.MaxSimFps 60 -GameTime.ForceSimRate 60

MaxSimFps tells the game to run at 60 FPS but everything runs twice as fast if you don't set ForceSimRate to 60 as well.

Game runs exactly as I expected when run with those parameters and I'm now doing what I wanted, blasting past gorgeous scenery in insanely overpowered status symbols...

However it is of great concern that a big studio would release a AAA title on PC with the frame-rate limited like that. A key benefit of PC high end gaming is high resolutions with high frame rates.

When a big publisher decides that the PC market should be stuck on the same frame-rates as their console users, it should be ringing alarm bells for performance enthusiasts everywhere.

Friday, July 25, 2014

Everyday Powershell - Part 25 - Monitor for CryptoWall

So the bastards got us! Yup we got Cryptowalled!

We caught the infection before it did too much damage, isolated the PC, configured the firewall to block the IPs it was trying to get to and restored the pwnd files from backup. Business as usual really.

But what do we do to monitor for this in the future?

Whacked this together quickly;
$protectedpaths = "\\server1\someshare", "\\server2\someother"
$filename = "-Canary-.txt"
$foldername = "\-----AAA--TOP-----\"
$canarystring = "If this can be read everything is ok"
$logpath = "C:\scripts\cryptolockercanary.txt"
$recipients = "someadmin@mail.com"
$smtpserver = "somemailserver"

$report = @()

foreach ($path in $protectedpaths){
    $temp = "" | select Time, Path, EncryptedStatus
    $pathwithfolder =  $path + $foldername
    $canarypath =  $pathwithfolder + $filename
    $temp.time = get-date
    $temp.path = $pathwithfolder
    if (test-path $canarypath){
        $test = Get-content $canarypath
        if ($test -eq $canarystring){
            $temp.EncryptedStatus = $false
        }
        else{
            $temp.EncryptedStatus = $true
            Send-MailMessage -to $recipients -From 
some@email.com  -Subject ("CryptoLockerCanary Has been changed! " + $temp.time) -BodyAsHtml ($temp | convertto-html | Out-String-SmtpServer $smtpserver
        }
    }
    else{
        mkdir $pathwithfolder
        out-file $canarypath -InputObject $canarystring
        Set-ItemProperty -Path $canarypath -Name attributes -Value ((Get-ItemProperty $canarypath).attributes -BXOR ([io.fileattributes]::Hidden))
        if (test-path $canarypath){
            Send-MailMessage -to $recipients -From 
some@email.com  -Subject ("CryptoLockerCanary file is not present - creating new one " + $temp.time) -BodyAsHtml ($temp | convertto-html | Out-String-SmtpServer $smtpserver
        }
        else{
            Send-MailMessage -to $recipients -From some@email.com -Subject ("CryptoLockerCanary file is not present and COULD NOT CREATE new one - Recomend investigation " + $temp.time) -BodyAsHtml ($temp | convertto-html | Out-String-SmtpServer $smtpserver
        }
    }
    $report += $temp
}
$report | export-csv -Path $logpath -Append -NoTypeInformation
$report

It'll take any folders defined in $protectedpaths and stick a "canary" file in there. If it sees a change to the canary file it'll send out emails to $recipients.

This is scheduled to run every five minutes so this way we'll get alerted really quickly if it get's through again.

Tuesday, July 8, 2014

Game Design brings out my evil side

Mwuhahahahahahaha!
Believe it or not... This is a Racing Game.
Island-Test6 a smooshing together of unity, world machine and some custom car scripts has allowed me to indulge in much deviousness.

What is the fine line between fun challenge and pure frustration? Well I don't know, but I'm trying my damnedest to find out!