I did a simple google search, to find a script which will allow me to rename a bunch of files within a folder, but did not find anything! So - I made my own. Please feel free to do whatever you want with the below - just hope it helps you in some way.

A simple script I have put together to find files within a folder, and then rename/move them to an .old file. Best to run it from the dos prompt, and makes also a good idea to test it prior to running, such as against a bunch of test/dummy files as I would hate.

Below is the code - plus some documentation. At the end of this post - is a RAR file you can download, just in case you cant copy/paste the below for some reason.

Known limits: It does not seem to like wildcards at the moment, but I am sure it will be a simple fix. If you are using a folder which contains a space, enclose it in ” ’s so the CD command will work correctly.

@echo off
REM ** Script created by Alan Lee @ Elcom (www.elcom.com.au)
REM ** A simple way to scan a file, for XXX file - and move/rename it (well, you could adjust the below to do whatever you want really)
REM **
REM ** Please feel free to copy/adjust/do whatever you want with the below - all I can hope for is it will make your job a little easier!
REM **
REM ** Good luck! And as always, test in a non-production setup first to ensure it does what you want it to do! I take no responsibility etc for this script!

set drive=d:
set folder_to_scan=d:\xxxxx\xxxxxx\xxxxxxx
set file_to_find=xxxxxxxxx.doc
REM ** Three things you need to adjust …
REM ** drive = the actual drive which contains the files you wish to move/replace (the script, as below, does a drive: to get
REM ** to the drive in the event you run this script from a different drive to begin with (ie, you might have a scripts folder on C: for example)
REM **
REM ** folder_to_scan = the actual folder the script will chdir into, and search
REM **
REM ** file_to_find = the actual file we wish to find / replace. by default, as per the script below - it will rename/move this to %file_to_find%.old

%drive%
cd %folder_to_scan%
REM ** Goto the drive, CD into the foler

dir %file_to_find% /b /s > tmp.txt
REM ** Do a dir and store the results into a tmp file (called tmp.txt)

notepad tmp.txt
pause
REM ** Uncomment the above two lines, to add a little more info to what the script does (ie, see the files it has found).
REM You can then control+c / close the script window if it looks evil / found the wrong info!!

for /D %%I in (”%file_to_find%”) do For /F “tokens=*” %%J in (tmp.txt) do move “%%J” “%%J”.old && echo %%J
REM ** Do the actual work, scan the tmp.txt file, pull out the information - and do the move/rename to .old

del tmp.txt
REM ** Delete the tmp file

You can download the files from the below link
http://www.alanjlee.com/downloads/FindAndReplaceFiles.rar
Oh, and a slightly changed version which actually copies a new file over the found file (ie, mass replace)
http://www.alanjlee.com/downloads/FineAndReplaceFilesWithNewFile.rar

This will be fun! A dual CPU Xeon system, 4GB of ram - a few large 500GB hard drives and a clean install of Windows 2008 to be our dedicated Streaming Media Services Server. Brad Marsh, and myself will get this going. Should be a good project.

But first - getting RAID drivers for a “Marvell Technology Group Ltd. MV88SX6041 4-port SATA II PCI-X Controller” (PCI VEN = 11AB, PCI DEV = 6041) on a SuperMicro 1U server 

 Well - I did it… I have created an IP Accounting package for work!  Argh!! The eye’s!!

Well - it was not that hard.  I ended up using a package called pmacct.  It is a pretty light weight program - very easy to install and use.  I’ll give everyone a little bit of information on how I did it, but I dont want to release this version of this group of scripts yet as I want to make it tidy before I do it (ie, next release which I will be working on slowly as time goes on)

This is my config file for pmacctd

syslog:daemon
interface: eth1 (change to your ethernet card, which is in PROMISC mode)
daemonize: true
promisc: true
aggregate[outbound]: src_host
aggregate[inbound]: dst_host
aggregate[60soutbound]: src_host
aggregate[60sinbound]: dst_host

aggregate_filter[outbound]: src net public_address.0/24
aggregate_filter[inbound]: dst net public_address.0/24
aggregate_filter[60soutbound]: src net public_address.0/24
aggregate_filter[60sinbound]: dst net public_address.0/24

(change the above public_address to your external IP address range, ie 42.434.23.0)
plugins: memory[outbound], memory[inbound], memory[60soutbound], memory[60sinbound]
imt_path[inbound]: /tmp/in.pipe
imt_path[outbound]: /tmp/out.pipe
imt_path[60sinbound]: /tmp/60sin.pipe
imt_path[60soutbound]: /tmp/60sout.pipe

plugin_pipe_size:52400000
plugin_buffer_size:65536

imt_buckets: 65537
imt_mem_pools_size: 52400000

(the above numbers, 52400000 are the memory settings for this program.  My numbers are probably high, but my system is dedicated to IP Accounting so I dont really care TBH *smile*)

OK - you will notice I have two lots of ip and out’s.  There is a reason to my madness, which probably not right.  I have two lots of programs reading data from pmacct.  One does the data work on a day-to-day basis, chucked into an SQL database and then our accounts department (after we make a front-end for him) will be able to read the data, such as XX ip address did XX incoming and XX outgoing traffic today.  And the second - is a minute to minute check of the network, which I use a perl script to look over the CSV files generated and then create pretty little graphs (i will show one a little later) of the last 20 minutes of network traffic/activity.  To run the above program using the above config - I used the following

pmacctd -f /etc/pmacct.config (of course, you can call the config file whaterver you want… )

To extract data - I use something like the following

traffic_in=`pmacct -c dst_host -M $1 -p /tmp/in.pipe  | grep $1`
traffic_out=`pmacct -c src_host -M $1 -p /tmp/out.pipe  | grep $1`

if [[ $traffic_out = "" ]]
        then
                echo -n “out ” >> results.tmp
                echo $1 0 0 >> results.tmp
        else
                echo -n “out “>> results.tmp
                echo $traffic_out >> results.tmp
fi

if [[ $traffic_in = "" ]]
        then
                echo -n “in ” >> results.tmp
                echo $1 0 0 >> results.tmp
        else
                echo -n “in ” >> results.tmp
                echo $traffic_in >> results.tmp
fi

OK - so what does it do?  It is designed to be passed the IP address you wish to extract from the command line.  IE if you name the above script ‘run’, you would do something like ./run 22.5.2.3

It scans the in/out files, puts them into a results.tmp file.  I noticed that pmacct will give blank results if there was no traffic against XXX IP address.  The above script fixes that - if it finds a blank IP address, it will add 0’s to the CSV showing no data.  When it runs, it will create a file which should contain the following…

direction of the traffic (ie, in or out)
ip_address
packets
bytes

But the above is almost useless… So I have another script (which could be joined to the above when I get time) make them all pretty / join them up etc as below…

thedate=`date +%d-%m-%Y`
echo -n > results.csv
cat results.tmp | while read direction ip_address packets bytes

do
        if [ $direction = "out" ]; then
                echo -n $thedate, ‘”‘$ip_address’”‘, $packets, $bytes,” “  >> results.csv
        else
                echo $bytes >> results.csv
        fi
        done
rm results.tmp

It will scan the results.tmp file, and create a results.csv file… which will look somethine like… (add date etc)

18-06-2008, “xxxx.10″, 3224, 261980, 263037
18-06-2008, “xxxx.11″, 11, 1104, 11496
18-06-2008, “xxxx.12″, 0, 0, 10580
18-06-2008, “xxxx.13″, 0, 0, 9541

The only other thing you need to do is tell pmacct to reset its database on a regular basis (ie, daily) so that the values from the prior day are not put into the next days results.  I am sure there is a better way to do it, but I use the following

pmacct -c dst_host -M    xxxx.32    -p /tmp/in.pipe -r
pmacct -c dst_host -M    xxxx.33    -p /tmp/in.pipe -r
pmacct -c dst_host -M    xxxx.34    -p /tmp/in.pipe -r

Other things to think about:  pmacct, using my above memory settings - eats alot of memory.  CPU time - very little.  I have had it installed for almost a week now, and 37 minutes of CPU time on an Intel P4 2.4Ghz CPU w/ 1gb of memory. 

As always, feel free to us anything in this post.  I hope that the above helps in some way (maybe you will see an error in your own scripts, or feel I did something wrong or give you a brilliant idea on how to take over the world…!)

(Below - is an example of what the csv2png program can generate… with a few tweaks… I will post my scripts at a later date. This image is live, getting updated every ~1 minute with a real host on our network)

 Just like everyone else - we have had a spam problem in the office for some time.  It seemed 95% of all email we received on our Microsoft Exchange server was unsolicited spam.  I feel in towards world, you cannot get by with just a single tool to reduce the amount of spam received and having a mixture of technologies will help alot in this ongoing battle.

So - what did we do?

First - we have had Trend Micro’s ScanMail installed for some time.  This does a pretty good job overall, while set at the highest levels.  Because it was set at the highest levels, the chance of a false-positive was pretty high and we would often see them so we have configured the software to deliver email into the Junk Folder of Outlook.

Second - as a covert mission, without telling anyone, I installed a Linux box (Slackware) and installed Qmail and set it up to query some RBL’s.  After about a week of testing, I enabled this system as a secondary MX for our current Microsoft Exchange server.  Qmail will receive the email, do its RBL things and then pass it onto our Exchange server. 

Install of Qmail is pretty easy, follow the Life with Qmail guide and then edit /etc/qmail/smtproute to show something like real.email.server.anme:email.server.to.forward.message.to (in our case, mail.elcom.com.au:etms1.elcom.com.au). A good forum post can be found here.

Setting up RBL was also very easy - just follow the guide at the Life with Qmail page.

After a few days, I think Sunday night - I adjusted our MX records for our domain so that all email was coming via Qmail now.

Tuesday, I then adjusted our Trend Micro OfficeScan program to use a lower setting for scanning for Spam, and to automatically delete the message.  It has been like this since.

The results?  On the Qmail server, a cat * | grep rbl -c inside the /var/log/qmail/smtpd folder brings up 248,833 messages blocked (rbl is listed on the rejection reason to the sending email server).  On Trend Micro’s ScanMail shows we have deleted 310,597 emails.  Which leaves a grand total of of around 30,000 email entering the Inbox’s of staff members.  Since implementing the above, my inbox has received 3 or 4 spam messages in two weeks where as before, I would have been getting around 100 a day.  The staff member, who used to receive a few spam messages every minute, is now getting 5 to 8 per day.  He is now happy.

In terms of False Positives - I have not had a single report yet.  The Qmail server will reject the message entirely, and the ScanMail system will delete the message but using the log tool we can pull them out to resend if required.

Overall, I am happy with how this has turned out to prevent spam coming into Elcom.  Just think of all the atoms we have saved by reducing incoming email! 

Next week - we will explore how to become carbon neutral by using recycled/used tea bags for packaging while shipping things around the world

 Hey there!

Thursday and Friday I should have a bit of time to do more testing of Windows 2003/2008 and SQL 2005/2008.  I plan to do more in-death testing, such as seeing if there is any performance changes using a mix of the above (ie, Windows 2003 with SQL 2008).  For my next I.T. related post - I will be putting in a lot of detail such as how I did my tests, and the actual results.  Expect to see a huge post, which should take up around 3 or 4 reams of paper, if you decide to print it (I’ll even chuck in pictures because I am a nice guy!)

Edit - 06/02/2008:  I have had alot of time today to do some more testing, and will have even mor eon the 07/02/2008 and maybe even the 08/02/2008.  I have taking a ton of screenshots, recorded how I have tested and a bunch of other things.  I hope by Friday I will have a full report for everyone to have a look at

 I love squid - the proxy system (not the fish product, as I dont eat much if any fish).  I am currently working on updating our proxy system for work, from a manual-lets-enable-it-in-internet-explorer to a transparent proxy server based on the workstations route table.  I have done it many times before, in prior jobs and for clients and it usually works well.  Gone will be the days of the users at work who have to adjust their proxy settings while in and out of the office!

I made a promise to a friend my next blog will not be about work - and will be about myself or something.  Let’s hope I remember for my next post.

The results are in… Windows 2008/SQL 2008 is the winner!

Windows 2003/SQL 2005 took 3 minutes and 51 seconds to deal with 1000x concurrent web requests to our website.

Windows 2008/SQL 2008 took 46 seconds to deal with 1000x concurrent web requests to our website.

(All tests were done to a non-pre-cached version of our site, so no DLL’s cached etc)

From what I can see so far, the Windows 2008 system may be able to do it even quicker if we chuck the system onto a gbit network.  Under my tests, the network load on Widows 2003 was between 25% and 50% but under Windows 2008, it was almost maxed at 100% the entire time.  I might see if I can dig up a spare gbit switch and some nice network cards to see if there is even more of a difference (will do the same in the 2003 box).

So - the quick run down, I am very excited about Windows 2008.  I feel we will be able to do more, with even less.  My next test, probably sometime next week will be to split the servers up, have a dedicated Web server and a dedicated SQL server and then check the performance again (more of a real world example, with a firewall between the user, web server and sql server). 

 Today I will be in scientist mode. I have one physical server, and two identical 160gb hard drives. On one drive, I will be installing a clean version of Windows 2003 with SQL 2005 and then loading Elcom’s website onto it. On the second drive, I will be installing a clean version of Windows 2008 with SQL 2008 and then doing the same - loading Elcom’s website onto it. Afterwards, I will do timed tests against both installs and work out which one is faster. I did a few basic tests the other day, but the systems were very different and the type of load on the systems were also very different. This should make the field even.

This is really to prove or disprove the post I made a few days back about Windows 2008 performing faster then Windows 2005 with our website.  I may, if I have time, chuck a few other large non-cm websites on it and see how they go.

The biggest difference between the sites - on Windows 2005, the site is compiled under .NET2 and under 2008, it will be compiled under .NET3.5. Everything else will be the same - the actual database and website files are within a few days of each other.

The system is: Intel Core Duo 2 @ 2.23Ghz, 4gb of ram, Intel system board and 160gb sata hard drive.

I don’t know how the service packs for Windows 2003 will make a difference to performance, so I will probably test it twice - once under no service packs and the other one with them all (Windows + SQL).

Excited? If you are a semi-nerd, then probably a little but if you are a normal person, you would have the biggest yawn of your life right now!

UPDATE: Wow… There are some major diffrences in performance to Windows/SQL 2008’s advantage. More to come soon!

 SmarterStats from SmarterTools is a very nice package. We have recently installed it to replace another stats package we had used. The prior package, from a company I wont mention was a pretty good program but it didn’t really handle large websites that well. We have some sites doing in excess of 15gb of traffic per day (300-400mb log files).

What let the older package down was its use of flat database files. Often, the working database of the stats package would be in excess of 15-20gb. SmarterStats on the other hand, still uses a flat database for its data, but seems to be a lot nicer in how it does its work and the end result, is a much quicker, cleaner and well put together package.

Straight away with our testing of SmarterStats, we noticed how much better the program is. As a blunt test, we took our biggest few websites, and loaded them up several times on this stats package and let it rip to process. Come back a few hours later, lots of pretty graphics and useful information presented. Again, really nice package. A+

Hi Guys! and Girls!

Did some basic tests today, using the Elcom website under Windows 2005 / SQL 2005 / .NET2 and Windows 2008 / SQL 2008 and .NET3.5.  The Elcom website’s performance was around double under the 2008 packages.  I am no scientist, or master of stats or anything, but it alot quicker. 

I used a script, to download our website 10x via Windows 2005, and 10x via Windows 2008.  The average time on Windows 2005 was about double that of Windows 2008. The script was used on the same client, accessing the servers directly with no proxy or firewalls between the system.