Fix for RDP tests
list Rob Steuer
Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389 send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x0 0" expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34" I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely. I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon. Thanks! Rob
list Kenneth S. Petersen
Hi Rob, It works perfect here. Using Xymon 4.3.21 with both 2008 / 2008 R2 / 2012 / 2012 R2 with no issues at all. Thanks for the update, I'll deleted the RDPNLA witch was the approach I did to get it to work. I'll too backup on the protocols.cfg updates in the next release. Regards Kenneth S. Petersen
▸
Fra: Xymon [mailto:xymon-bounces at xymon.com] På vegne af Rob Steuer Sendt: 19. oktober 2015 01:20 Til: xymon at xymon.com Emne: [Xymon] Fix for RDP tests Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389
send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00"
▸
expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34"
I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely.
I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon.
Thanks!
Rob
list Japheth Cleaver
▸
On Sun, October 18, 2015 10:22 pm, Kenneth S. Petersen wrote:
Hi Rob, It works perfect here. Using Xymon 4.3.21 with both 2008 / 2008 R2 / 2012 / 2012 R2 with no issues at all. Thanks for the update, I'll deleted the RDPNLA witch was the approach I did to get it to work. I'll too backup on the protocols.cfg updates in the next release.
Fra: Xymon [mailto:xymon-bounces at xymon.com] På vegne af Rob Steuer Sendt: 19. oktober 2015 01:20 Til: xymon at xymon.com Emne: [Xymon] Fix for RDP tests Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389 send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00" expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34" I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely. I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon. Thanks! Rob
Hi Rob, I can confirm it's working for me as well. Thanks for the submission! It's been committed at https://sourceforge.net/p/xymon/code/7700/ Regards, -jc
list Ryan Novosielski
Is it possible that this makes the test not work for older RDP servers? ____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |---------------------*O*--------------------- ||_// Biomedical | Ryan Novosielski - Senior Technologist || \\ and Health | user-46c89e614701@xymon.invalid<mailto:user-46c89e614701@xymon.invalid>- 973/972.0922 (2x0922) || \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark
▸
`' On Oct 19, 2015, at 06:12, J.C. Cleaver <user-87556346d4af@xymon.invalid<mailto:user-87556346d4af@xymon.invalid>> wrote: On Sun, October 18, 2015 10:22 pm, Kenneth S. Petersen wrote: Hi Rob, It works perfect here. Using Xymon 4.3.21 with both 2008 / 2008 R2 / 2012 / 2012 R2 with no issues at all. Thanks for the update, I'll deleted the RDPNLA witch was the approach I did to get it to work. I'll too backup on the protocols.cfg updates in the next release. Fra: Xymon [mailto:xymon-bounces at xymon.com] På vegne af Rob Steuer Sendt: 19. oktober 2015 01:20 Til: xymon at xymon.com<mailto:xymon at xymon.com> Emne: [Xymon] Fix for RDP tests Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389 send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00" expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34" I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely. I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon. Thanks! Rob Hi Rob, I can confirm it's working for me as well. Thanks for the submission! It's been committed at https://sourceforge.net/p/xymon/code/7700/ Regards, -jc
list Rob Steuer
Hi Ryan – I tested with Windows 2003 server successfully. Anything older really shouldn’t be in operation anymore anyway.
▸
From: Novosielski, Ryan [mailto:user-6e4f7a3bb37f@xymon.invalid]
Sent: Monday, October 19, 2015 1:34 PM
To: J.C. Cleaver
Cc: Rob Steuer; xymon at xymon.com; Kenneth S. Petersen
Subject: Re: [Xymon] Fix for RDP tests
Is it possible that this makes the test not work for older RDP servers?
____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences*
|| \\UTGERS <file:///\\UTGERS> |---------------------*O*---------------------
||_// Biomedical | Ryan Novosielski - Senior Technologist
|| \\ and Health | user-46c89e614701@xymon.invalid- 973/972.0922 (2x0922)
▸
|| \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark `' On Oct 19, 2015, at 06:12, J.C. Cleaver <user-87556346d4af@xymon.invalid> wrote: On Sun, October 18, 2015 10:22 pm, Kenneth S. Petersen wrote: Hi Rob, It works perfect here. Using Xymon 4.3.21 with both 2008 / 2008 R2 / 2012 / 2012 R2 with no issues at all. Thanks for the update, I'll deleted the RDPNLA witch was the approach I did to get it to work. I'll too backup on the protocols.cfg updates in the next release. Fra: Xymon [mailto:xymon-bounces at xymon.com] På vegne af Rob Steuer Sendt: 19. oktober 2015 01:20 Til: xymon at xymon.com Emne: [Xymon] Fix for RDP tests Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389 send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00" expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34" I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely. I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon. Thanks! Rob Hi Rob, I can confirm it's working for me as well. Thanks for the submission! It's been committed at https://sourceforge.net/p/xymon/code/7700/ Regards, -jc
list Ryan Novosielski
I am very much in agreement! Thank you.
▸
____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences*
|| \\UTGERS |---------------------*O*---------------------
||_// Biomedical | Ryan Novosielski - Senior Technologist
|| \\ and Health | user-46c89e614701@xymon.invalid<mailto:user-46c89e614701@xymon.invalid>- 973/972.0922 (2x0922)
|| \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark
`'
▸
On Oct 19, 2015, at 13:59, Rob Steuer <user-dc5347ce617b@xymon.invalid<mailto:user-dc5347ce617b@xymon.invalid>> wrote:
Hi Ryan –
I tested with Windows 2003 server successfully. Anything older really shouldn’t be in operation anymore anyway.
From: Novosielski, Ryan [mailto:user-6e4f7a3bb37f@xymon.invalid]
Sent: Monday, October 19, 2015 1:34 PM
To: J.C. Cleaver
Cc: Rob Steuer; xymon at xymon.com<mailto:xymon at xymon.com>; Kenneth S. Petersen
Subject: Re: [Xymon] Fix for RDP tests
Is it possible that this makes the test not work for older RDP servers?
____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences*
|| \\UTGERS<file:///\\UTGERS> |---------------------*O*---------------------
▸
||_// Biomedical | Ryan Novosielski - Senior Technologist
|| \\ and Health | user-46c89e614701@xymon.invalid<mailto:user-46c89e614701@xymon.invalid>- 973/972.0922 (2x0922)
|| \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark
`'
▸
On Oct 19, 2015, at 06:12, J.C. Cleaver <user-87556346d4af@xymon.invalid<mailto:user-87556346d4af@xymon.invalid>> wrote: On Sun, October 18, 2015 10:22 pm, Kenneth S. Petersen wrote: Hi Rob, It works perfect here. Using Xymon 4.3.21 with both 2008 / 2008 R2 / 2012 / 2012 R2 with no issues at all. Thanks for the update, I'll deleted the RDPNLA witch was the approach I did to get it to work. I'll too backup on the protocols.cfg updates in the next release. Fra: Xymon [mailto:xymon-bounces at xymon.com] På vegne af Rob Steuer Sendt: 19. oktober 2015 01:20 Til: xymon at xymon.com<mailto:xymon at xymon.com> Emne: [Xymon] Fix for RDP tests Hi, After trying to implement the RDP tests for monitored hosts I noticed that they were returning a yellow warning with the warning text "Unexpected service response". I tried this for older hosts running Windows 2003 and newer hosts running 2008/2012 with RDP using NLA. It gave the warning text for both. So I'm guessing the original rdp test was implemented many years ago (2010 per below) when things were handled differently. The specification currently in the protocols.cfg file for RDP as it stands today is as follows: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) [rdp] port 3389 send "\x03\x00\x00\x1e\x19\xe0\x00\x00\x00\x00\x00Cookie: mstshash=\r\n" expect "\x03\x00\x00\x0b\x06\xd0" I couldn't find anyone who provided a true fix in the archives other than suggesting doing a network trace. So that's what I did. After a bit of testing I found the following to work: # Microsoft Terminal Services / Remote Desktop Protocol # From Chris Wopat (http://www.xymon.com/archive/2010/01/msg00039.html) # Updated By Rob Steuer 10-17-2015 with send and expect strings that work for current versions of RDP [rdp] port 3389 send "\x03\x00\x00\x13\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00" expect "\x03\x00\x00\x13\x0e\xd0\x00\x00\x12\x34" I was tempted to rename the protocol test to [rdpnla] or something like that to keep the old one around, but really the old one just didn't work for anything, so IMHO I think it just needs to be replaced entirely. I'd like feedback from others to see if this works for them also and see the protocols.cfg updated in the next release of Xymon. Thanks! Rob Hi Rob, I can confirm it's working for me as well. Thanks for the submission! It's been committed at https://sourceforge.net/p/xymon/code/7700/ Regards, -jc