Select Page
SMB authentication rate limiter now on by default in Windows Insider

SMB authentication rate limiter now on by default in Windows Insider

Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading
BrandonWilson_1-1662757157500.png

Check This Out! (CTO!) Guide (August 2022)

  Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide.   These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we ... continue reading
Upgrading your container app from Windows Server 2019 to 2022 on Azure Kubernetes Service

Upgrading your container app from Windows Server 2019 to 2022 on Azure Kubernetes Service

Note: As of the writing of this blog, Windows Server 2022 is on Public Preview on Azure Kubernetes Service (AKS). If you’ve been playing with containers, the thought of upgrading to a new OS version might seem way too simple: ... continue reading
JoelVickery_0-1657509496356.png

The RC4 Removal Files Part 3 – The “Everything Else” Of It

I’m not a fan of folks that glaze over problems, not that I’m a pessimist mind you, I do my fair share of finding the bright side of bad situations. When this RC4 project started, I heard lots of optimistic ... continue reading
MichaelHildebrand_0-1653599159712.png

To AAD Join or Not … That is the Question

As we all know, the cloud paradigm shifts in IT continue. When I worked in corporate IT - heck, when I started blogging out here - on-prem was really all there was. Active Directory, GPOs and WINS were all the ... continue reading
This image displays an alert in Microsoft Defender for Identity. The title states "Suspicious Kerberos delegation attempt by a newly created computer" followed by the subtitle "Administrator on evilcomputer5 used a ticket to delegate access to ATTACKER." Below the titles displays an administrator icon on the left and an attacker icon on the right, with an arrow pointing from the admin to the attacker stating "delegated a ticket with access to". The evidence includes "resource based constrained delegation is configured on the resource with the Administrator as allowed to delegate", "evilcomputer5 was created on May 19 2022 at 8:45 PM", and "this alert is associated with the KrbRelayUp exploitation".

Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)

On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn ... continue reading
SMB Authentication Rate Limiter in Insider builds

SMB Authentication Rate Limiter in Insider builds

Heya folks, Ned here again. I've got a new SMB preview feature to share: the SMB authentication rate limiter. It's available in Windows Server Insider build 25075. In a few weeks it will also appear in Windows Server Azure Edition Insider & Windows ... continue reading
Deep dive: How Azure AD Kerberos works

Deep dive: How Azure AD Kerberos works

If you have ever explored the differences between Active Directory (AD DS) and Azure Active Directory (Azure AD), you would have found that Azure Active Directory doesn't support the Kerberos authentication protocol, but Active Directory does. Kerberos is used to ... continue reading
Untitled Project (Time 0_02_56;06).png

SMB over QUIC is GA and we have lots of news!

Heya folks, Ned here again. As you might have heard now in all the MS Ignite hullabaloo, Windows Server 2022 Datacenter: Azure Edition is now generally available and that means that SMB over QUIC is now generally available too! I ... continue reading
Individual TCP-DS 10TB query runtimes between Spark 2.4 and Spark 3.1. Chart shows that average runtimes across all queries are 30 lower, highlighting the benefits of using Spark 3.1 with CU13.

What’s new with SQL Server Big Data Clusters—CU13 Release

SQL Server Big Data Clusters (BDC) is a capability brought to market as part of the SQL Server 2019 release. Big Data Clusters extends SQL Server's analytical capabilities beyond in-database processing of transactional and analytical workloads by uniting the SQL ... continue reading