TCP/IP

Speaking in Ciphers and other Enigmatic tongues fresh content update!

First published on TechNet on Dec 08, 2015 Hi! Jim Tierney here again to talk to you about Cryptographic Algorithms, SCHANNEL and other bits of wonderment. My original post on the topic has gone through yet another rewrite to bring you up to date on recent changes in this crypto space. So, your company purchases […]

Speaking in Ciphers and other Enigmatic tongues fresh content update! Continue Reading

Lightbits for Azure VMware Solution

As users of Azure VMware Solution, we most likely will come across a time where we need to add storage and not necessarily need more compute from an additional host.  Lightbits is another option in the Azure Marketplace to add storage that will scale and run storage intensive apps. What is Lightbits? Lightbits is storage

Lightbits for Azure VMware Solution Continue Reading

Firewall considerations for gMSA on Azure Kubernetes Service

This week I spent some time helping a customer with a gMSA environment on which they were finding some issues in deploying their app. The issues started when they were trying to figure out why the Kerberos ticket was not being issues for the Window pod with gMSA configured in AKS. I decided to write

Firewall considerations for gMSA on Azure Kubernetes Service Continue Reading

SMB over QUIC client access control now supported in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25977 (Canary Channel) and Windows Server Preview Build 25997, SMB over QUIC now supports access control for clients. Today I’ll explain how this works, what the advantages are, and how to set it up. SMB over QUIC SMB over QUIC introduced an alternative to TCP and

SMB over QUIC client access control now supported in Windows Insider Continue Reading

Stop Worrying and Love the Outage, Vol I: Group Policy and Sharing Violations

Hello! Chris Cartwright here from the Directory Services support team.  Recently, we have seen an uptick in cases related to sharing violations when processing or editing group policies.  Most of these issues are caused by locks on policy-related files within the SysVol share, from either security products or environmental conditions.  Security product mitigations are already

Stop Worrying and Love the Outage, Vol I: Group Policy and Sharing Violations Continue Reading

Unwrapping the 2023 holiday season: A deep dive into Azure’s DDoS attack landscape

As the holiday season of 2023 unfolded, it brought not only cheer and celebration but also a surge in Distributed Denial-of-Service (DDoS) attacks. This year’s trends in DDoS attacks reveal a complex and evolving threat landscape. From misconfigured Docker API endpoints enabling botnet delivery to the emergence of NKAbuse malware exploiting blockchain technology for DDoS

Unwrapping the 2023 holiday season: A deep dive into Azure’s DDoS attack landscape Continue Reading

ConfigMgr CMG Least Privilege Setup Approach

Or as we say in the north of Germany: “Moin Moin!” I’m a Microsoft Cloud Solution Architect and this blog post is meant as a guide to setup a ConfigMgr Cloud Management Gateway (CMG) without the need for a Global Admin to use the ConfigMgr console.I will also briefly explain what a CMG is and

ConfigMgr CMG Least Privilege Setup Approach Continue Reading

Introduction to Network Trace Analysis 4: DNS (it’s always DNS)

Howdy everyone! I’m back to talk about one of my favorite causes of heartache, the domain name system (DNS). This will be our first foray into an application layer protocol. The concept of DNS is simple enough, but it can lead to some confusing situations if you don’t keep its function in mind. No time to

Introduction to Network Trace Analysis 4: DNS (it’s always DNS) Continue Reading

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server (“Perforce Server”), a source code management platform largely used in the videogame industry and by multiple organizations spanning government, military, technology, retail, and more. Perforce Server customers are strongly urged to update to

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server Continue Reading

SMB over QUIC now available in Windows Server Insider Datacenter and Standard editions

Heya folks, Ned here again. Starting with Windows Server Insider Preview Build 25997, the SMB over QUIC server feature is now available in Datacenter and Standard editions. This changes the previous behavior, where it was only available in Windows Server Azure Edition. SMB over QUIC SMB over QUIC introduced an alternative to TCP and RDMA, supplying secure connectivity to

SMB over QUIC now available in Windows Server Insider Datacenter and Standard editions Continue Reading