Extended DFS referral for SMB 3
This blog talks about site-aware DFS referral introduced in Windows Server 2012. Extended DFS referrals provide remote client computers with optimal DFS referrals when the computers connect to the...
View ArticleClik here to view.
MS-PST – Parsing a Heap-on-Node Property Context Block
Summary This Blog will use the sample Heap-on-Node (HN) from section 3.8 of MS-PST and walk through the process of how to read a property from it. The current version of the MS-PST open specification...
View ArticleSMB 3.1.1 Pre-authentication integrity in Windows 10
Pre-authentication integrity is one of the new SMB 3.1.1 security improvements in Windows 10 and Windows Server 2016 TP2 (technical preview 2). It improves protection from a man-in-the-middle (MITM)...
View ArticleSMB 3.1.1 Encryption in Windows 10
SMB 3 encryption offers data packet confidentiality and prevents an attacker from both tampering with and eavesdropping on any data packet. Encryption has been enhanced in SMB 3.1.1. The cipher can now...
View ArticleMS-OXCFXICS – How to parse the FastTransfer Stream
Note: This article was written using version 16.2 (10/30/2014) of the MS-OXCFXICS document as reference and all links contained in this article reference sections of that version of the document. The...
View ArticleClik here to view.
OpenXML Styles 101 – Creating Custom Styles and Understanding Style Inheritance
IntroductionThis will be the first in a series of articles on various OpenXML topics. This article provides an expanded description of how Style Inheritance works. We will be using an example created...
View ArticleClik here to view.
OpenXML Styles 101 – Understanding Table Style Conditional Formatting
IntroductionThis is the second in a series of articles covering various OpenXML topics. This article provides an example of creating some simple table styles that use conditional formatting, the...
View ArticleClik here to view.
Verifying STUN Message Integrity for Lync and Skype for Business ICE Traffic
Verifying STUN Message Integrity for Lync and Skype for Business ICE Traffic Recently there have been some inquiries about how to verify the integrity of messages in STUN protocol conversations when...
View ArticleHow Kerberos user-to-user authentication works?
The Kerberos user-to-user (U2U) authentication mechanism enables a client to authenticate to a service that is not in possession of the long-term secret key. U2U allows one principal to authenticate...
View ArticleSMB 2 and SMB 3 security in Windows 10: the anatomy of signing and...
Signing is an integral security feature in SMB2 since its inception. Encryption starts in SMB3 as an important security enhancement. This article reviews the security evolution of the authenticated...
View Article