Cumulative update version information for Lync client and Lync server

[Last updated on 27th February, 2014]   Hi there,   You can find a list of CU versions compiled from KB articles for cumulative update packages released for Lync client and Lync servers. Please note that the list only includes version information for Lync 2010 (desktop edition), Lync Server 2010, Lync 2013 (desktop edition) and Lync…


Syn attack protection on Windows Vista, Windows 2008, Windows 7, Windows 2008 R2, Windows 8/8.1, Windows 2012 and Windows 2012 R2

[Last updated: 13th January 2014]   Hi, In this blog entry, I wanted to talk about some changes made in Syn attack protection on Windows Vista onwards systems. Syn attack protection has been in place since Windows 2000 and is enabled by default since Windows 2003/SP1. In the earlier implementation (Windows 2000/Windows 2003), syn attack…


Things that you may want to know about TCP Keepalives

Hi, In this blog entry, I will be discussing TCP keepalive mechanism and will also provide some information about configuration options on Windows systems. a) Definition Let’s first understand the mechanism. A TCP keep-alive packet is simply an ACK with the sequence number set to one less than the current sequence number for the connection….


Decrypting SSL/TLS sessions with Wireshark – Reloaded

Hi there,   In a previous blog post of mine, I went through the steps of decrypting SSL/TLS traffic by using wireshark and openssl tools. In this blog post, I wanted to talk about the same procedure again because it got even easier to decrypt encrypted traffic with Wireshark since then.  Here are the steps…


How to decrypt an SSL or TLS session by using Wireshark

[Updated on 26th October 2013] The following blog post is the newer version of this blog post: Hi there,   In this blog post, I would like to talk about decrypting SSL/TLS sessions by using Wireshark provided that you have access to the server certificate’s private key. In some cases it may be quite useful…


Why doesn’t IPReassemblytimeout registry key take effect on Windows 2000 or later systems?

Hi, I had to deal with a number of support cases where IPReassemblytimeout reg key was set but didn’t take effect on Windows 2003 or a later system and I thought I should be sharing more information about this here. Here are some details: IP fragmentation is needed when an upper layer packet whose payload is…


Do you still set EnablePMTUDiscovery to 0?

Hi, In this blog post, I would like to talk about a misconfiguration which is still in place on many customer installations. I dealt with many network performance issues where the problem was stemming from using a small MTU size (576 bytes) when communicating with off the subnet hosts. PMTU discovery option helps communicating endpoints…


Running Lync 2013 WebApp plugin in locked down Terminal server environments

Hi there,   In this blog post, I would like to talk about running Lync 2013 Webapp in Windows Terminal server environments. Lync 2013 Webapp feature has a client side plug-in which provides audio/video/application sharing functionality and this plug is installed per user, in other words installation program installs files and creates registry settings in…


Bogus IP packets and Wireshark

Hi there,   In today’s blog post, I’m going to talk about an issue that I have come across several times while analyzing network traces with Wireshark. Let’s take the following example:   I apply the following filter on a network trace:   ip.addr== and ip.addr== and tcp.port==3268 and tcp.port==8081   And I get the…


How it works on the wire: IIS HTTP Client certificate authentication

I collaborated with a colleague recently where the IE client was failing to authenticate to IIS and I was requested to analyze a few network traces collected while reproducing the issue. The main issue was that the client (IE) wasn’t able to successfully authenticate to IIS server when certificate authentication was configured on IIS side and was getting the…