Suraj Singh's information Security Blog

For people who work on information Security.

LogParser and Powershell- LOGPOWER

I was going through my last post, where I have shared log parser queries to analyze data using log...

Author: Suraj Singh MSFT Date: 02/20/2017

Logparser play of a forensicator

My guru, I won't name him, but he knows who he is, told me one day what we do is not exactly...

Author: Suraj Singh MSFT Date: 08/20/2016

Event based network trace collection-using powershell

This  post is like new version of my old post In this example I m using event id 1502 that gets...

Author: Suraj Singh MSFT Date: 06/08/2016

When malware spreads on the network, panic ,magic vs calmness ,sanity

I love to talk about things that amaze me, this one is also one of the interesting ones. However, I...

Author: Suraj Singh MSFT Date: 04/07/2016

Business need for Security Incident Management

Its been a while I m here at my blog. Believe me breaks work in amazing ways. This article is...

Author: Suraj Singh MSFT Date: 03/05/2016

Azure forensics-interesting post on MSDN

sharing an awesome post i read on MSDN...

Author: Suraj Singh MSFT Date: 08/19/2015

Hack and a thought

Recently I came across a cute hack to reset windows 7 password, someone shared that to me , saying...

Author: Suraj Singh MSFT Date: 08/14/2015

Pass the Hash attack -who's problem is it anyway?

Introduction This intro is purely for people who are not from information security and have not...

Author: Suraj Singh MSFT Date: 05/15/2015

Few words about DDOS(Distributed Denial of service) attack

Most of my friends from IT must be aware of what is a DOS(Denial of Service) attack and about...

Author: Suraj Singh MSFT Date: 03/22/2015

Crypto locker on your Machine

Probably one of the smartest malware, in my opinion, yes I’m starting with praise for this...

Author: Suraj Singh MSFT Date: 01/15/2015

Slow internet access downstream-upstream proxy scenario

I came across a downstream-upstream proxy scenario recently. It was an interesting issue, when user...

Author: Suraj Singh MSFT Date: 11/11/2014

Blog Name Modification

I have been working on other stuff these days apart from the EDGE technologies. Instead of starting...

Author: Suraj Singh MSFT Date: 11/03/2014

Another WPAD mystery

I wrote a blog post on WPAD some time back to be specific this one...

Author: Suraj Singh MSFT Date: 02/28/2014

UAG DA Teredo clients not able to connect to UAG DA during heavy load

Once again this one is from one of the cases that got escalated to me and it was a very interesting...

Author: Suraj Singh MSFT Date: 02/27/2014

FIM : Creating FIM Oracle MA(Management Agent), few important things.

I was working on a case, where Oracle MA was required to be created to sync Oracle DB's identity...

Author: Suraj Singh MSFT Date: 09/19/2013

ActiveSync on some Smartphones(in this scenario Iphones) with client certificate authentication does not work, ActiveSync here is published through TMG

It appeared strange issue, when I worked on a case where out of all the users for only few Iphone...

Author: Suraj Singh MSFT Date: 09/18/2013

UAG DA clients not able to connect using IPHTTPS intermittently.

Sometime back I worked on a case where UAG DA clients were not able to connect using IPHTTPS...

Author: Suraj Singh MSFT Date: 09/12/2013

server hardening :server 2012

https://technet.microsoft.com/en-us/security/jj720323.aspx sharing the link with all my friends. As...

Author: Suraj Singh MSFT Date: 09/06/2013

TMG performance issues-another one in that series-maxconcurrentapi

This post is an addition to the series of posts that I have written on TMG/ISA performance issues....

Author: Suraj Singh MSFT Date: 08/16/2013

Delay in loading page of a website published through UAG

When we publish a website(including exchange services and share point services), UAG does lot of...

Author: Suraj Singh MSFT Date: 08/09/2013

ISA/TMG memory Pool Depletion and performance issues.

I worked on a case recently where ISA server's service was stopping and hanging intermittently and...

Author: Suraj Singh MSFT Date: 08/08/2013

getting error " 502 proxy error. The requested resource is in use. (170)." on the upstream proxy TMG servers

This one is about a case, where Admin had configured Two TMG 2010 upstream proxy servers and he had...

Author: Suraj Singh MSFT Date: 06/26/2013

UAG Form Login SSO - Lessons from field

This is next part of my UAG authentication presentation blogpost, where I am going to discuss about...

Author: Suraj Singh MSFT Date: 05/06/2013

Generating netstat output and scenario based tracing using netsh when a specific event occurs in the eventlog-using Powershell

I was working on a case, where I needed to get netstat outpiut to understand certain connections...

Author: Suraj Singh MSFT Date: 05/03/2013

Getting error- 20152–500 Internal server Error (Data is invalid.) while accessing a web application published through TMG server.

In this scenario, TMG admin had published a web application through the TMG server, There was client...

Author: Suraj Singh MSFT Date: 04/22/2013

TMG Reporting- User activity and Monthly recurring reports are blank.

This one is about few reporting cases; I have worked on last few weeks. I had noticed few things and...

Author: Suraj Singh MSFT Date: 04/06/2013

UAG DA Manage-out another mystery-intranet firewall.

We know there are certain basic requirements or shall i say pre-requisites for the UAG DA manage out...

Author: Suraj Singh MSFT Date: 03/24/2013

Outbound Proxy and SecureNAT requests stop working intermittently on TMG 2010. Restarting the Firewall Service seems to resolve the issue temporarily.

I worked on this case few months back, since it was a very interesting issue and lot of work had...

Author: Suraj Singh MSFT Date: 01/25/2013

TMG performance counters template and counter Thresholds

Many times, my peers ask for and sometime I also need this template to use while troubleshooting TMG...

Author: Suraj Singh MSFT Date: 01/07/2013

UAG DA client cannot connect, Error : ERROR_IPSEC_IKE_AUTH_FAIL in the network captures.

Friends, for now i would say there are few prerequisites to understand following material i.e. you...

Author: Suraj Singh MSFT Date: 12/29/2012

Presentation on UAG authentication and authorization,with a scenario discussion.

Hi folks, Uploading a presentations for UAG admins and my peers. This is to provide more information...

Author: Suraj Singh MSFT Date: 12/24/2012

Data analysis with TMG data packager.

I have uploaded a presentation about Data analysis using with TMG data packager. Purpose is to help...

Author: Suraj Singh MSFT Date: 11/07/2012

UAG DA Clients do not connect to the Internal network and on UAG server we get a Getting "A client certificate was not provided" warning

This is one of the most interesting cases ,I worked on recently , So I thought of sharing that with...

Author: Suraj Singh MSFT Date: 08/10/2012

Threat Management Gateway (TMG) services do not start with event Id 21235 in the event viewer

Here’s some info on an interesting support issue I worked the other day. If you happen torun...

Author: Suraj Singh MSFT Date: 08/10/2012

Authentication issues on internal machines if external web server has NTLM authentication

I worked on a case recently where we had external web server on which we had NTLM authentication and...

Author: Suraj Singh MSFT Date: 05/25/2012

Cross site single sign on not working between two UAG servers

As usual I worked on a case regarding cross site single sign on and thought of sharing the...

Author: Suraj Singh MSFT Date: 05/07/2012

UAG Network Connector and configuration on Packaged TMG

Note: After working on this case, i got curious and did some lab work and found few interesting...

Author: Suraj Singh MSFT Date: 03/03/2012

I recently worked on a case where CRM was published through TMG server. Users on the internet after...

Author: Suraj Singh MSFT Date: 01/24/2012

Using Eventmon and Nmcap to take network monitor trace when a particular Event is generated.

There are times when you want to take netmon trace when a certain event is generated on the...

Author: Suraj Singh MSFT Date: 12/23/2011

Finding Duplicate SPN, for ISA/TMG KCD scenarios

While working on a case came across a link and thought of sharing with all...

Author: Suraj Singh MSFT Date: 12/21/2011

Failure to add a ISA server 2004/2006 replica Configuration Storage server with error code 0x80072108

Wrote following blog post on Technetwiki...

Author: Suraj Singh MSFT Date: 11/06/2011

Collecting Data Using Xperf for High CPU utilization of a process

We can investigate the high CPU utilization for a process using xperf tool. Please download it from...

Author: Suraj Singh MSFT Date: 09/14/2011

Access to UAG portal is denied with 403.6 forbidden error

You can read about it here on Technet Wki....

Author: Suraj Singh MSFT Date: 09/09/2011

Accessing Enterprise vault archived emails through UAG

Another one on technetwiki...

Author: Suraj Singh MSFT Date: 08/30/2011

Site to site IPSEC tunnel betweenTMG 2010 on VMware and Cisco

My new blog post on Technet wiki...

Author: Suraj Singh MSFT Date: 07/20/2011

Windows update fails with error 80072f8f on TMG server

Issue: Windows update fails with error 80072f8f on TMG server. Scenario : Admin was trying to do...

Author: Suraj Singh MSFT Date: 07/09/2011

WPAD is working or not

Some background about WPAD, before I start the core discussion.As per...

Author: Suraj Singh MSFT Date: 07/06/2011

ISA/TMG build numbers

For my reference and for all the users reference posting link that has the ISA/TMG server build...

Author: Suraj Singh MSFT Date: 06/30/2011

Configuring custom SSL ports on ISA/TMG server for forward proxy

By default SSL port is 443 , we can use script given on isatools.org...

Author: Suraj Singh MSFT Date: 06/21/2011

Next>