Note: Surface Pro Volume-Up Reset

I once experienced a problem with my Surface Pro 3 where the keyboard (and screen rotation) stopped working while I was working in another State. I can never find the instructions I used to fix it, so I thought I’d post them here. Note: For Surface Pro devices only. Hold Power and Volume Up for…


The RDP Ghost is real.

Recently, when connecting to a reasonably-sleepy Windows system, I’ve seen the RDP Ghost. An 8 bit rendition of a scary, scary ghost. It scared me. If you’ve seen it, you’re not alone. It’s a thing. I hope – one day – to capture a screenshot of this apparition. The Rules appear to be that you…

1

Krebs’ Immutable Truths of Data Breaches

A rationale for more stringent risk assessment. Or indeed any risk assessment for internet connected assets, regardless of size or perceived value to others. Krebs’s Immutable Truths About Data Breaches “There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations…

0

Website Security Suggestion: Get rid of cruft! (script included)

Right: One of my pet hates is cruft on a production website. Cruft is stuff – files – which has accumulated because nobody’s paying attention. Cruft includes sampleware. Developer experiments. Readmes. Sample configs. Backups of files which never get cleaned up. Just general accumulated stuff. It’s website navel lint. Hypertext hairballs. Cruft. Has. No. Place….

0

Sunsetting TMG with some (free!) Best Practices

Long and boring post ahead. So KITTENS! There. Fluffy now. As one of the Premier Field Engineers performing ISA Health Checks and then TMG configuration reviews (by default, from my long association with Proxy 2.0 and then ISA!), I was reviewing a document I put together for a customer just before shredding it, and thought:…

2

Simple IIS Kerberos Q&A

Posting a hopefully-useful tidbit. Hi Tristan, Do you have by any chance a guide on how to set up IIS for kerberos auth? I’m helping my customer and I’m a beginner with IIS. It is a farm of 6 IIS servers, they will be using a service acct. DNS is configured to do the following…

0

Tip: Check that your Offline Root CA is actually Offline, mmkay?

I spend a fair whack of time chatting PKI and certificates with customers, and tyre-kicking their environments as part of the Active Directory Certificate Services Assessment (or ADCSA – available via Premier Support). Many customers have a fairly standard design, often deployed by a partner (it’s the “off the shelf plus customize” option), which includes…

2

Huh.

You find lots of draft posts when your user interface changes… Hi! I’ve been waiting for my blog to migrate for what seems like forever. Now it’s back, and Open Live Writer’s a thing, and so I guess I might be back too. Sweet. Somewhere to jot things and rant a bit. FAQ: Yep, still…

0

Hyper-V Synthetic Networking Is Much Faster

I decided it was time to look at upgrading my home broadband, mostly to get better-than-128KB upload speeds. After the ISP-side change had eventually wound its way through, I was interested to see that while my upload speeds had improved, my download speeds still seemed capped at about 25Mbits/s (rule of thumb: divide by 8 to get megabytes per…

0

MSDEToText for TMG sometimes produces negative IP addresses

… which can be annoying when you're trying to work out where your traffic's headed, with something like LogParser. I fixed my MSDEToTSV (note, I renamed it so that it reminded me what format it produces – I only need to use it once in a blue moon), and I'm posting the fixed version here…

0