Where is my SMB3 in Network Monitor?

If you are playing around with SMB3 and is trying to find more details on network traffic using Microsoft Network Monitor you may find out that SMB3 is not on the protocol’s list as shown below: Before moving forward, it is important to emphasize that this behavior is expected. There are a couple of thing…


Side Effect of Wrong Network Configuration on Forefront TMG

Throughout the years working with ISA and TMG I notice that one of the most challenging configuration for many Admins is to correctly setup the network settings on ISA/TMG. Although we have some great content out there about the subject, such as the An Inside Look into TMG Firewall Networks by Deb Shinder and the…


Identifying Suspicious Activity on your Edge Device – Part 2

Introduction In the first part of this post I explained the scenario and the initial approach for data gathering, in this second part I’m going to discuss the approach to collect data while the incident is happening. Understanding Data Gathering Process To better understand the information gathering flow that we are about to configure, review…