SMB 3.1.1 Pre-authentication integrity in Windows 10

Pre-authentication integrity is one of the new SMB 3.1.1 security improvements in Windows 10 and Windows Server 2016 TP2 (technical preview 2). It improves protection from a man-in-the-middle (MITM) attacker in tampering with SMB2’s connection establishment and authentication messages. This new feature supersedes “secure dialect negotiation” introduced in SMB 3.0, which only protected against MITM…


Password encryption in establishing a remote assistance session of type 1

This blog provides details on how the PassStub is used when establishing a remote assistance session of type 1. It presents the password encryption flow and illustrates with Windows APIs and sample data.   Remote assistance overview   Remote Assistance (RA) was introduced in Windows XP and enables one computer user to remotely help another…


Troubleshooting with the Microsoft Exchange RPC Extractor (or, the case of the mysterious Inbox sync)

  If you were not already familiar with decoding Exchange Server to Client communication, or have done so manually in the past, I present to you The Microsoft Exchange RPC Extractor (RPX). RPX is a command-line driven tool that parses network captures and decodes the RPC calls to a Microsoft Exchange Server. Perhaps the best…


Notes on sparse files and file sharing

Sparse files are generally referred to as files, often large, that contain only a small amount of nonzero data relative to their size. In this blog, I would like to chat about sparse files on Windows operating systems and the related SMB commands. From an inter-operability perspective, I intend to discuss: – implications of a…


Reflecting on another successful Interoperability Lab event

Engagement with partners is an integral part of achieving interoperability with Windows. In addition to helping users of the Microsoft Open Protocol Specifications, our team participates in a regular basis in interoperability labs dedicated to specific areas of focus of our partners. Sun Microsystems is one our team’s most active partners. Recently, I had the…


A successful story of an Interoperability Lab event

       As the protocol documentation support team, we have the responsibility of helping the users of our published Microsoft Open Protocol Documentation achieve successful interoperability with Windows.    There’s more to interoperability than just good technical documentation; engagement with partners is essential.     One of our team’s most active partners is the Samba team, whose…