Server - SMB Protocols some useful information



Consider that on each Win O.S. there are two services (one is necessary to connect to remote shares, other one is necessary to publish shares):
  1. Client (LanmanWorkstation)
    Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation
  2. Server side (LanmanServer
    Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer

Here they are some useful commands:

Get-Service Lanman*
Get-SmbShare
Get-Service LanmanServer -DependentServices

To log any if SMB 1.0 protocol is enabled on file server you must use below powershell command 

Set-SmbServerConfiguration -AuditSmb1Access $True -Force

On eventviewer logs are here located:

Applications and Services Logs > Microsoft > Windows > SMBServer > Audit

EventID 3000 

to view events using powershell you must use:

Get-WinEvent -LogName Microsoft-Windows-SMBServer/Audit | Out-GridView

to view if SMB 1.0 is enabled 

Get-SmbServerConfiguration | select EnableSMB1Protocol

If you want to see which SMB versions are using your clients

Get-SmbSession | select ClientComputerName, ClientUserName, NumOpens, Dialect

Dialect is correct column indicating SMB version

There are possibilities to encrypt End-to-End encryption, for single share:

Set-SmbShare -Name Projects$ -EncryptData $True -Force

and for entirely file server

Set-SmbServerConfiguration –EncryptData $True -Force

Meanwhile Microsoft is going to not support, SMB 1 on Windows 11 due to well known security problems. (driver and DLL would not be included)


[original article]


IIS - How to enable IIS errors logging

On IIS errors troubleshooting is easier if errors reasons are verbosely indicated in their logs.

This article quickly explain on how to proceed in verbose errors logging procedure

https://4sysops.com/archives/enable-detailed-iis-errors/

Windows 11 - System Requirements

 Microsoft releases below link where system requirements are verbosely indicated:

https://www.microsoft.com/en-us/windows/windows-11-specifications?r=1

Email - Antispam websites #how to verify your email/smtp server or domain is blacklisted

If you have necessity to check if your email/SMTP Server, or domain, is blocked by some antispam here they are some websites that might be useful for this check purposes.

Website Blacklist Checker

https://sitechecker.pro/blacklist-checker/

 

Blacklist Check

https://mxtoolbox.com/blacklists.aspx

 

Email Health

https://mxtoolbox.com/emailhealth

 

SpamHaus

https://check.spamhaus.org/not_listed/?searchterm=ruffino.it

 

IP Blacklist & Email Blacklist Check

https://dnschecker.org/ip-blacklist-checker.php

 

Antiabuse project 

http://www.anti-abuse.org/multi-rbl-check/ 


[update 2022.05.09]

You can send, your email, to a specific address to understand it it has some spam related problems

http://www.isnotspam.com/

https://www.emailchecky.com/en/