In case you installed SQL evaluation edition and trying to upgrade it to a licensed copy you will probably face to service is not staring with:
error code 17051, Severity: 16, state: 1
SQL Server evaluation period has expired
(viewing Errorlog)
Here is relative article that will help you.
https://www.codykonior.com/2017/11/30/upgrading-an-expired-sql-server-2016-evaluation-edition/
Hacker - RDP Brute force attacks and detecting mode
Here it is an interesting Microsoft article that discuss about RDP Brute force attacks on systems that has RDP port published on internet. Focus is detecting this attack types.
https://www.microsoft.com/security/blog/2019/12/18/data-science-for-cybersecurity-a-probabilistic-time-series-model-for-detecting-rdp-inbound-brute-force-attacks/
Pay attention to these article sections information:
"...In the Windows operating system, whenever an attempted sign-in fails for a local machine, Event Tracing for Windows (ETW) registers Event ID 4625 with the associated username. Meanwhile, source IP addresses connected to RDP can be accessed; this information is very useful in assessing if a machine is under brute force attack. Using this information in combination with Event ID 4624 for non-server Windows machines can shed light on which sign-in sessions were successfully created and can further help in detecting if a local machine has been compromised...."
"....on. While Microsoft Defender ATP already has many anomaly detection capabilities integrated into its EDR capabilities, which enrich advanced threat protection across the broader Microsoft Threat Protection, ...."
https://www.microsoft.com/security/blog/2019/12/18/data-science-for-cybersecurity-a-probabilistic-time-series-model-for-detecting-rdp-inbound-brute-force-attacks/
Pay attention to these article sections information:
"...In the Windows operating system, whenever an attempted sign-in fails for a local machine, Event Tracing for Windows (ETW) registers Event ID 4625 with the associated username. Meanwhile, source IP addresses connected to RDP can be accessed; this information is very useful in assessing if a machine is under brute force attack. Using this information in combination with Event ID 4624 for non-server Windows machines can shed light on which sign-in sessions were successfully created and can further help in detecting if a local machine has been compromised...."
"....on. While Microsoft Defender ATP already has many anomaly detection capabilities integrated into its EDR capabilities, which enrich advanced threat protection across the broader Microsoft Threat Protection, ...."
Outlook - Restore the Unread Mail folder (Outlook 200x/201x/365)
Here it is Microsoft official article that instruct you on how to re-enable "unread email" folder in Outlook 200x/201x/365 in case it is no longer available.
https://support.office.com/en-us/article/restore-the-unread-mail-folder-a51a806f-9b83-4fe8-87d2-f1d7c1f55815
Tip: You can also open the New Search Folder dialog box by pressing CTRL+SHIFT+P.
Here they are some screenshot about resolution steps done on Office 365:
https://support.office.com/en-us/article/restore-the-unread-mail-folder-a51a806f-9b83-4fe8-87d2-f1d7c1f55815
Tip: You can also open the New Search Folder dialog box by pressing CTRL+SHIFT+P.
Here they are some screenshot about resolution steps done on Office 365:
Hacker - ShellShock & Heartbleed
Today I am taking note about an old Linux Vulnerability, ShellShock, that was discovered in September 2014 that easily gave ability to execute malicious commands with root admins on vulnerable systems.
More details are here indicated.
His severity was similar to Heartbleed (a security bug in the OpenSSL cryptography librar)
More details are here indicated.
His severity was similar to Heartbleed (a security bug in the OpenSSL cryptography librar)
Tool - qradmin condominium network and app
Today I am taking note on blog an interesting website and network that permit you to manage condominium in a revolutionary way.More details can be found here:
http://www.qradmin.it
have fun ;)
Windows 2019 - How to migrate Windows 2008 FSMO
Here it is a very quick note about how to migrate DC on Windows 2008 (FSMO) to new DC Server Windows 2019
Have fun,
https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-migrate-windows-server-2008-r2-fsmo-roles-to-windows/ba-p/538377
Have fun,
https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-migrate-windows-server-2008-r2-fsmo-roles-to-windows/ba-p/538377
Subscribe to:
Posts (Atom)