Network Archive - The Windows Pope

Log DNS queries

6. September 2020 Jorn Walter Network

Reading time 2 Minutes Record and evaluate DNS queries Sysmon (System Monitor) is a system service and driver at the same time, which always remains active after installation. Sysmon monitors all system activities and

Which login server is responsible

6. August 2020 Jorn Walter Windows Server 2019

Reading time <1 Minute How does a client in a domain find its logon server? Based on the article Allocation of Logon Server, I now add 2 diagrams. How does a

Logon server assignment

2. August 2020 Jorn Walter Windows Server 2019

Reading time <1 Minute Which logon server is responsible How does a client in a domain find its logon server? If a client has just become a member of a domain, it asks during

Certificate Authority RPC Error 1722

29 JULY 2020 Jorn Walter Certificates

Reading time <1 Minute WIN32: 1722 RPC_S_SERVER_UNAVAILABLE A classic in IT 😉 This error message is just annoying. There are a lot of ways to check the port

Analyze SysGauge PC components

6 JULY 2020 Jorn Walter General

Reading time <1 Minute Monitoring system and performance indicators The SysGauge tool is a real extension to the Task Manager. Why is my computer constantly at the limit? SysGauge provides information about the

Packet Monitor Tool pktmon

18. May 2020 Jorn Walter Network

Reading time <1 Minute PKTMON network sniffer With the Windows 10 on-board tool “pktmon.exe” to be found under C: \ Windows \ System32 one is able to record the network activities. The tool can

Netlogon Event ID 5807

14. January 2020 Jorn Walter General

Reading time <1 Minute LDAP requests MaxPoolThreads The problem that can arise from this can be explained as follows. If the DC receives a request for name resolution, it needs the

Which networks we were connected to

31. August 2019 Jorn Walter Network

Reading time <1 Minute Where do we check which networks we are connected to? To answer this question, you need to look at the registry. In this document I go

Sysinternals Sysmon now with DNS Query logging

12th of June 2019 Jorn Walter Network

Reading time <1 Minute Sysinternals - Sysmon with DNS logging The new event ID for DNS queries is 22. As soon as a process executes a DNS query, this is recorded as an event in the LOG

Important desktop shortcuts

7. May 2019 Jorn Walter Windows 10

Reading time <1 Minute Desktop shortcuts If you have just switched from Windows 7 to Windows 10 and are not familiar with the new system, you should have these shortcuts

Windows 10 network slow

5. May 2019 Jorn Walter Windows 10

Reading time <1 Minute Windows 10 TCP Autotuning If you use an older router or a firewall in your home network and suspect, or can even measure, that it is slow,

Include network drive with an encrypted password file

11. February 2019 Jorn Walter scripts

Reading time <1 Minute The goal is to map a drive without entering a password. The password is encrypted on the drive and integrated into the Powershell script.