TechNet UK

Useful tools, tips & resource for IT professionals including daily news, downloads, how-to info and practical advice from the Microsoft UK TechNet team, partners and MVP's

June, 2013

UK  TechNet Flash Newsletter
Featured
No blog posts have yet been created.
  • Viewing Vobfus infections from above

    Win32/Vobfus is a family of worms that spreads via removable drives and downloads other malware, and a family that is causing people a lot of pain lately. Vobfus was initially discovered in September 2009 and became prevalent with its use of the MS10-046 .LNK vulnerability. The .LNK vulnerability has also been used by Chymine, Sality, and Zbot, though it is no longer used by Vobfus.

    The name Vobfus comes from the characteristics that these worms are Visual Basic and obfuscated. Vobfus is a Visual Basic malware compiled either in p-code (pseudo code) or native code (see this KB for information about p- and native-codes). The obfuscation of the malicious payload of Vobfus started with simple string manipulation, and it has evolved to a more complex string decoding. The following are some examples of polymorphic strings building used by different variants of Vobfus:

    Vobfus code examples

    Figure 1 Vobfus code examples

    Vobfus is downloaded by other malware; currently it's being downloaded by Win32/Beebone downloaders. Based on our observations, Beebone variants then download other variants of Vobfus, creating an infection cycle that means where you see one of these families, you'll often see the other. But more about this later.

    Beebone is a family of Visual Basic compiled trojan downloaders that is known to download threats from the following families, listed in order of prevalence observed over the past month: 

    Vobfus spreads via removable drives and network mapped drives. It copies itself to these drives with a random name, or not-so-random file name such as:

    • passwords.exe
    • porn.exe
    • secret.exe
    • sexy.exe
    • subst.exe
    • video.exe

    The "autorun.inf" file accompanying the Vobfus worm file is detected as VirTool:INF/Vobfus.gen.  

    Vobfus copies itself to the %userprofile% folder with a random name, or a not-so-random name, as previously listed. It also creates a runkey to ensure it runs every time Windows starts. Finally, Vobfus contacts a C&C server to obtain encrypted instructions on where to download Beebone; Beebone subsequently downloads Vobfus, and a number of other threats.

    So, to recap, where Vobfus is detected, we often find Win32/Beebone too; thus exists the cyclical relationship between Vobfus and Beebone, the two threat families that are intrinsically related. This cyclical relationship between Beebone and Vobfus downloading each other is the reason why Vobfus may seem so resilient to antivirus products. Vobfus and Beebone can constantly update each other with new variants. Updated antivirus products may detect one variant present on the system; however, newer downloaded variants may not be detected immediately. A typical self-updating malware family that just updates itself can be remediated once it is detected, because once removed from the system it cannot download newer versions of itself. In the case with Vobfus, even if it is detected and remediated, it could have downloaded an undetected Beebone which can in turn download an undetected variant of Vobfus. The following diagrams illustrate this more clearly.

    Vobfus stage 1

    Vobfus stage 2

    Vobfus stage 3

    Vobfus stage 4

    In a network environment with lots of mapped network usage or data-sharing via removable drives, Vobfus can spread by copying itself and an autorun.inf file in the infected drive. In the wild, we have observed that Vobfus maintains a very successful removable-drive infection rate, thus supporting its spreading.

    Furthermore, because of all the companion malware families that are downloaded by Beebone, the cumulative side-effects of all the malware families are present in infected machines. We recommend you refer to the encyclopedia entries for each of these families for more information on the effects these malware have on your machine, and for specific remediation advice.

    You might consider the following guidelines to help prevent being infected with Vobfus and Beebone:

    • One infection vector is drive-by download, so use caution when clicking external links, and keep your browser and all other installed software up to date to help prevent software exploits
    • Vobfus is primarily downloaded by Beebone or spread via removable drives. A possible method of prevention is disabling autorun functionality; see this KB for more details on how to do this

    And of course, as always, using an up-to-date complete antivirus solution such as Microsoft Security Essentials will help prevent many malware infections.

    Hyun Choi
    MMPC

  • People-Centric IT with the System Center 2012 R2 and Windows Server 2012 R2 Preview

    Hello from the System Center team and all of you participating in TechEd Europe 2013.  We wanted to take this opportunity to provide more technical details on System Center 2012 R2, Intune and Windows Server 2012 R2 so you’ll see some new blog posts today and later this week.  Let’s start first with Windows Server 2012 R2.

    Windows Server is the foundation OS for many of our products and it is important to know what we are delivering with the next release. The file system and storage capabilities have been an important role for any server operating system, and that continues today with virtualization and cloud services.  See the Windows Server teams blog post, “Storage Transformation for Your Datacenter” for information on SMB Direct, SMB Multichannel and other storage improvements.

    Storage is an integral part of many applications or services and System Center obviously needs to store information about devices it manages in your environment.  This device landscape is vast and includes operating systems other than Windows. Jason Leznek wrote, “Preview New People-centric IT Products Now!” to expand on these capabilities. In that post you will get information on the device operating systems we support, what you can test today, and what is coming in the next release of Windows Intune (not yet available for testing).

    Content and Downloads

    If the information in the blog posts seems foreign and you want to learn more, be sure to check out all of the sessions in the TechEd Europe 2013 course catalog.  You can watch the sessions live or on-demand.  The sessions are organized by tracks and you can filter in a variety of ways to find a particular topic.

    Ready to try the previews for yourself?  Go get the Windows Server 2012 R2, System Center 2012 R2 or SQL Server 2014 R2 previews at the download center.  Enjoy!

     

     

  • Build, save and print your own custom book of TechNet Library articles

    imageEveryone knows there is a lot of great information in the TechNet Library, but what if there was a way to save and organize a custom set of articles with only the information you really want? Or maybe you do a lot of work offsite where you may not have direct access to TechNet and need to take those articles with you on your phone, tablet or laptop for reading offline? Well now you can do all of that. With the Print Multiple Topics beta for TechNet you can build your own custom book of TechNet Library articles, group them in a collection that persists across web sessions, and then print them or export them to a file for later viewing. You’ll need a current browser and a Microsoft ID so assuming you have those already here’s how to get started.

    To begin creating your own personal collection, go to http://technet.microsoft.com/en-us/library/export/help/. This is the starting page and includes an explanation of the process and a quick guide to show you how it all works. When you’re ready, click on the Start button at the bottom of that page. That will start a new browser window that looks something like this. Note the new toolbar at the top of the page:

    image

    From there simply browse TechNet like you normally would and find the article or topic you’re interested in. Then right-click on the article or topic and choose Add This Topic to add the article to your collection, or choose Add This Set of Topics to add all topics under the link in the table of contents in the navigation bar on the left.

    image

     

    Once you’re done adding all of your articles, you can view your collection by clicking the Collection link in the toolbar at the top of the page.

    image

    That will bring up the contents of your collection where you can review and rearrange your topics, then print them or save them to HTML or a PDF. Here’s the collection I created, and I’ve decided to save it as a PDF:

    image

    Once it was done processing the collection I was prompted to download the file which looks like this.

    image

    Now I can take those articles with me or go back and view this custom collection online any time I like. Go ahead and try it out – It’s a really handy feature that I think you’ll end up using quite a bit. I know I do.

    J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division

    Get the latest System Center news on Facebook and Twitter:

    clip_image001 clip_image002

    System Center All Up: http://blogs.technet.com/b/systemcenter/
    System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
    System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
    System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
    System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
    System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
    System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

    Windows Intune: http://blogs.technet.com/b/windowsintune/
    WSUS Support Team blog: http://blogs.technet.com/sus/
    The AD RMS blog: http://blogs.technet.com/b/rmssupp/

    App-V Team blog: http://blogs.technet.com/appv/
    MED-V Team blog: http://blogs.technet.com/medv/
    Server App-V Team blog: http://blogs.technet.com/b/serverappv

    The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
    The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
    The Forefront TMG blog: http://blogs.technet.com/b/isablog/
    The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

  • TechEd Europe: The Keynote Announcements

    TechEd Europe kicked off in style this morning with DJ Joey Snow getting everyone warmed up before Brad Anderson stepped on the stage to present the keynote with special guests Mark Russinovich, Brian, Kelly, Eron Kelly and Geoff Woolsey. With some great demo’s also on display.

    The main announements for the day were the product releases which are detailed below:

    For the full announcement pop over to Brad Anderson’s blog article on Big bets and big opportunities.

    And here are a few pictures from the keynote session (Click the image below to view).

    TechEd Europe Keynote
  • Microsoft System Center 2012 R2 Preview is Now Available for Download

    Today at TechEd Europe 2013 we announced availability of the System Center 2012 R2 and Windows Server 2012 R2 previews.  You can download these products right now from the evaluation center

    Windows Server 2012 R2 and System Center 2012 R2 provide a wealth of new advancements to help IT organizations build and deliver private and hybrid cloud infrastructure for their businesses.  Some of the highlights include:

    • Download System Center 2012 R2 PreviewEnabling hybrid cloud – Windows Server Hyper-V and System Center enable virtual machine portability across customer, service provider and Windows Azure clouds, while a new System Center Management Pack for Windows Azure enhances cross-cloud management of virtual machine and storage resources.  Windows Azure Backup and Hyper-V Recovery Manager provide offsite backup and disaster recovery options.
    • Windows Azure Pack provides Windows Azure technology that enterprises and services providers can run on their Windows Server infrastructure for multi-tenant web and virtual machine cloud services. 
    • Built-in software-defined networking – Site-to-Site VPN Gateway helps customers seamlessly bridge physical and virtual networks and extend them from their datacenter to service provider datacenters. 
    • High performance, cost effective storage Features such as Storage Spaces Tiering, VHDX resizing and de-duplication for virtual desktop infrastructure provide high performance for critical on-premises workloads (like SQL and Hyper-V) using lower-cost, industry-standard hardware.
    • Empowering employee productivity – Windows Server Work Folders, Web App Proxy, improvements to Active Directory Federation Services and other technologies will help companies give their employees consistent access to company resources on the device of their choice.

    This and a number of other announcements are highlighted on the Server and Cloud Blog post, "TechEd Europe Launches with CloudOS Product Previews, Partner Announcements and Customer Case Studies".  Be sure to take a look at it.  There is a wealth of information on the products, Brad Anderson’s keynote and blog post links, press release links and more!

    For those of you interested in the TechEd sessions for System Center, be sure and review the Modern Datacenter track in the catalog. Additional filtering can be applied with the tagging to get right at the System Center sessions you are looking for.

  • Modernizing Your Datacenter with Software-Defined Networking (SDN)

    Last week there was a flurry of information and activity around TechEd North America.  So many announcements and sessions, so little time. Several of the product groups posted information on what they have been working on, and we wanted to make sure and bring your attention to “Transforming your Datacenter with Software-Defined Networking (SDN)” on the Windows Server blog.

    Software-defined networking is about enabling software – rather than the hardware – to dynamically manage the network in a way that helps you better meet the requirements of your applications and workloads.  Microsoft’s approach to SDN is grounded in our experiences designing, building and operating global-scale datacenter networks for services like Windows Azure.

    For more information, see “Transforming your Datacenter with Software-Defined Networking (SDN)” by the Windows team.  It’s a short read and well worth your time.  Don’t forget to click the registration link at the end to sign up and be notified when the R2 product evaluation bits become available.

  • Going beyond windows 8- What does the future of operating systems look like?

     

      By Tom Carter - Senior Developer at Shaping Cloud

     

     

     

    With the release of Windows 8, Microsoft took a huge step into the Cloud unifying the user with their cloud profiles such as Twitter, Facebook and Linked-In and bringing a new level of integration into the apps themselves. Whilst this is a big and significant move it is only the first of many innovations around the Operating System and the cloud. This article aims to look at what the current Microsoft Cloud OS looks like as well as taking a look into the near future to see what may be around the corner.

    “Operating systems are like underwear — nobody really wants to look at them.” – Bill Joy.

    At the recent TechEd North America [http://northamerica.msteched.com/] there was a big drive towards Cloud OS and People-Centric IT – essentially, the idea of simplifying how users access their applications and data on many platforms and devices. If you haven’t already, you should really check out Andrew Conway’s talk [http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/FDN03#fbid=Z7TlpeBa6kB] from the conference which covers the current reality of all this – binding together products like Windows Server 2012 [http://www.microsoft.com/en-us/server-cloud/windows-server/] and Intune [http://www.microsoft.com/en-us/windows/windowsintune/pc-management.aspx]. The Brad Anderson keynote from the same conference is also a great overview on the direction of the MS ecosystem. The subject may seem IT-focused but it’s actually the opposite – it’s how users can safely work on information the way they want, whenever and wherever they want to.

    Let’s think about what an operating system does at a really high level – it provides an abstraction layer between hardware and applications we want to run, for ease of development and for safety. From a user’s perspective, the OS is a container that holds all of their programs and data – apart from a file manager, they hardly ever interact with the system and mainly focus on the programs that are installed. A ‘good’ OS gets out of the way and lets the user get straight to what they want. A limitation of systems that reside on a single machine is that when I head out of my home or office, I lose all my programs and data – there’s no way for me to use the services I’ve paid for unless I invest in more infrastructure – RDP and VPN tools, perhaps.

    The idea of a cloud OS takes what we’re used to with a traditional OS (running programs and interfacing with hardware) and abstracts it – instead of software running on individual machines, we have applications that run on many, transparent to the person running or consuming the service. From the perspective of the user, they’re no longer using a program on a machine but consuming a service that lives in an arbitrary place. Because the service runs on an API common to all machines, it becomes easier to scale and failover. This is concept the drives Platform as a Service (Azure’s tour de force) [http://blogs.technet.com/b/haroldwong/archive/2013/02/18/migration-and-deployment-windows-azure-as-a-paas.aspx]. There’s a great whitepaper describing some of the concepts behind the Microsoft cloud OS here [http://download.microsoft.com/download/1/0/7/107D3951-9732-421D-8B57-AC19530F24D1/Private%20Cloud%20Making%20It%20Real.pdf] which is made more interesting because it’s focused towards on-premise solutions.

    The recently announced Windows Azure Pack for Windows Server [http://www.microsoft.com/en-us/server-cloud/windows-azure-pack.aspx] is a major piece to this puzzle – allowing administrators to manage their on-premise data centre the same way they would on Azure – allowing you to form a ‘holy-trinity’ of clouds – private, Azure and 3rd party.

    These tools can make technology departments more effective at responding to business needs, perhaps even utilising external compute resources on Azure when there’s a need to scale quickly, and let them focus more on the needs of employees and customers. It allows the technology and the technical personnel to become more people-centric.

    When you look at new Server 2012 R2 (and earlier) features alongside Windows 8, Office (2013 and 365) and Windows Azure, a strategy and vision starts to emerge – where a user’s profile becomes the centre of everything. A great example of this is Windows Azure Active Directory [http://www.windowsazure.com/en-us/services/identity/] – the name is a bit misleading as it’s a different beast to Active Directory Domain Services (ADDS). It can manage a user’s identity and federate with other identity providers, providing single sign-on to any application –it’s already used for Azure, Office 365, Dynamics CRM and Intune. Now a user can have one username and password for a LOB application, Office 365 and a third party system, synchronised with ADDS for user management - becoming a great way to manage a user’s access rights. This leads to a really nice user experience – if you’re using Office 2013 combined with Office 365 no matter what machine you sit down at, as long as it’s got Office, you get all your recently used files, library links and social features – all you have to do is sign in.

    clip_image002

    Windows 8 itself allows sign in using LiveID – this is great for simplifying the way a user accesses the Windows Store and reducing the number of logins a user has to remember. This sign in experience might also offer a glimpse of the future – making it technically feasible to immediately install apps that are associated with a user’s identity and display them on the Start screen –mimicking the setup of your home or office PC on any machine. These apps can then access LOB apps or SharePoint Online to form KPIs or alerts in live tiles. With Windows 8, the development experience for Windows got closer to phone and tablet devices with WinRT [http://msdn.microsoft.com/en-us/library/windowsphone/develop/jj681690%28v=vs.105%29.aspx] a perfect future would mean that this software is totally portable between desktop and mobile devices. This could be great for ‘Bring Your Own Device’ scenarios where services can be consumed no matter what device is in use.

    The industry is quickly moving away from users that are tied to applications on their office or home machine and towards liberating them so they can work with the same powerful capabilities anywhere – they can finally stop worrying about the system underneath and get on with what interests them. In many ways, it’s a case of “Back to the Future” sharing many of the concepts behind the original mainframes, the key difference now is the availability and speed of the internet connections that are delivering this vision across a multitude of platforms and devices. There is a lot more still to come but it is clear that the direction has been set.

     

    BIO:

    Tom Carter - Senior Developer at Shaping Cloud

    Tom has led and developed many of the bespoke systems delivered by Shaping Cloud. He has an insatiable passion for new technology and will often be experimenting with new languages and frameworks during his free time that he then brings into our projects. He has organised and spoken at the UK Windows Azure User group and is part of Microsoft’s exclusive Windows Azure Insiders program that gives him exclusive access to the latest developments in the Cloud platform.

     

     

     

  • Windows 8, Windows Server 2012 and SQL Server 2012 support in previous System Center products

    QuestionWe get a lot of questions regarding support for Windows 8 and Windows Server 2012 in the previous versions of our System Center products, and while this information is published in the TechNet Library it’s fairly spread out and at times difficult to find. With that in mind, I’ve compiled a short description of the support for Windows 8, Windows Server 2012 and SQL Server 2012 with these older System Center products. Obviously there are a lot of details I did not include so you’ll want to check your specific scenario for details but the links here should help in that regard as well.

     

    Configuration Manager 2007 R2 and R3

    - Windows 8: Supported only for clients, Branch Distribution Points (BDPs) and the Configuration Manager console.

    - Windows Server 2012: Supported only for clients, Branch Distribution Points (BDPs) and the Configuration Manager console.

    - SQL Server 2012 is supported.

    NOTE: Some configurations require certain updates to be supported. Please see http://technet.microsoft.com/en-US/library/ee344146.aspx for more information.

    Operations Manager 2007 R2

    - Windows 8 is not supported.

    - Windows Server 2012 is not supported.

    - SQL Server 2012 is not support. SQL Server versions up to SQL Server 2008 R2 SP2 are required.

    * You can monitor Windows 8 and Windows Server 2012 clients using an OpsMgr 2007 R2 Management Group provided that you have the Windows 8/Windows Server 2012 OpsMgr 2012 agent installed on those clients. See http://blogs.technet.com/b/momteam/archive/2012/09/05/windows-server-2012-system-center-operations-manager-support.aspx for more details.

    NOTE: Some SQL Server configurations require certain updates to be supported. Please see http://technet.microsoft.com/en-us/library/bb309428.aspx for more information.

    Data Protection Manager 2010

    - Windows 8 is not supported.

    - Windows Server 2012 is not supported.

    - SQL Server 2012 is not support. SQL Server versions up to SQL Server 2008 R2 SP2 are required.

    NOTE: Some SQL Server configurations require certain updates to be supported. Please see http://technet.microsoft.com/en-us/library/ff399021.aspx for more information.

    Virtual Machine Manager 2008 R2

    - Windows 8 is not supported.

    - Windows Server 2012 is not supported.

    NOTE: For more information on supported operating systems for VMM 2008 components please see the following: http://technet.microsoft.com/en-us/library/cc764213.aspx

    Service Manager 2010

    - Windows 8 is not supported.

    - Windows Server 2012 is not supported.

    - SQL Server 2012 is not support. SQL Server versions up to SQL Server 2008 R2 SP2 are required.

    NOTE: Some SQL Server configurations require certain updates to be supported. Please see http://technet.microsoft.com/en-US/library/ff460997.aspx for more information.

    Forefront Endpoint Protection 2010

    - Windows 8 is supported as a client only (see KB2758685 - Update adds Windows 8 and Windows Server 2012 support to Forefront Endpoint Protection 2010 clients http://support.microsoft.com/kb/2758685).

    - Windows Server 2012 is supported as a client only (see KB2758685 - Update adds Windows 8 and Windows Server 2012 support to Forefront Endpoint Protection 2010 clients http://support.microsoft.com/kb/2758685).

    - SQL Server 2012 is not supported. SQL Server versions up to SQL Server 2008 R2 SP2 are required.

    NOTE: Some SQL Server configurations require certain updates to be supported. Please see http://technet.microsoft.com/en-us/library/ff823830.aspx for more information.

    J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division

    Get the latest System Center news on Facebook and Twitter:

    clip_image001 clip_image002

    System Center All Up: http://blogs.technet.com/b/systemcenter/
    System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
    System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
    System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
    System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
    System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
    System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

    Windows Intune: http://blogs.technet.com/b/windowsintune/
    WSUS Support Team blog: http://blogs.technet.com/sus/
    The AD RMS blog: http://blogs.technet.com/b/rmssupp/

    App-V Team blog: http://blogs.technet.com/appv/
    MED-V Team blog: http://blogs.technet.com/medv/
    Server App-V Team blog: http://blogs.technet.com/b/serverappv

    The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
    The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
    The Forefront TMG blog: http://blogs.technet.com/b/isablog/
    The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

  • Server 4024 part 2 - Management

    In the second post in this series I wanted to look at how changes to the way you manage things in Windows Server 2012 (WS 2012) affects your management of SQL Server 2012 (SQL 2012).

    Multi Server Management

    Traditionally to manage the OS we used to remote desktop onto every server we managed and applied changes directly to it, however that’s not really viable anymore; for one thing Virtualisation has led to a lot more servers for us to manage. Now there is server manager and as with SQL Server Management Studio (SSMS) we can now register multiple servers in one console and pretty well do everything we need to from there, including adding new features, check performance and monitor alerts, events as well as starting or stopping services..

    server manager

    hopefully your servers will look healthier than mine, but at least I can see where the problems are

    Notes:

    PowerShell 3.0

    Allows all of the above to be done from the command line, and now is the time to bite the bullet and learn PowerShell;

     

    • The new built in PowerShell ISE has a lot of guidance in it to help you get started like snippets, and help to set all the switches in commands you aren’t familiar with.
    • If you have SQL management tools installed then you’ll see you can select SQLPS as a module and get help on the specific SQL2012 cmdlets as well – note you don’t have to load modules anymore in PowerShell 3 it’ll do that for you..

    sql and powershell

    The commands section on the right gives me help on the SQL Server PowerShell cmdlets

    • PowerShell can be executed remotely on other machines as well as in sessions which can be run in parallel and can persist after a reboot if needed, for example;

    Invoke-Command -ComputerName London-SQL -ScriptBlock `
    {
      Backup-SqlDatabase -Database adventureworks -BackupAction Database -CompressionOption On -LogTruncationType TruncateOnlyBackup-SqlDatabase
      }

    ..runs the PowerShell inside the braces on my London-SQL virtual machine

     

    MinShell

    Given that you are managing servers remotely why put all the tools on each server? We get this with SQL Server and generally don’t install SSMS on every server. WS2012 now allows you to deselect installing all the associated mmc snap-ins for every role/feature and also allows you to remove some or all of the GUI as well. In fact the default install option for WS2012 is now Server Core, with nothing on it but PowerShell, Notepad, a command prompt, Registry Editor and Task Manager.

    SQL 2012 runs just fine on Server Core, and with SQL 2012 sp1 you can also run Analysis Services, Integration Services but not Reporting Services (for more info check here).  This reduces the attack surface of the OS and will cut you patching in half. 

    Note: I have already got posts on how to do this and also how to properly work with sysprep using the image prepare and complete options when installing SQL Server both form the installer and form the command line

     

    and finally..

    • Please  ensure your SQL Server is given a good home and try it on Windows Server 2012
    • I’ll be discussing this during my sessions at SQL Relay (in Glasgow, Leeds, Birmingham & Norwich)
  • VIDEO: Crypto Primer, Understanding Cryptography, Certificates, Public/Private Key and Digital Signatures

    I wrote a cryptography post quite some time ago which has proven quite popular. I thought I’d make a cartoon video of it so you could just sit back and enjoy it without having to take an active part in “reading” it…

    You can always just go through the previous post in your own time absorbing each of the little details if anything in the video attracts your attention.