Newsletter of April 2008 Monthly Newsletter of April 2009 Sponsored by: GFI

Welcome to the newsletter by Thomas W Shinder MD, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to:


That's right, the new GFI LANguard is now available in FREEWARE version! Use GFI LANguard's enterprise level vulnerability scanning, patch management and network auditing features for free!      

Download the FREEWARE version today

1. Microsoft in the Cloud

Are you on board yet with cloud computing? Have you heard of clouding computing? Are you thinking about how cloud computing is going to affect your company, your IT infrastructure, and maybe your own job? Did you know that cloud computing is the Next Big Thing and that you need to get in front of it before it comes at you from behind?

There are a lot of definitions of cloud computing and whenever you get two or more cloud computing experts into a room, you are going to get at least two different definitions. One thing that all cloud specialists can agree on is that cloud computing is about moving workloads that are traditionally done at the in-house datacenter onto the Internet. The argument is that it is much more cost effective to move some IT operations onto the Internet where cloud hosters can leverage the benefits of scale, and companies can shift their IT budgets from capital expenditures to operating expenditures.

The big players in the cloud computing market today are Amazon, Google, IBM and Microsoft. Amazon has a number of cloud services, such as EC2, S3 and Simple DB. Google is well known for its cloud applications, which are included with Google Apps. Google also has a cloud application platform based on the Python programming language that goes by the name of Google App Engine. IBM has a new cloud application offering, LotusLive, that gives you access to Lotus Suite applications on the Internet. IBM also has a number of cloud infrastructure and platform services, but they hide the details of those behind the "Great Wall of IBM Global Services".

Microsoft also has a number of cloud services. You might be aware of Microsoft's Windows Live Services - a collection of over a dozen internet-based free (or almost free) services that are run from the Internet. Windows Live Mail (Hotmail) is the best known of these, but there are several very cool ones, such as Windows Live SkyDrive, Windows Live Spaces and Windows Live Mesh.

While the consumer side Microsoft cloud products are very interesting and are in widespread use, Microsoft's main focus is on commercial products. Here Microsoft has two offerings - one that fits into the "Software as a Service (SaaS)" area and the other in the "Platform as a Service" area. The SaaS options go under the umbrella of "Microsoft Online Services" and those include a number of SaaS applications, including Exchange Online, SharePoint Online, and Office Communications Online. You can find more about them on the Microsoft website.

On the PaaS side of the house, Microsoft is getting ready a new and arguably innovative cloud platform service called Microsoft Azure. Firstly, I have to point out the irony of the name of a cloud service named "Azure". If you look up the definition of Azure, you will find many references to a cloudless sky!!

Microsoft Azure is an application development environment that takes the infrastructure heavy lifting out of the hands of the developer (and the IT group). Developers create cloud enabled applications using the Azure development tools, test their "cloud worthiness" in a simulated cloud environment on their development workstations, and then press a button to deploy their applications to the Azure cloud. Redundancy, load balancing, backup, load balancing and all the rest of the associated infrastructure services typically used to support Internet based applications, are all configured automatically in the background. And after the configuration, they are maintained in the background - companies do not need the help of their local IT groups to make sure things stay up and running. You can find out more about Azure here.

We will be talking a lot about cloud computing in the coming months because whether we like it or not, it is the future of IT. Microsoft and the other major companies in the computing industry are spending billions of dollars building out their cloud computing infrastructures and you can bet that they are going to do everything they can to make sure you are on board. And even if you or your IT group is skeptical of cloud computing, it might not be you or your group who will be making the decision to move into the cloud. Cloud computing economics are targeting the CFO and other fiscal decision makers, so the directive to migrate to cloud computing solutions will be coming from the top down, and IT will need to know how to deal with them.

What is your take? Is cloud computing the best thing since sliced bread? Are you excited about cloud computing? Do you think cloud computing is a major step forward, or a desultory step backward to centralized control? Let me know! Send me a note at and I will get your opinions up in the next newsletter. Thanks!

See you next month!


Want to learn about network security from the experts? Want to get the inside information about Windows Network Security and the inner workings of the TMG firewall? Then join us at Black Hat Las Vegas for Microsoft Ninjitsu: Black Belt Edition Tim, Jim and I provide helpful and cogent insights into squeezing the highest level of security from your Microsoft infrastructure and let you into the secret tweaks that we use to get an edge over the bad guys.

For ISA or TMG firewall, as well as other Forefront Consulting Services and Microsoft virtualization technology consulting in the USA, call me at 206-443-1117 or visit Prowess Consulting web site.

Got a networking question that you can't find the answer to? Send a note to Dr. Tom at and he'll answer your question in next month's newsletter.

Quote of the Month - "For the things we have to learn before we can do them, we learn by doing them." - Aristotle (384 BC - 322 BC)

2. ISA Server 2006 Migration Guide - Order Today!

Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..

Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.

   Click here to Order
   your copy today


That's right, the new GFI LANguard is now available in FREEWARE version! Use GFI LANguard's enterprise level vulnerability scanning, patch management and network auditing features for free!      

Download the FREEWARE version today

3. Articles of Interest

4. KB Article of the Month

How to configure a Secure Socket Tunneling Protocol (SSTP)-based VPN server behind a NAT device in Windows Server 2008

This is a nice article on how to publish an SSTP VPN server behind a NAT device. The most interesting procedure included here is information on how to configure the SSTP server to listen on an alternate port. Here's the procedure:

If you want to configure the SSTP-based VPN server to listen on a port other than TCP port 443, follow these steps:

  1. Start Registry Editor, and then locate the following registry subkey:
  2. In the details pane, right-click ListenerPort, and then click Modify.
  3. Click Decimal, type an alternative port number such as 5000, and then click OK.
  4. Exit Registry Editor, and then restart the Routing and Remote Access service.

If you change the ListenerPort value, you must configure the NAT device to forward TCP port 443 traffic to the new port number that you configured. For example, you must configure the NAT device to forward incoming traffic on TCP port 443 to TCP port 5000 on the SSTP-based VPN server.

I have to point out that this appears to enable port redirection, rather than accessing the SSTP server from an alternate port from a client.

This article is available here

How to install the free Windows Live OneCare Safety Scanner and then scan your computer in Safe Mode

To ensure that Windows Live OneCare Safety Scanner can scan your computer with the minimal software and drivers running you can install and run the safety scanner in Safe Mode. The steps are available here.

5. Windows Networking Tip of the Month

Most of you are used to working with the command prompt at one time or another. Did you know that the command prompt remembers the commands you enter during a command prompt session? If you press is up or down arrow while in the command prompt window, you can cycle through the commands you used earlier. By default, the command prompt window will remember the last 50 commands you have cycled through. This is very helpful, especially when you are doing a lot of command line network diagnostics and want to run the commands that you've run recently after making changes to the network configuration.

You can make the command prompt remember more than 50 commands. Open the command prompt window and click the icon in the upper left corner of the command prompt window and click Properties. On the Options tab, you'll see the Command History section. Increase the number in the Buffer Size box.

If you want to see a list of commands contained in the command prompt buffer, type doskey /history at the command prompt, and you'll see a list of recently used commands, like that seen in the figure below.


That's right, the new GFI LANguard is now available in FREEWARE version! Use GFI LANguard's enterprise level vulnerability scanning, patch management and network auditing features for free!      

Download the FREEWARE version today

6. WindowsNetworking Links of the Month

7. Ask Dr. Tom


Hi Dr. Tom,

I need to figure out what programs and processes are using specific ports on my computer. Is there an easy way to do this? Do I need to download any programs to help me figure this out?

Thanks! - Richard S.


Hi Richard,

You do not need to buy any new software, you can use what's built into your operating system. There are two steps in getting the information you need. First, open up the command prompt and type netstat -ano and press ENTER.

You will see a printout similar to what is seen in the figure below. Here you see information regarding the protocol (such as TCP) the source IP address and port, and destination IP address and port, and current state of the connection, and the process ID, which is the last column. The process ID will provide you with the process or application that's using the connection listed on that line.

The next step is to translate the process ID into an application or "image name". The image name is the name of the file that is used to run the service or application. Let us say that we are interested in process ID 3420. At the command prompt, type:

tasklist /svc /FI "PID eq 3420"

and press ENTER.

You will see the image name and any associated service, as seen in the figure below.

Got a question for Dr. Tom? Send it to


That's right, the new GFI LANguard is now available in FREEWARE version! Use GFI LANguard's enterprise level vulnerability scanning, patch management and network auditing features for free!      

Download the FREEWARE version today