In the process of filtering Internet traffic, all firewalls have some type of logging feature that documents how the firewall handled various types of traffic. These logs can provide valuable information like source and destination IP addresses, port numbers, and protocols. You can also use the Windows Firewall log file to monitor TCP and UDP connections and packets that are blocked by the firewall.
Source: How to Track Firewall Activity with the Windows Firewall Log
Uses some known methods that attempt to disable tracking in Windows 10 – 10se1ucgo/DisableWinTracking
Source: 10se1ucgo/DisableWinTracking
Endpoints The Microsoft Data Management Service routes data back to our secure cloud storage. Only Microsoft personnel with a valid business justification are permitted access. The following table defines the endpoints for Connected User Experiences and Telemetry component: Windows release Endpoint Windows 10, versions 1703 and 1709 Diagnostics data: v10.vortex-win.data.microsoft.com/collect/v1 Functional: v20.vortex-win.data.microsoft.com/collect/v1 Windows Advanced Threat Protection is country specific
Source: Configure Windows diagnostic data in your organization (Windows 10) | Microsoft Docs
The WordPress XML-RPC implementation allows external services and desktop clients to interact with WP. You can also learn how to stop an XML-RPC attack.
It looks as if Microsoft is going to remove options to defer updates using the Settings application in Windows 10 Pro version 1903.
Source: Will Microsoft remove Advanced Update options in Windows 10 1903 Pro? – gHacks Tech News
WoeUSB is an application for GNU/Linux that enables you to create bootable USB media for Windows from Windows ISO images or DVDs.
Source: Easily make a Windows bootable USB from within Linux Mint with WoeUSB – gHacks Tech News
Enterprise Policy Generator is a new add-on for the Firefox web browser by Sören Hentzschel to create cross-platform policy files for Firefox.
Source: Enterprise Policy Generator add-on for Firefox – gHacks Tech News
By Mark Russinovich
Updated: February 18, 2019
Download Sysinternals Suite (23.2 MB)
Download Sysinternals Suite for Nano Server (4.6 MB)
The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver.
The Suite is a bundling of the following selected Sysinternals Utilities: AccessChk, AccessEnum, AdExplorer, AdInsight, AdRestore, Autologon, Autoruns, BgInfo, BlueScreen, CacheSet, ClockRes, Contig, Coreinfo, Ctrl2Cap, DebugView, Desktops, Disk2vhd, DiskExt, DiskMon, DiskView, Disk Usage (DU), EFSDump, FindLinks, Handle, Hex2dec, Junction, LDMDump, ListDLLs, LiveKd, LoadOrder, LogonSessions, MoveFile, NotMyFault, NTFSInfo, PageDefrag, PendMoves, PipeList, PortMon, ProcDump, Process Explorer, Process Monitor, PsExec, PsFile, PsGetSid, PsInfo, PsKill, PsList, PsLoggedOn, PsLogList, PsPasswd, PsPing, PsService, PsShutdown, PsSuspend, PsTools, RAMMap, RegDelNull, RegHide, RegJump, Registry Usage (RU), SDelete, ShareEnum, ShellRunas, Sigcheck, Streams, Strings, Sync, Sysmon, TCPView, VMMap, VolumeID, WhoIs, WinObj, ZoomIt
Download Sysinternals Suite (22.6 MB)
Download Sysinternals Suite for Nano Server (4.7 MB)
Source: Sysinternals Suite – Windows Sysinternals | Microsoft Docs
psexec executable is located..\psexec -s -i cmd.exe to open a new cmd window.taskschd.msc (or %windir%\system32\taskschd.msc).Source: windows 10 – Can’t modify task “Reboot” in win10 home – Super User