microsoft
diff --git a/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide‎
0 Bytes b/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide‎
0 Bytes
diff --git a/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide-shm‎
0 Bytes b/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide-shm‎
0 Bytes
diff --git a/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide-wal‎
4.02 KB b/‎SQLCheck/.vs/SQLCheck/v15/Server/sqlite3/storage.ide-wal‎
4.02 KB
diff --git a/‎SQLCheck/SQLCheck/Collectors.cs‎
Lines changed: 238 additions & 10 deletions b/‎SQLCheck/SQLCheck/Collectors.cs‎
Lines changed: 238 additions & 10 deletions
diff --git a/‎SQLCheck/SQLCheck/Properties/AssemblyInfo.cs‎
Lines changed: 2 additions & 2 deletions b/‎SQLCheck/SQLCheck/Properties/AssemblyInfo.cs‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎SQLCheck/SQLCheck/Storage.cs‎
Lines changed: 66 additions & 0 deletions b/‎SQLCheck/SQLCheck/Storage.cs‎
Lines changed: 66 additions & 0 deletions
diff --git a/‎SQLCheck/SQLCheck/TextReport.cs‎
Lines changed: 116 additions & 4 deletions b/‎SQLCheck/SQLCheck/TextReport.cs‎
Lines changed: 116 additions & 4 deletions
diff --git a/‎SQLCheck/SQLCheck/Utility.cs‎
Lines changed: 47 additions & 6 deletions b/‎SQLCheck/SQLCheck/Utility.cs‎
Lines changed: 47 additions & 6 deletions
diff --git a/‎SQL_Network_Analyzer/.vs/SQLNetworkAnalyzer/v15/.suo‎
1.5 KB b/‎SQL_Network_Analyzer/.vs/SQLNetworkAnalyzer/v15/.suo‎
1.5 KB
diff --git a/‎SQL_Network_Analyzer/.vs/SQLNetworkAnalyzer/v15/Server/sqlite3/storage.ide-shm‎
0 Bytes b/‎SQL_Network_Analyzer/.vs/SQLNetworkAnalyzer/v15/Server/sqlite3/storage.ide-shm‎
0 Bytes
@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.0.1100")]
-[assembly: AssemblyFileVersion("1.0.0.1100")]
+[assembly: AssemblyVersion("1.0.1126.0")]
+[assembly: AssemblyFileVersion("1.0.1126.0")]
@@ -34,6 +34,7 @@ public static DataSet CreateDataSet(String ComputerName)
             dt.AddColumn("TableRow", "Integer");
             dt.AddColumn("Severity", "Integer");
             dt.AddColumn("Message", "String");
+            dt.AddColumn("ExceptionTypeName", "String");
             dt.AddColumn("ExMessage", "String");
             dt.AddColumn("ExSource", "String");
             dt.AddColumn("ExStackTrace", "String");
@@ -68,6 +69,45 @@ public static DataSet CreateDataSet(String ComputerName)
             dt.AddColumn("TrustType", "String");
             dt.AddColumn("TrustDirection", "String");
             dt.AddColumn("SelectiveAuthentication", "Boolean");
+            dt.AddColumn("TrustAttributes", "String");
+            dt.AddColumn("SupportedEncryptionTypes", "String");
+            dt.AddColumn("Message", "String");
+            ds.Tables.Add(dt);
+
+            //
+            // Root Domain Related Domains - entries not having FOREST_TRANSITIVE flag set
+            //
+
+            dt = new DataTable("RootDomainRelatedDomain");
+            dt.AddColumn("ID", "Integer");
+            dt.Columns["ID"].AutoIncrement = true;
+            dt.AddColumn("ParentID", "Integer");
+            dt.AddColumn("SourceDomain", "String");
+            dt.AddColumn("TargetDomain", "String");
+            dt.AddColumn("TrustType", "String");
+            dt.AddColumn("TrustDirection", "String");
+            dt.AddColumn("SelectiveAuthentication", "Boolean");
+            dt.AddColumn("TrustAttributes", "String");
+            dt.AddColumn("SupportedEncryptionTypes", "String");
+            dt.AddColumn("Message", "String");
+            ds.Tables.Add(dt);
+
+            //
+            // Forest Related Domains - entries having FOREST_TRANSITIVE flag set
+            //
+
+            dt = new DataTable("ForestRelatedDomain");
+            dt.AddColumn("ID", "Integer");
+            dt.Columns["ID"].AutoIncrement = true;
+            dt.AddColumn("ParentID", "Integer");
+            dt.AddColumn("SourceForest", "String");
+            dt.AddColumn("TargetDomain", "String");
+            dt.AddColumn("TrustType", "String");
+            dt.AddColumn("TrustDirection", "String");
+            dt.AddColumn("SelectiveAuthentication", "Boolean");
+            dt.AddColumn("TrustAttributes", "String");
+            dt.AddColumn("SupportedEncryptionTypes", "String");
+            dt.AddColumn("Message", "String");
             ds.Tables.Add(dt);
 
             //
@@ -115,6 +155,7 @@ public static DataSet CreateDataSet(String ComputerName)
             dt.Columns["ID"].AutoIncrement = true;
             dt.AddColumn("ParentID", "Integer");
             dt.AddColumn("CrashOnAuditFail", "String", @"HKLM\SYSTEM\CurrentControlSet\Control\Lsa!CrashOnAuditFail");
+            dt.AddColumn("LanmanCompatibilityLevel", "String", @"HKLM\SYSTEM\CurrentControlSet\Control\Lsa!LMCompatibilityLevel");
             dt.AddColumn("DisableLoopbackCheck", "String", @"HKLM\SYSTEM\CurrentControlSet\Control\Lsa!DisableLoopbackCheck");
             dt.AddColumn("BackConnectionHostNames", "String", @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0!BackConnectionHostNames");
             dt.AddColumn("MaxTokenSize", "String", @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Kerberos\Parameters!MaxTokenSize");
@@ -200,6 +241,30 @@ public static DataSet CreateDataSet(String ComputerName)
             dt.AddColumn("NICTeaming", "Boolean");
             ds.Tables.Add(dt);
 
+            //
+            // FLTMC filters
+            //
+
+            dt = new DataTable("FLTMC");
+            dt.AddColumn("ID", "Integer");
+            dt.Columns["ID"].AutoIncrement = true;
+            dt.AddColumn("ParentID", "Integer");
+            dt.AddColumn("Name", "String");
+            ds.Tables.Add(dt);
+
+            //
+            // Network Mini Driver
+            //
+
+            dt = new DataTable("NetworkMiniDriver");
+            dt.AddColumn("ID", "Integer");
+            dt.Columns["ID"].AutoIncrement = true;
+            dt.AddColumn("ParentID", "Integer");
+            dt.AddColumn("Service", "String", @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\*\Ndi!Service");
+            dt.AddColumn("HelpText", "String", @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\*\Ndi!HelpText");
+            dt.AddColumn("FilterMediaTypes", "String", @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\*\Ndi\Interfaces!FilterMediaTypes");
+            ds.Tables.Add(dt);
+
             //
             // Disk Drive
             //
@@ -572,6 +637,7 @@ public static void LogMessage(this DataRow dr, string message, SeverityLevel sev
             {
                 drMessage["Severity"] = SeverityLevel.Exception;
                 drMessage["ExMessage"] = exRecord.Message;
+                drMessage["ExceptionTypeName"] = exRecord.GetType().Name;
                 drMessage["ExSource"] = exRecord.Source;
                 drMessage["ExStacktrace"] = exRecord.StackTrace;
             }
 
@@ -114,22 +114,90 @@ static void ReportComputer(DataSet ds, TextWriter s)  // outputs computer and do
                 s.WriteLine($"Forest Domain:              {Domain.GetString("ForestName")}");
                 s.WriteLine($"Forest Mode:                {Domain.GetString("ForestMode")}");
                 s.WriteLine();
+
+                // domains trusted by this domain
                 if (ds.Tables["RelatedDomain"].Rows.Count == 0)
                 {
                     s.WriteLine("There do not appear to be any other domains in this organization.");
                 }
                 else
                 {
+                    s.WriteLine($"Domains trusted by {Domain.GetString("DomainName")}.");
+                    s.WriteLine();
                     DataTable dtRelatedDomain = ds.Tables["RelatedDomain"];
                     ReportFormatter rf = new ReportFormatter();
-                    rf.SetColumnNames("Source Domain:L", "TargetDomain:L","Trust Type:L", "Direction:L", "Selective Auth:L");
+                    rf.SetColumnNames("Target Domain:L","Trust Type:L", "Direction:L", "Selective Auth:L", "Encryption:L", "Attributes:L", "Message:L");
                     foreach (DataRow RelatedDomain in dtRelatedDomain.Rows)
                     {
-                        rf.SetcolumnData(RelatedDomain.GetString("SourceDomain"),
-                                         RelatedDomain.GetString("TargetDomain"),
+                        rf.SetcolumnData(RelatedDomain.GetString("TargetDomain"),
                                          RelatedDomain.GetString("TrustType"),
                                          RelatedDomain.GetString("TrustDirection"),
-                                         RelatedDomain.GetBoolean("SelectiveAuthentication").ToString());
+                                         RelatedDomain.GetBoolean("SelectiveAuthentication").ToString(),
+                                         RelatedDomain.GetString("SupportedEncryptionTypes"),
+                                         RelatedDomain.GetString("TrustAttributes"),
+                                         RelatedDomain.GetString("Message"));
+                    }
+                    s.WriteLine(rf.GetHeaderText());
+                    s.WriteLine(rf.GetSeparatorText());
+                    for (int i = 0; i < rf.GetRowCount(); i++)
+                    {
+                        s.WriteLine(rf.GetDataText(i));
+                    }
+                }
+                s.WriteLine();
+
+                // domains trusted by the root domain
+                if (ds.Tables["RootDomainRelatedDomain"].Rows.Count == 0)
+                {
+                    s.WriteLine($"There do not appear to be any domains trusted by root domain {Domain.GetString("RootDomain")}.");
+                }
+                else
+                {
+                    s.WriteLine($"Domains trusted by root domain {Domain.GetString("RootDomain")}.");
+                    s.WriteLine();
+                    DataTable dtRelatedDomain = ds.Tables["RootDomainRelatedDomain"];
+                    ReportFormatter rf = new ReportFormatter();
+                    rf.SetColumnNames("Target Domain:L", "Trust Type:L", "Direction:L", "Selective Auth:L", "Encryption:L", "Attributes:L", "Message:L");
+                    foreach (DataRow RelatedDomain in dtRelatedDomain.Rows)
+                    {
+                        rf.SetcolumnData(RelatedDomain.GetString("TargetDomain"),
+                                         RelatedDomain.GetString("TrustType"),
+                                         RelatedDomain.GetString("TrustDirection"),
+                                         RelatedDomain.GetBoolean("SelectiveAuthentication").ToString(),
+                                         RelatedDomain.GetString("SupportedEncryptionTypes"),
+                                         RelatedDomain.GetString("TrustAttributes"),
+                                         RelatedDomain.GetString("Message"));
+                    }
+                    s.WriteLine(rf.GetHeaderText());
+                    s.WriteLine(rf.GetSeparatorText());
+                    for (int i = 0; i < rf.GetRowCount(); i++)
+                    {
+                        s.WriteLine(rf.GetDataText(i));
+                    }
+                }
+                s.WriteLine();
+
+                // domains trusted by the forest
+                if (ds.Tables["ForestRelatedDomain"].Rows.Count == 0)
+                {
+                    s.WriteLine($"There do not appear to be any domains trusted by forest {Domain.GetString("ForestName")}.");
+                }
+                else
+                {
+                    s.WriteLine($"Forests trusted by root domain {Domain.GetString("ForestName")}.");
+                    s.WriteLine();
+                    DataTable dtRelatedDomain = ds.Tables["ForestRelatedDomain"];
+                    ReportFormatter rf = new ReportFormatter();
+                    rf.SetColumnNames("Target Forest:L", "Trust Type:L", "Direction:L", "Selective Auth:L", "Encryption:L", "Attributes:L", "Message:L");
+                    foreach (DataRow RelatedDomain in dtRelatedDomain.Rows)
+                    {
+                        rf.SetcolumnData(RelatedDomain.GetString("TargetDomain"),
+                                         RelatedDomain.GetString("TrustType"),
+                                         RelatedDomain.GetString("TrustDirection"),
+                                         RelatedDomain.GetBoolean("SelectiveAuthentication").ToString(),
+                                         RelatedDomain.GetString("SupportedEncryptionTypes"),
+                                         RelatedDomain.GetString("TrustAttributes"),
+                                         RelatedDomain.GetString("Message"));
                     }
                     s.WriteLine(rf.GetHeaderText());
                     s.WriteLine(rf.GetSeparatorText());
@@ -194,6 +262,7 @@ static void ReportNetwork(DataSet ds, TextWriter s)  // outputs network settings
             DataTable dtNetworkAdapter = ds.Tables["NetworkAdapter"];
             DataTable dtHostAlias = ds.Tables["HostAlias"];
             DataTable dtIPAddress = ds.Tables["IPAddress"];
+            DataTable dtFLTMC = ds.Tables["FLTMC"];
 
             s.WriteLine("Network Settings:");
             s.WriteLine();
@@ -245,6 +314,45 @@ static void ReportNetwork(DataSet ds, TextWriter s)  // outputs network settings
             for (int i = 0; i < rf.GetRowCount(); i++) s.WriteLine(rf.GetDataText(i));
             s.WriteLine();
 
+            // FLTMC Filters
+
+            string filterNames = "";
+            foreach (DataRow FLTMC in dtFLTMC.Rows)
+            {
+                filterNames += "|" + FLTMC.GetString("Name");
+            }
+            filterNames = filterNames == "" ? "<none>" : filterNames.Substring(1);
+            s.WriteLine($"FLTMC Filters: {filterNames}");
+            s.WriteLine();
+
+            // network mini drivers
+
+            DataTable dtNetworkMiniDriver = ds.Tables["NetworkMiniDriver"];
+            if (dtNetworkMiniDriver.Rows.Count == 0)
+            {
+                s.WriteLine("Network Mini-Drivers: none found");
+                s.WriteLine();
+            }
+            else
+            {
+                s.WriteLine("Network Mini-Drivers:");
+                s.WriteLine();
+
+                rf = new ReportFormatter();
+                rf.SetColumnNames("Service Name:L", "Filter Media Types:L", "Help Text:L");
+                foreach (DataRow NetworkMiniDriver in dtNetworkMiniDriver.Rows)
+                {
+                    rf.SetcolumnData(NetworkMiniDriver.GetString("Service"),
+                                     NetworkMiniDriver.GetString("FilterMediaTypes"),
+                                     NetworkMiniDriver.GetString("HelpText"));
+                }
+                s.WriteLine(rf.GetHeaderText());
+                s.WriteLine(rf.GetSeparatorText());
+                for (int i = 0; i < rf.GetRowCount(); i++) s.WriteLine(rf.GetDataText(i));
+                s.WriteLine();
+            }
+
+
             // network adapters
 
             s.WriteLine("Network Adapters:");
@@ -272,6 +380,7 @@ static void ReportSecurity(DataSet ds, TextWriter s)  // outputs computer and do
             s.WriteLine("Security Settings:");
             s.WriteLine();
             s.WriteLine($"Crash on Audit Fail:        {Security.GetString("CrashOnAuditFail")}");
+            s.WriteLine($"Lanman Compatibility Level: {Security.GetString("lanmanCompatibilityLevel")}");
             s.WriteLine($"Disable Loopback Check:     {Security.GetString("DisableLoopbackCheck")}");
             s.WriteLine($"Back Connection Host Names: {Security.GetString("BackConnectionHostNames")}");
             s.WriteLine($"Max Kerberos Token Size:    {Security.GetString("MaxTokenSize")}");
@@ -787,7 +896,10 @@ static void ReportMessages(DataSet ds, TextWriter s, string tableName, int table
                         }
                         break;
                     case Storage.SeverityLevel.Exception:
+                        string src = drv["exSource"].ToString();
+                        if (src != "") src = "Source: " + src;
                         s.WriteLine($"{sev.ToString()}: {drv["Message"].ToString()}");
+                        s.WriteLine($"Exception Type: {drv["ExceptionTypeName"].ToString()}     {src}");
                         s.WriteLine($"{drv["exMessage"].ToString()}");
                         s.WriteLine($"{drv["exStackTrace"].ToString()}");
                         messagesOutput = true;
 
@@ -329,6 +329,25 @@ public static string Translate(string index, params string[] Values)
             return Translate(i, Values);
         }
 
+        //
+        // Converts Lanman compatibility levels to string
+        //
+
+        public static string LanmanNames(string value)
+        {
+            switch (value)
+            {
+                case "0": return "Send LM & NTLM responses";
+                case "1": return "Send LM & NTLM – use NTLMv2 session security if negotiated";
+                case "2": return "Send NTLM response only";
+                case "3": return "Send NTLMv2 response only";
+                case "4": return "Send NTLMv2 response only. Refuse LM";
+                case "5": return "Send NTLMv2 response only. Refuse LM & NTLM";
+                default: return "";
+            }
+        }
+
+
         //
         // Converts a Kerberos encryption bitmask to string
         //
@@ -338,12 +357,34 @@ public static string KerbEncryptNames(int bitmask)
             string s = "";
             if (bitmask == 0) return "RC4_HMAC_MD5";
             if ((bitmask & 0x00000001) != 0) s += "DES_CBC_CRC";
-            if ((bitmask & 0x00000002) != 0) s += "+DES_CBC_MD5";
-            if ((bitmask & 0x00000004) != 0) s += "+RC4_HMAC_MD5";
-            if ((bitmask & 0x00000008) != 0) s += "+AES128_HMAC_SHA1";
-            if ((bitmask & 0x00000010) != 0) s += "+AES256_HMAC_SHA1";
-            if (bitmask > 0x0000001F) s += "+Future";
-            return (s.StartsWith("+") ? s.Substring(1) : s);
+            if ((bitmask & 0x00000002) != 0) s += "|DES_CBC_MD5";
+            if ((bitmask & 0x00000004) != 0) s += "|RC4_HMAC_MD5";
+            if ((bitmask & 0x00000008) != 0) s += "|AES128_HMAC_SHA1";
+            if ((bitmask & 0x00000010) != 0) s += "|AES256_HMAC_SHA1";
+            if (bitmask > 0x0000001F) s += "|Future";
+            return (s.StartsWith("|") ? s.Substring(1) : s);
+        }
+
+        //
+        // Converts a domain trust attribute bitmask to a string
+        //
+
+        public static string DomainTrustAttributeNames(int bitmask)
+        {
+            string s = "";
+            if ((bitmask & 0x00000001) != 0) s += "NON_TRANSITIVE";
+            if ((bitmask & 0x00000002) != 0) s += "|UPLEVEL_ONLY";
+            if ((bitmask & 0x00000004) != 0) s += "|QUARANTINED_DOMAIN";
+            if ((bitmask & 0x00000008) != 0) s += "|FOREST_TRANSITIVE";
+            if ((bitmask & 0x00000010) != 0) s += "|CROSS_ORGANIZATION";
+            if ((bitmask & 0x00000020) != 0) s += "|WITHIN_FOREST";
+            if ((bitmask & 0x00000040) != 0) s += "|TREAT_AS_EXTERNAL";
+            if ((bitmask & 0x00000080) != 0) s += "|USES_RC4_ENCRYPTION";
+            if ((bitmask & 0x00000100) != 0) s += "|RESERVED_USES_AES_KEYS";  // RESERVED in MSFT documentation; USES_AES_KEYS in some 3rd-party dcumentation
+            if ((bitmask & 0x00000200) != 0) s += "|CROSS_ORGANIZATION_NO_TGT_DELEGATION";
+            if ((bitmask & 0x00000400) != 0) s += "|PIM_TRUST";
+            if ((bitmask & 0x00000800) != 0) s += "|CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION";
+            return (s.StartsWith("|") ? s.Substring(1) : s);
         }
 
         //