Tag Archives: Windows Tutorial

Windows operating systems are particularly common on personal computers and servers.

Open Windows Terminal as an administrator

Windows Terminal Preview 1.15 is out with an updated settings UI design, a new “elevate” profile setting and a revamped text rendering engine,

Unlike the traditional console, Windows Terminal runs the various command lines in tabs, with each shell configured through its own profile.

In Windows Terminal, you can now configure the elevation of privileges for individual or all shells. However, some peculiarities await us.

The settings of a profile now include the option to start the shell in question with elevated privileges. By default, however, Windows Terminal opens all automatically set up profiles in the context of the currently logged in account.

Configure Terminal Profile as Administrator

To configure a shell for administrative requirements, you can use the function to duplicate existing profiles. To do this, open the settings and use the Add New Profile command.

Windows Terminal Add a new profile

In the following dialog, an existing profile can be selected to be copied, then click on Duplicate. The settings of this new profile open and you can change its name and activate the option Run this profile as administrator .

Windows Terminal Run this profile as an administrator

This new profile appears immediately after saving in the drop-down list and can be started directly here. As expected, the authentication dialog appears under an administrative account.

Terminal User Account Control Dialog

After successful login, the command line terminal does not open in a new tab, but in its own window. This is because the “elevated” terminal profile is started as a child process by Windows Terminal.

microsoft replaces netbios with mdns

Multicast DNS (mDNS) is supported by starting with Microsoft Windows 10 1703, but Microsoft is now preparing to completely replace NetBIOS and Link-Local Multicast Name Resolution (LLMNR) with mDNS. In Windows 11 previews, NetBIOS name resolution is configured as a fallback by default for the time being.

Originally developed by Apple, mDNS is a name resolution protocol that does not require a central DNS server. It sends a request via multicast to all devices in the network, the one to which the desired host name applies, also responds with a multicast packet to the entire network.

Multiple mDNS resolvers

mDNS resolvers listen on UDP port 5353. In practice, several resolvers are active at the same time. In addition to the operating system, these include Chromium-based web browsers or Microsoft Teams clients.

Active mDNS resolvers can be output in PowerShell:

Get-NetUDPEndpoint -LocalPort 5353 | Select-Object LocalAddress,LocalPort,OwningProcess, @{ Name="Process"; Expression={((Get-Process -Id $_.OwningProcess).Name )} }

There is no central instance in the form of a DNS server by mDNS, and it cannot be ruled out that several devices on a network use the same host name.

One danger is where malicious programs settle over UDP port 5353 and forward clients via DNS spoofing to hosts of cybercriminal origin.

Disable mDNS

Because of these circumstances, administrators might consider disabling mDNS. However, Microsoft recommends that you refrain from generally disabling it, otherwise communication with various devices on the network, such as printers or wireless devices, could be affected.

If companies still prefer such a measure, then Microsoft recommends that you use Windows Firewall to block only incoming requests. The Windows Firewall contains the predefined rule “mDNS (UDP-In)”.

Open Windows Firewall with hit the keys Windows+R and insert firewall.cpl to run it, then go to Advanced Settings .

Windows Firewall Advanced Settings mDNS UDP Inbound
Windows Firewall – Advanced Settings

You should disable mDNS only for the domain profile and the public profile, but enable it for private networks. To ensure that employees in the home office can use devices that are designed for mDNS.

mDNS replaces NetBIOS and LLMNR

Another reason not to disable mDNS prematurely is that Microsoft is increasingly relying on this protocol. In current previews of Windows 11, NetBIOS runs in “Learning Mode” by default, so this outdated protocol only comes into play after requests to mDNS and LLMNR have failed.

The default behavior of LLMNR has not changed yet. The default behavior of LLMNR has not changed yet. Microsoft plans to use mDNS as the default for name resolution in the future.

If certain applications still require NetBIOS, a new Group Policy can be configured accordingly. In addition to the aforementioned learning mode, it offers the options to completely allow name resolution via NetBIOS, to prevent it completely or to block it only in public networks.

Group Policy NetBIOS Settings