A little bit late but here’s the link to the new publication from Defence UK. This is volume 1.
If you repeatedly use a Remote Desktop session and that session needs access to files on the machine you’re connecting from then you’d normally set up a network drive, possibly mapped as follows:
net use z: \\yourmachine\c$ /persistent:Yes
But, depending on how Draconian your network security is then mapping folders on user machines may actually be blocked. Strange one as this ability is mostly essential when working on a remote machine, especially if a developer. Fortunately you can map using the built in sharing of RDP. Same format as earlier just the machine name changes and effectively becomes a constant, so the mapping is now:
net use z: \\tsclient\c /persistent:Yes
And job done, until the next group policy is introduced blocking that…
These events are generated by the Windows firewall when packets are blocked. Possibly as a result of Peerblock doing it’s thing as well, I need to verify that though.
Open an elevated command box and enter the following command:
auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure:disable