azure sentinel impossible travel

• Privacy Policy

Select Page

Step-by-Step guide to manage Impossible travel activity alert using Azure cloud app security

Posted by Dishan M. Francis | Sep 23, 2018 | Azure , Azure Active Directory | 2 |

Last Updated on September 26, 2018 by Dishan M. Francis

Let’s assume one of user in your sales team log in to https://myapps.microsoft.com and launch salesforce app successfully from his office in UK. Few minutes later the same user made successful login from Canada. Unless user is using remote connection, it is not impossible. Still someone can’t travel that fast ?. Azure Active Directory capable of detect this type of impossible sign-in activities. However, detection type for this kind of activities is “ offline ”. Which means reporting latency for these alerts are between 2 to 4 hours . 

Azure cloud app security also capable of detecting these types of activities but it is real-time as it detects activities based on sessions. It helps administrators to react faster and protect infrastructure from potential breach. In this demo, I am going to demonstrate how to fine tune built in azure cloud app security policy for Impossible travel activity and prevent breach. 

Before we start, first we need to integrate SaaS app with cloud app security. In my previous post I demonstrate how to do that. So please go ahead and read it on https://www.rebeladmin.com/2018/09/step-step-guide-block-data-download-using-azure-cloud-app-security/

In my demo I am using salesforce app. 

1. Once integration is done, log in to https://portal.cloudappsecurity.com as global administrator.

2. Then go to Settings | Conditional access app control

3. There you should be able to see your app under Conditional access app control tab. It should be in healthy connected status. 

4. Then click on Control | Policies

5. Under policies, click on impossible travel policy 

6. This is a built-in policy. as you can see it doesn’t have any actions attached to it. if CAS detect such activity, it will still be reported under CAS dashboards. 

7. In my environment, I like to get an alert if its detect such activity. To do that, click on Send alert as email option under Alerts . Then define email address in text box. 

8. I also like to suspend the user account, so it gives my team enough time to review the alert and do the necessary adjustments. To do that, click on All apps under Governance and click on Suspend user check box. 

9. To complete the action, click on Update .

10. Policy is updated now. For testing I am login from two VMs located on two different locations.

11. Once the login is done, I came back to https://portal.cloudappsecurity.com . Then click on Salesforce app.

12. Under the alerts I can see it detected impossible travel activity. Click on it to view more details.

13. In there we can see in-details error description & activity log. 

14. According to policy, I also should get email alert. When I log in to email I can see email alert for the activity as expected. 

15. According to policy it also should suspend the user account. When I try to login again as the same user I got following account lock out error. 

Cool ha? As expected policy detects the activities in real-time and take necessary actions as defined. 

This marks the end of this blog post. If you have any further questions feel free to contact me on [email protected] also follow me on twitter @rebeladm to get updates about new blog posts.

Related Posts

Step-by-step guide: azure firewall to control access in azure vnet-to-vnet connection (powershell guide).

May 17, 2020

Azure AD Self-Service password reset for Windows 7/8.1 Devices

October 26, 2018

Self-Service password reset on Azure AD joined windows 10 device

November 26, 2017

Step-by-Step Guide: How to transfer data to or from storage account using AzCopy

December 3, 2019

I am currently using the impossible travel alert for Office 365 logins. However, the alert goes off even if the login from an impossible travel location was unsuccessful.

This has made this alert useless because these unsuccessful logins are happening all the time as bots and bad actors are constantly trying to log in to my users accounts.

Is there a way to set the alert to only kick off if the login was successful?

This is also detecting account login via VPN in different location. How can we exclude that ? also, failed logins are also coming as alert. can we exclude them to reduce number of false positive.

Trackbacks/Pingbacks

• travel cloud login - Login Portal - […] 8. Step-by-Step guide to manage Impossible travel activity … […]

Leave a reply Cancel reply

Your email address will not be published. Required fields are marked *

Save my name, email, and website in this browser for the next time I comment.

I am Dishan Francis. I’m a Cyber Security Consultant at Microsoft. I’m a dedicated and enthusiastic information technology expert who enjoys professional recognition and accreditation from several respected institutions. I am maintaining this blog for last 11 years. This includes more than 400 articles already. These are mainly about Microsoft Active Directory Service and Azure Active Directory Service. I also blog about different Azure services. If you need further help on subject matters, feel free to contact me on [email protected]. Also to get latest updates, follow me on twitter @rebeladm

Mastering Active Directory, Third Edition

I am glad to announce the release of my new book “ Mastering Active Directory – 3rd Edition ”. It is available for purchase worldwide now For more info….

Navigation Menu

Search code, repositories, users, issues, pull requests..., provide feedback.

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly.

To see all available qualifiers, see our documentation .

• Notifications

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The difference between "Atypical travel" and "Impossible travel" #86742

ShawnHag commented Jan 21, 2022

SaurabhSharma-MSFT commented Jan 21, 2022

Sorry, something went wrong.

shashishailaj commented Jan 23, 2022

A signin event is related specifically to signing in . However an activity essentially is a term used in Microosft Defender for cloud apps meaning either signing in to the application or any other other activity within the application . For example a user could logon to their onedrive account from two locations within minutes of time difference between both attempts however they could have a valid session and be trying to upload a new file from both locations at the same time or with very low difference from two long distant geographic location . Thus an activity could be signin or any other request within the application like editing a site in sharepoint online etc.

Atypical travel essentially means a location which may not be too far from user's usual logon location but they seldom logon form that for example two different locations within the same city . As mentioned in the above table in the article "the algorithm ignores obvious "false positives" contributing to the impossible travel conditions, such as VPNs and locations regularly used by other users in the organization. "

However Impossible travel is when a user logs in from New York now and the next minute a signin attempt of the user from London which is a geographically distant city from New York and impossible for the user to travel from NY to London within a minute .

Hope this clarifies the query .

ShawnHag commented Jan 24, 2022

No branches or pull requests

Firebird Travel

RUSSIA TRAVEL HOME

Thank you for your enquiry.

RUSSIA TRAVEL PACKAGES A selection of Russian tours to take as they are or adjust to your needs.

THE GOLDEN RING Visit the heart of ancient Russia. What is the Golden Ring?

MOSCOW TOURS What you can see in Moscow.

MOSCOW DAY TRIPS Get out of Moscow and take a relaxing trip to some of these places

ST. PETERSBURG Some of the sights to see in Petersburg

LAKE BAIKAL TOURS Hiking and trekking around the world's deepest lake in the heart of Siberia

RUSSIAN DIGS Come and work in the field on a Russian Archaeological dig. Full training given on site.

TRAVEL TIPS & SERVICES Getting around in Russia

If you do not receive a confirmation email shortly then you have probably incorrectly entered your email.

Number of travelers ">

Special Interests or requests.          "> ">

If you experience difficulties please use this link to send Regular Email . All information is treated as confidential

Russia Travel Blog  | All about Russia in English

• About our blog
• RussiaTrek.org

Sidebar →

• Architecture
• Entertainment
• RussiaTrek.org News

• Send us a tip with a message
• Support RussiaTrek.org
• Travel Guide to Ukraine
• Comments RSS

← Sidebar

The trains and stations of the Moscow Metro

2 Comments · Posted by Alex Smirnov in Cities , Travel , Video

The Moscow Metro is the third most intensive subway system in the world after Tokyo and Seoul subways. The first line was opened on May 15, 1935. Since 1955, the metro has the name of V.I. Lenin.

The system consists of 12 lines with a total length of 305.7 km. Forty four stations are recognized cultural heritage. The largest passenger traffic is in rush hours from 8:00 to 9:00 and from 18:00 to 19:00.

Cellular communication is available on most of the stations of the Moscow Metro. In March 2012, a free Wi-Fi appeared in the Circle Line train. The Moscow Metro is open to passengers from 5:20 to 01:00. The average interval between trains is 2.5 minutes.

The fare is paid by using contactless tickets and contactless smart cards, the passes to the stations are controlled by automatic turnstiles. Ticket offices and ticket vending machines can be found in station vestibules.

Tags:  Moscow city

You might also like:

The bridge over Zolotoy Rog Bay in Vladivostok

The views of St. Petersburg from the TV tower >>

Tomás · August 27, 2012 at 11:34 pm

The Moscow metro stations are the best That I know, cars do not.

Alberto Calvo · September 25, 2016 at 8:57 pm

Great videos! Moscow Metro is just spectacular. I actually visited Moscow myself quite recently and wrote a post about my top 7 stations, please check it out and let me know what you think! :)

http://www.arwtravels.com/blog/moscow-metro-top-7-stations-you-cant-miss

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

• February 2024
• January 2024
• December 2023
• November 2023
• October 2023
• September 2023
• August 2023

IndyCar’s McLaughlin wins 2nd straight at…

Share this:.

• Click to share on Facebook (Opens in new window)
• Click to share on X (Opens in new window)

Daily e-Edition

Evening e-Edition

• Entertainment
• Restaurants, Food & Drink

Sports Motorsports

Indycar’s mclaughlin wins 2nd straight at barber, putting good ending on rough week for team penske.

By JOHN ZENOR

Associated Press

BIRMINGHAM, Ala. — Scott McLaughlin and Team Penske proved they’re a force on the track , no matter what’s going on elsewhere .

McLaughlin won his second straight race at Barber Motorsports Park, giving Team Penske a much-needed triumph on Sunday just days after IndyCar erased Josef Newgarden’s victory and also disqualified McLaughlin from the season opener.

The team went from damage control to celebration, at least temporarily.

“It was a little emotional for sure,” McLaughlin said. “It’s just nice. It was just a nice cap after obviously it was a pretty tough week.”

McLaughlin and Penske’s fuel strategy worked to perfection, with teammate Will Power finishing second — the same order they started in.

McLaughlin’s fifth IndyCar win provided temporary solace after a troubling week for Team Penske, led by series owner Roger Penske. On Wednesday, Newgarden had his season-opening win at St. Petersburg stripped for manipulating the push-to-pass function system on his car. McLaughlin, likewise, was disqualified after finishing third.

Power was docked points —- but surged to within one point of leader Colton Herta — and fined but not disqualified. They bounced back to give Team Penske its eighth win in 14 races at the permanent road course.

“We just had to keep rolling,” McLaughlin said. “We know our job. We know what we need to do. I’m just super proud of our execution.”

Reigning Indy 500 winner and two-time series champion Newgarden finished 16th at a race where he had won three times before. He had tearfully acknowledged two days earlier having used the push-to-pass when it wasn’t allowed at St. Petersburg while saying he didn’t knowingly break the rules.

Most of the drama for his teammates McLaughlin and Power was left behind once hitting the track, with McLaughlin holding onto his lead coming out of a third and final pit stop with 16 laps to go. He led 58 of the 90 laps and raced to the win coming out of a caution with two laps to go with Power his only threat.

“I would say after this week, I think Roger would be pretty happy,” Power said.

A day earlier, the team and IndyCar boss was apologizing to his fellow team owners for what happened, three owners told The Associated Press.

The Australian held off rookie Linus Lundqvist of Chip Ganassi Racing to finish second and earn his 100th podium finish, tying Michael Andretti for fourth in series history.

“He got a run on me and you don’t want two Penske cars out of the race with everything that was going on,” Power said of McLaughlin. “So I was kind of easy on him going into Turn 1 there. We were certainly fast but a lot of strategy played into that.”

Felix Rosenqvist was fourth and Alex Palou fifth. Lundqvist raced to his first podium after starting 19th.

“It was amazing,” he said. “I think for the first time ever I was not on the save-the-fuel strategy, so I was not the one being passed, which was nice.”

Pole-sitter McLaughlin and Power, who started with him on the front row, maintained their spots after their third and final pit stop. They emerged ahead of the 2021 winner Palou, who opted for a two-stop strategy that left him without enough fuel to push the pace.

A restart with 30 laps to go left Palou nursing his fuel for the rest of the way, while McLaughlin worked to build enough of a cushion to stay up front with one more stop.

“We had to save so much fuel that it was impossible,” Palou said.

MCLAREN’S DAY

Arrow McLaren had a rough day after Pato O’Ward was awarded the St. Petersburg victory with Newgarden’s disqualification.

O’Ward received a drive-through penalty for contact that sent Pietro Fittipaldi skidding backward through the grass and into the tire barriers.

“That was a freakin’ racing incident,” O’Ward said when told of the penalty.

He finished 223rd.

Teammate Alexander Rossi’s left rear tire got loose and rolled across the grass shortly after emerging from pit road, forcing another caution at about the midway point. He completed 60 laps.

GEORGINA’S DNF

The race got a comical moment when a mannequin fell off her normal hanging spot from a bridge above the track. Nicknamed Georgina by track creator George Barber, the mannequin landed on the grass at the edge of the track with a hand appearing to stretch onto the racing surface. The IndyCar safety team rescued Georgia during a caution after Sting Ray Robb went into the wall, saying his steering wheel had broken.

However, she didn’t stay intact because a passing car lopped off her right hand. The caution was not for the mannequin.

Power initially was taken aback wondering if the yellow was for her sake.

“I knew exactly what it was,” he said. “I knew there was a lady hanging there.”

UP NEXT : IndyCar races May 11 on the Indianapolis Motor Speedway road course, ahead of the Indianapolis 500. Alex Palou is the defending race winner.

More in Sports

SUBSCRIBER ONLY

Orlando magic | magic confident as playoff series vs. cavs shifts back to cleveland.

Former Gators assistant Mark Daigneault is NBA Coach of Year after leading young OKC team to No. 1 seed in West

In bringing on Game 5, Lightning reminded everyone of team they once were | Commentary

MLB | Rock bottom? Rays are swept by MLB-worst White Sox

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Atypical Travel / Unfamiliar sign-in properties

I get a few atypical travel / unfamiliar sign-in properties incidents from time to time, where privileged users sign in from the same IP (52.98.175.181, Amsterdam, Noord-Holland) owned by Microsoft. I dismiss these as false-positives, but I'm curious why this happens. I get the atypical travel part, but it happens quite often, so I wonder why it keeps triggering the unfamiliar sign-in properties policy.

I hope the question makes sense, thanks in advance!

Microsoft Sentinel A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel. 979 questions Sign in to follow

Microsoft Entra ID A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory. 19,485 questions Sign in to follow

@xjt910 Thank you for reaching out to us.

Regarding your query "frequent atypical travel alerts" for privileged accounts.

This risk detection identifies two sign-ins originating from geographically distant locations, where at least one of the locations may also be atypical for the user, given past behavior. Among several other factors, this machine learning algorithm takes into account the time between the two sign-ins.

The algorithm ignores obvious "false positives" contributing to the impossible travel conditions, such as VPNs and locations regularly used by other users in the organization. The system has an initial learning period of the earliest of 14 days or 10 logins, during which it learns a new user's sign-in behavior.

Reference: https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#:~:text=The%20algorithm%20ignores,sign%2Din%20behavior .

Let me know if you have any questions on it.

Thank you, but I'm aware how the threat policies work.

My questions was; a) Why do we see sign-ins from Amsterdam even though the employee isn't there. I assume it's due to the location of our tenant, but I'd like a confirmation on that. b) Why does the unfamiliar sign-in properties policy trigger when we see these sign-ins on a regular basis.

First refuelling for Russia’s Akademik Lomonosov floating NPP

!{Model.Description}

The FNPP includes two KLT-40S reactor units. In such reactors, nuclear fuel is not replaced in the same way as in standard NPPs – partial replacement of fuel once every 12-18 months. Instead, once every few years the entire reactor core is replaced with and a full load of fresh fuel.

The KLT-40S reactor cores have a number of advantages compared with standard NPPs. For the first time, a cassette core was used, which made it possible to increase the fuel cycle to 3-3.5 years before refuelling, and also reduce by one and a half times the fuel component in the cost of the electricity produced. The operating experience of the FNPP provided the basis for the design of the new series of nuclear icebreaker reactors (series 22220). Currently, three such icebreakers have been launched.

The Akademik Lomonosov was connected to the power grid in December 2019, and put into commercial operation in May 2020.

Electricity generation from the FNPP at the end of 2023 amounted to 194 GWh. The population of Pevek is just over 4,000 people. However, the plant can potentially provide electricity to a city with a population of up to 100,000. The FNPP solved two problems. Firstly, it replaced the retiring capacities of the Bilibino Nuclear Power Plant, which has been operating since 1974, as well as the Chaunskaya Thermal Power Plant, which is more than 70 years old. It also supplies power to the main mining enterprises located in western Chukotka. In September, a 490 km 110 kilovolt power transmission line was put into operation connecting Pevek and Bilibino.

Image courtesy of TVEL

• Terms and conditions
• Privacy Policy
• Newsletter sign up
• Digital Edition
• Editorial Standards

• Articles   >

The Moscow Metro Museum of Art: 10 Must-See Stations

There are few times one can claim having been on the subway all afternoon and loving it, but the Moscow Metro provides just that opportunity.  While many cities boast famous public transport systems—New York’s subway, London’s underground, San Salvador’s chicken buses—few warrant hours of exploration.  Moscow is different: Take one ride on the Metro, and you’ll find out that this network of railways can be so much more than point A to B drudgery.

The Metro began operating in 1935 with just thirteen stations, covering less than seven miles, but it has since grown into the world’s third busiest transit system ( Tokyo is first ), spanning about 200 miles and offering over 180 stops along the way.  The construction of the Metro began under Joseph Stalin’s command, and being one of the USSR’s most ambitious building projects, the iron-fisted leader instructed designers to create a place full of svet (radiance) and svetloe budushchee (a radiant future), a palace for the people and a tribute to the Mother nation.

Consequently, the Metro is among the most memorable attractions in Moscow.  The stations provide a unique collection of public art, comparable to anything the city’s galleries have to offer and providing a sense of the Soviet era, which is absent from the State National History Museum.  Even better, touring the Metro delivers palpable, experiential moments, which many of us don’t get standing in front of painting or a case of coins.

Though tours are available , discovering the Moscow Metro on your own provides a much more comprehensive, truer experience, something much less sterile than following a guide.  What better place is there to see the “real” Moscow than on mass transit: A few hours will expose you to characters and caricatures you’ll be hard-pressed to find dining near the Bolshoi Theater.  You become part of the attraction, hear it in the screech of the train, feel it as hurried commuters brush by: The Metro sucks you beneath the city and churns you into the mix.

With the recommendations of our born-and-bred Muscovite students, my wife Emma and I have just taken a self-guided tour of what some locals consider the top ten stations of the Moscow Metro. What most satisfied me about our Metro tour was the sense of adventure .  I loved following our route on the maps of the wagon walls as we circled the city, plotting out the course to the subsequent stops; having the weird sensation of being underground for nearly four hours; and discovering the next cavern of treasures, playing Indiana Jones for the afternoon, piecing together fragments of Russia’s mysterious history.  It’s the ultimate interactive museum.

Top Ten Stations (In order of appearance)

Kievskaya station.

Kievskaya Station went public in March of 1937, the rails between it and Park Kultury Station being the first to cross the Moscow River.  Kievskaya is full of mosaics depicting aristocratic scenes of Russian life, with great cameo appearances by Lenin, Trotsky, and Stalin.  Each work has a Cyrillic title/explanation etched in the marble beneath it; however, if your Russian is rusty, you can just appreciate seeing familiar revolutionary dates like 1905 ( the Russian Revolution ) and 1917 ( the October Revolution ).

Mayakovskaya Station

Mayakovskaya Station ranks in my top three most notable Metro stations. Mayakovskaya just feels right, done Art Deco but no sense of gaudiness or pretention.  The arches are adorned with rounded chrome piping and create feeling of being in a jukebox, but the roof’s expansive mosaics of the sky are the real showstopper.  Subjects cleverly range from looking up at a high jumper, workers atop a building, spires of Orthodox cathedrals, to nimble aircraft humming by, a fleet of prop planes spelling out CCCP in the bluest of skies.

Novoslobodskaya Station

Novoslobodskaya is the Metro’s unique stained glass station.  Each column has its own distinctive panels of colorful glass, most of them with a floral theme, some of them capturing the odd sailor, musician, artist, gardener, or stenographer in action.  The glass is framed in Art Deco metalwork, and there is the lovely aspect of discovering panels in the less frequented haunches of the hall (on the trackside, between the incoming staircases).  Novosblod is, I’ve been told, the favorite amongst out-of-town visitors.

Komsomolskaya Station

Komsomolskaya Station is one of palatial grandeur.  It seems both magnificent and obligatory, like the presidential palace of a colonial city.  The yellow ceiling has leafy, white concrete garland and a series of golden military mosaics accenting the tile mosaics of glorified Russian life.  Switching lines here, the hallway has an Alice-in-Wonderland feel, impossibly long with decorative tile walls, culminating in a very old station left in a remarkable state of disrepair, offering a really tangible glimpse behind the palace walls.

Dostoevskaya Station

Dostoevskaya is a tribute to the late, great hero of Russian literature .  The station at first glance seems bare and unimpressive, a stark marble platform without a whiff of reassembled chips of tile.  However, two columns have eerie stone inlay collages of scenes from Dostoevsky’s work, including The Idiot , The Brothers Karamazov , and Crime and Punishment.   Then, standing at the center of the platform, the marble creates a kaleidoscope of reflections.  At the entrance, there is a large, inlay portrait of the author.

Chkalovskaya Station

Chkalovskaya does space Art Deco style (yet again).  Chrome borders all.  Passageways with curvy overhangs create the illusion of walking through the belly of a chic, new-age spacecraft.  There are two (kos)mosaics, one at each end, with planetary subjects.  Transferring here brings you above ground, where some rather elaborate metalwork is on display.  By name similarity only, I’d expected Komsolskaya Station to deliver some kosmonaut décor; instead, it was Chkalovskaya that took us up to the space station.

Elektrozavodskaya Station

Elektrozavodskaya is full of marble reliefs of workers, men and women, laboring through the different stages of industry.  The superhuman figures are round with muscles, Hollywood fit, and seemingly undeterred by each Herculean task they respectively perform.  The station is chocked with brass, from hammer and sickle light fixtures to beautiful, angular framework up the innards of the columns.  The station’s art pieces are less clever or extravagant than others, but identifying the different stages of industry is entertaining.

Baumanskaya Statio

Baumanskaya Station is the only stop that wasn’t suggested by the students.  Pulling in, the network of statues was just too enticing: Out of half-circle depressions in the platform’s columns, the USSR’s proud and powerful labor force again flaunts its success.  Pilots, blacksmiths, politicians, and artists have all congregated, posing amongst more Art Deco framing.  At the far end, a massive Soviet flag dons the face of Lenin and banners for ’05, ’17, and ‘45.  Standing in front of the flag, you can play with the echoing roof.

Ploshchad Revolutsii Station

Novokuznetskaya Station

Novokuznetskaya Station finishes off this tour, more or less, where it started: beautiful mosaics.  This station recalls the skyward-facing pieces from Mayakovskaya (Station #2), only with a little larger pictures in a more cramped, very trafficked area.  Due to a line of street lamps in the center of the platform, it has the atmosphere of a bustling market.  The more inventive sky scenes include a man on a ladder, women picking fruit, and a tank-dozer being craned in.  The station’s also has a handsome black-and-white stone mural.

Here is a map and a brief description of our route:

Start at (1)Kievskaya on the “ring line” (look for the squares at the bottom of the platform signs to help you navigate—the ring line is #5, brown line) and go north to Belorusskaya, make a quick switch to the Dark Green/#2 line, and go south one stop to (2)Mayakovskaya.  Backtrack to the ring line—Brown/#5—and continue north, getting off at (3)Novosblodskaya and (4)Komsolskaya.  At Komsolskaya Station, transfer to the Red/#1 line, go south for two stops to Chistye Prudy, and get on the Light Green/#10 line going north.  Take a look at (5)Dostoevskaya Station on the northern segment of Light Green/#10 line then change directions and head south to (6)Chkalovskaya, which offers a transfer to the Dark Blue/#3 line, going west, away from the city center.  Have a look (7)Elektroskaya Station before backtracking into the center of Moscow, stopping off at (8)Baumskaya, getting off the Dark Blue/#3 line at (9)Ploschad Revolyutsii.  Change to the Dark Green/#2 line and go south one stop to see (10)Novokuznetskaya Station.

Check out our new Moscow Indie Travel Guide , book a flight to Moscow and read 10 Bars with Views Worth Blowing the Budget For

Jonathon Engels, formerly a patron saint of misadventure, has been stumbling his way across cultural borders since 2005 and is currently volunteering in the mountains outside of Antigua, Guatemala.  For more of his work, visit his website and blog .

Photo credits:   SergeyRod , all others courtesy of the author and may not be used without permission