Welcome to Brien Posey's Section

Brien Posey's Latest Contributions

Best Practices for Configuring Group Policy Objects

Date - Mar 30, 2006

Section - Articles / Windows 2003 Security

In this article, I will share with you some best practices that you can use to keep your group policy objects well organized.

Generating Resultant Set of Policy Queries

Date - Feb 08, 2006

Section - Articles / Windows 2003 Security

Both the Active Directory and Windows in general offer a huge degree of flexibility. Although it’s really nice to have a security model that can be custom tailored to meet your exact security needs, there is a definite downside to the way that Windows security works; it can be really complicated. Fortunately, there is a way to tell exactly what the outcome of all of those policy elements is. You can run a Resultant Set of Policy (RSOP) query. In this article, I will show you how.

Applying Certificates to a WSUS Server

Date - Jan 24, 2006

Section - Articles / Authentication, Access Control & Encryption

Many administrators tend to ignore the recommendation that WSUS be configured to use SSL encryption if the WSUS server is only servicing clients within the perimeter network. However, if SSL encryption is not used, a hacker could potentially steal the WSUS server’s identity and use the spoofed server to send malicious versions of patches to your clients. If you don’t like the idea of having a bunch of infected clients on your network, then check out this article on how to encrypt WSUS transactions.

Determining Whether an in House or an External Certificate Authority is More Appropriate for Your Company

Date - Jan 10, 2006

Section - Articles / Authentication, Access Control & Encryption

With security becoming such a huge priority for companies over the last few years, many administrators who might have never thought twice about digital certificates are suddenly finding themselves in situations that require issuing various types of certificates. In this article, I will explain some of the benefits and some of the drawbacks of internal and external certificate authorities, in an effort to help you to make an intelligent decision as to what is right for your network.

Evaluating a New Security Policy

Date - Jun 21, 2005

Section - Articles / Misc Network Security

There was a time when it wasn’t all that risky to try out new security settings on production servers, but operating systems have become much more complex since then. Today, even changing something as simple as the required password length can have unanticipated side effects elsewhere in the system. In this article, I will explain how to evaluate a new security policy in a safe and responsible manner.

Hiring Hackers As Security Consultants

Date - Jun 14, 2005

Section - Articles / Misc Network Security

The subject of whether it is ethical to use former hackers to evaluate a network’s security is a topic that is often hotly debated. In this article, I will explore the pros and cons of using former hackers in such roles.

The Security Risks Of Desktop Searches

Date - May 31, 2005

Section - Articles / Misc Network Security

Google has recently released a very handy new tool that allows you to perform searches against your own computer in the same way that you would search the Internet. With this tool come some serious security problems though. In this article, I will discuss Google’s security issues and talk about what this might mean for other companies developing similar applications.

Wireless Network Security For The Home

Date - May 05, 2005

Section - Articles / Wireless Security

According to a December 2004 study, 60 to 70 percent of all wireless networks are insecure. Although there is lots of information on securing wireless networks, most of this information focuses on corporate networks. In this article, I will attempt to help people secure their home wireless networks.

Can Service Pack 2 Make Windows XP Less Secure?

Date - Apr 14, 2005

Section - Articles / Windows OS Security

Although Windows XP Service Pack 2 was designed to make your system more secure, there are some situations in which installing the service pack can actually undermine your existing security. In this article, I will take a look at what these situations are and how you can get around them.

Have Wireless Networks Surpassed the Security of Wired Networks?

Date - Mar 22, 2005

Section - Articles / Wireless Security

Wireless networks have long been known for being insecure. However, there has been so much emphasis on wireless network security, that in some ways, wireless network security is now better than the security used for wired networks. In this article, I will explain why this is the case and how to apply some of the wireless security techniques to your wired network.

A First Look at Microsoft's Anti Spyware Beta

Date - Mar 10, 2005

Section - Articles / Viruses, trojans and other malware

Over the last couple of years, spyware has grown from being a nuisance into being an epidemic. Although many tools exist for fighting spyware, they largely focus on the recovery of infected systems and have been mostly ineffective in the war against spyware. A few weeks ago however, Microsoft unveiled the first beta of their own anti spyware solution. Although this software is capable of disinfecting an infected system, its primary goal is to prevent the initial infection. In this article, I will explain how this software works and share my initial impressions of it with you.

Keeping Your Organization’s Security Current

Date - Feb 24, 2005

Section - Articles / Misc Network Security

Although cyber security is critically important, there are those people whose jobs are so demanding that security gets neglected. Although it is highly recommended to maintain security on a daily basis, this article provides shortcuts for those who are too busy to deal with network security.

How to Avoid Phishing Scams

Date - Jan 27, 2005

Section - Articles / Content Security (Email & FTP)

If you received an E-mail message from your bank saying that your checking account was overdrawn because of a check that you didn’t write, what would you do? Before you answer, it’s important to realize that you may not really be overdrawn and that there is a good chance that someone is trying to scam you. In this article, I will explain exactly how this type of scam works and how to avoid being a victim.

Making the Internet Safer For Your Employees

Date - Jan 06, 2005

Section - Articles / Misc Network Security

The Internet is becoming such a hostile environment that some companies are starting to deny employees Web browsing and E-mail privileges in the interest of keeping the network safe. Rather than taking such extreme action though, there are other steps that you can take to help insure that those users connected to the Internet don’t infect your network with spyware, viruses, or other parasites. In this article, I will explain some of these techniques to you.

How Spyware And The Weapons Against It Are Evolving

Date - Oct 26, 2004

Section - Articles / Viruses, trojans and other malware

Spyware has reached epidemic proportions and is only getting worse. I have seen recent statistics indicating that approximately 95% of the world’s PCs are infected with spyware. Unfortunately, removal techniques that worked just a couple of months ago are no longer effective in many cases and new types of spyware being released are more advanced than most computer viruses. In this article, I will discuss why the spyware problem has gotten so out of hand and more importantly, what you can do about it.

Combating SPAM Problems in a Corporate Environment

Date - May 20, 2003

Section - Network Security Library / Anti Spam

Perhaps no problem plagues the Internet as deeply as that of unsolicited junk E-mail, or SPAM. While there’s no doubt that SPAM can be annoying to the end users, SPAM can cause problems for both the network administrators and for those who own or manage a company. The reason for this is that SPAM robs your company of productivity and of system resources.