Welcome to Deb Shinder's Section

Deb Shinder's Latest Contributions

Security Through Virtualization

Date - Dec 11, 2008

Section - Articles / Misc Network Security

How to use virtualization tools to increase the security of your Windows environment.

The Pros and Cons of Behavioral Based, Signature Based and Whitelist Based Security

Date - Nov 13, 2008

Section - Articles / Misc Network Security

Taking a look at multiple security approaches, how they operate, and the strengths and weaknesses of each, along with a brief discussion of sandboxing and virtualization as security mechanisms.

Security in the Mobile Device Era

Date - Oct 15, 2008

Section - Articles / Misc Network Security

How to secure Windows Mobile 6.1 devices and looking at some issues that arise when you incorporate non-Windows mobile products (such as the iPhone) into your Windows network.

Microsoft Live Mesh: What are the Security Implications?

Date - Sep 11, 2008

Section - Articles / Web Application Security

The security implications of cloud computing in general and Live Mesh in particular, and what mechanisms Microsoft has built in to protect your "meshed" devices and data.

Securing your OCS deployment

Date - Aug 12, 2008

Section - Articles / Misc Network Security

Taking a look at the security concerns involved with unified communications and how to add security to OCS.

Documenting Authenticity of Evidence for the E-Discovery Process

Date - Jul 16, 2008

Section - Articles / Authentication, Access Control & Encryption

E-discovery is an important part of civil and criminal court processes. Inability to produce material can hinder the legal process and damage your case. Be prepared with a plan by which you can find evidentiary material and prove its authenticity.

Product Review: Active Administrator

Date - Aug 31, 2006

Section - Articles / Product Reviews

Active Directory is one of the best and one of the most frustrating components Microsoft has ever given us. Luckily, there are third party tools that can make Active Directory administration easier. We installed the evaluation version of ScriptLogic’s Active Administrator, which is billed as an enterprise-level AD management and auditing solution. Here are our impressions of the product.

How to use Kerberos Authentication in a Mixed (Windows and UNIX) Environment

Date - Apr 19, 2006

Section - Articles / Authentication, Access Control & Encryption

Kerberos is the protocol of choice for mixed network environments. This article explains how to use Kerberos authentication in these mixed environments.

Why and how to implement SecurID Authentication

Date - Apr 11, 2006

Section - Articles / Authentication, Access Control & Encryption

Authenticating users who log onto your network by account name and password only is the simplest and cheapest (and thus still the most popular) means of authentication. However, companies are recognizing the weaknesses of this method. Passwords can be guessed or cracked using dictionary attacks or more sophisticated methods such as rainbow tables, or users can be coerced, charmed or tricked into revealing their passwords to others. These latter techniques, called social engineering, have become a growing problem for companies of all sizes.

Understanding the Roles of Server 2003 Security Policies

Date - Jan 17, 2006

Section - Articles / Windows 2003 Security

Windows domains rely on policy-based security mechanisms, but Windows security policy deployment can be confusing to the uninitiated. What's the difference between the local security policy, domain security policy and domain controller security policies? When and how do you use each? How do you use site GPOs and OU GPOs for best security, and how do they all interact together? What security policy tools are included with the operating system and how is each used? This article will provide an overview of the roles of Server 2003 security policies and how to use them to secure your systems and network.

Implementing EFS in a Windows Server 2003 Domain

Date - Jan 03, 2006

Section - Articles / Windows 2003 Security

Microsoft’s Encrypting File System (EFS), used to encrypt data on Windows 2000, XP and Server 2003 computers, relies on a public key certificate. If you don’t have a public key infrastructure, EFS can use a self-signed certificate. This is the default for using EFS on a standalone or workgroup computer. Implementing EFS within a domain with a PKI presents more complexity. In this article, we'll look at how to manage and use EFS in a Windows 2000 or Server 2003 domain.

Will upgrading to 64 Bit Windows make you More Secure?

Date - Dec 13, 2005

Section - Articles / Windows OS Security

Both Windows Server 2003 and Windows XP now come in 64 bit versions, to run on the 64 bit processors made by Intel and AMD. 64 bit hardware and operating systems offer some big advantages over the currently more commonplace 32 bit systems, including the ability to handle more physical memory and big performance boosts for applications that are written for the 64 bit system.

Protect your network from rogue users

Date - Dec 06, 2005

Section - Articles / Misc Network Security

IT departments spend a great deal of time, effort and money to protect against external threats – those that enter the network via the Internet or remote access – but sometimes forget the harm that can be done by an authorized user who decides to “go rogue” (circumvent network security policies for his/her own purposes).

Protect your Web Servers with SSL

Date - Nov 29, 2005

Section - Articles / Web Server Security

HTTP communications are fine for the average Web server, which just contains informational pages. But if you’re thinking about running an e-commerce site or other Web services that require secure transactions, you need to be able to encrypt communications between your Web server and its clients. The most common means is by the use of Secure Sockets Layer (SSL), which uses public key cryptography to protect confidential user information (such as credit card or bank account numbers) that is transmitted across the Web. In this article, we’ll discuss how SSL works and show you how to enable it on your Internet Information Services (IIS) Web servers.

Use Free Microsoft Tools to Protect your Computers

Date - Nov 17, 2005

Section - Articles / Misc Network Security

As part of their trusted computing initiative, Microsoft has taken a lead in offering free security tools that you can download and use to help assess the security of your computers and protect your systems against viruses, spyware, and attacks. In this article, we’ll take a look at some of the utilities they’ve made available.

New Security Features in IE 7.0

Date - Oct 18, 2005

Section - Articles / Windows OS Security

The browser security wars have been heating up again lately. After a small but significant exodus in which many computer users switched from Internet Explorer to Mozilla’s Firefox because of its supposed security advantages, last month a report from Symantec shocked many open source fans with data showing the Mozilla browsers suffered from more security vulnerabilities than IE, including more that were of high severity.

First Look at Windows Vista: Secure at Last?

Date - Oct 11, 2005

Section - Articles / Windows OS Security

In the early days of Windows operating systems, security was not at the forefront of computer users’ priorities as it is today – especially for home computer users. Now that the vast majority of systems are connected to the Internet, wireless networks have popped up everywhere, and we’re much more vulnerable to viruses and attacks, security is a necessity. With the release of each new version, Microsoft has focused more and more on protecting the system from inadvertent and deliberate security breaches, and the culmination of those efforts is Windows Vista (formerly known as Longhorn), the next generation of their client operating system that’s expected to be released sometime in 2006.

Managed E-Mail Security Services: Is it the right solution for your network?

Date - Sep 29, 2005

Section - Articles / Content Security (Email & FTP)

Email communications are essential to getting the job done in today’s business world, but many companies are overwhelmed by spam, the security risks of e-mail borne viruses and worms and liability implications of e-mail containing pornography or other undesirable content. It’s getting harder and harder for network administrators to keep it all under control.

Being Big Brother: Monitoring employees’ network activity

Date - Sep 15, 2005

Section - Articles / Misc Network Security

Big brother is watching. In today’s security-conscious world, it has become a fact of life. George Orwell coined the term to refer to government intrusion into the private lives of citizens, but the meaning has expanded to include any authority figure. The law recognizes that there are circumstances in which monitoring of others’ activities is permissible or even desirable. In general, employers have a lot of leeway in monitoring what their employees do while on company premises and using company equipment.

How to Use Microsoft’s Shared Computer Toolkit

Date - Sep 06, 2005

Section - Articles / Authentication, Access Control & Encryption

The Shared Computer Toolkit for Windows was designed to help administrators better manage and secure public computers, such as those in kiosks, libraries, Internet cafes, schools, etc. But the toolkit is useful for any situation in which multiple persons use the same computer, including family computing and small business offices where several employees must use the same machine. This article shows you how to get and use the toolkit, which is in beta testing at the time of this writing.

Product-based Security vs. Service-based Security

Date - Aug 26, 2005

Section - Articles / Misc Network Security

Security vendors today can follow either of two different models: they can sell a product (a firewall, an encryption program, etc.) that your company pays for upfront, or they can sell a service that incurs an ongoing fee. In some cases, they can combine the two: an antivirus program or anti-spyware appliance that requires an update service to function properly. The current trend seems to be away from the standalone product model and toward the service model. In this article, we examine the advantages and disadvantages of both.

Product Review: Acunetix Web Vulnerability Scanner

Date - Aug 11, 2005

Section - Articles / Product Reviews

We've all heard of vulnerability scanners, but as the spectrum of security threats expands, security tools become more specialized. Acunetix has created a vulnerability scanner that's specifically designed to protect your Web servers and Web applications. It sounded interesting to us, so we installed the Acunetix WVS package on a Windows Server 2003 server to try it out. In this article, we'll review our experiences with its features and functionality.

Bluetooth: Is it a Security Threat?

Date - Aug 09, 2005

Section - Articles / Wireless Security

I’ve received a lot of questions from readers recently about security issues related to different types of wireless technology. 802.11 (wi-fi) security has been covered in detail in this and other forums, but you don’t see nearly so much discussion of Bluetooth security. Bluetooth is becoming more and more popular, and it’s time to examine its security implications. Is it secure? Can it be made secure? What are particular security concerns? We’ll take a look at those questions in this article.

Installing and Configuring Microsoft’s Data Protection Manager (DPM) Part 2

Date - Aug 02, 2005

Section - Articles / Windows 2003 Security

In this two part article, we show you how to install and configure DPM and evaluate how this can be integrated into your overall security strategy. In Part 1, we covered the process of installing the DPM prerequisite software, DPM itself, the file agent software and the end-user recovery client software. In Part 2, we’ll show you how to configure your DPM server to protect data, and how end users can recover their protected files without administrative assistance.

Installing and Configuring Microsoft’s Data Protection Manager (DPM) Part 1

Date - Jul 26, 2005

Section - Articles / Windows 2003 Security

The beta of Microsoft's new Data Protection Manager (formerly called Data Protection Server) is now available to the public. DPM brings disk-based backup and recovery to enterprise networks as part of Microsoft’s new System Center product umbrella that also includes Microsoft Operations Manager (MOM) and Systems Management Server (SMS). In this two part article, we show you how to install and configure DPM and evaluate how this newest member of Microsoft's System Center product umbrella can be integrated into your overall security strategy.

Ethical Issues for IT Security Professionals

Date - Jul 19, 2005

Section - Articles / Misc Network Security

This article takes a look at a neglected area of most computer security professionals' training: how to deal with the ethical issues that can - and invariably do - crop up during the course of doing your job.

How Do Compliance Issues Affect your Network?

Date - Jul 12, 2005

Section - Articles / Misc Network Security

Government regulations such as HIPAA, SOX and the GLB Act require changes to many network security infrastructures and IT procedures. As if wading through this alphabet soup of statutes and regulations weren’t enough, it's not enough to be compliant; you must also be able to prove your compliance if the feds come knocking. This article looks at how regulations affecting specific industries impact the computer networks of companies in those industries, as well as some of the common myths and misconceptions about various compliance requirements.

NAT Traversal (NAT-T) Security Issues

Date - Jun 23, 2005

Section - Articles / Windows Networking

In this article, we’ll look at how NAT-T (Network Address Translation-Traversal) works and what the security issues are, help you decide whether to take the risk, and show you how to restore XP’s ability to connect to servers behind a NAT if you choose to do so.

Code Signing: Is it a Security Feature?

Date - Jun 09, 2005

Section - Articles / Authentication, Access Control & Encryption

Code signing is a mechanism whereby publishers of software and content can use a certificate-based digital signature to verify their identities to users of the code, thus allowing users to decide whether or not to install it based on whether they trust the publisher. Code signing has been touted as a major security feature, but it’s important for users to understand its uses and its limitations. In this article, we’ll take a look at how code signing works and where it fits into your organization’s security plan.

Preserving Digital Evidence to Bring Hackers and Attackers to Justice

Date - May 17, 2005

Section - Articles / Misc Network Security

The world is waking up to the fact that hacking into a company’s computer network, launching attacks that cause network downtime or releasing viruses and other malicious code is more than a bit of "digital criminal mischief" -- it’s a serious crime that deserves serious attention from the criminal justice system. In this article, we’ll explain how standard rules of evidence apply to digital data and what precautions you should take to preserve it properly for a court trial.

Increasing Security with Limited User Accounts and Restricted Groups

Date - Apr 26, 2005

Section - Articles / Authentication, Access Control & Encryption

In this article, we’ll talk about the differences between the built-in and default local account types, and the differences between local and domain user accounts. Then we’ll discuss how you can increase security by creating customized limited user accounts and using Restricted Groups.

Making MOM More Secure

Date - Apr 05, 2005

Section - Articles / Windows 2003 Security

Microsoft Operations Manager (MOM) 2005 is a great solution for managing your Exchange, SQL and other servers -- but what about security? In this article, we'll discuss some of the security issues related to MOM 2005, how Microsoft has made this version of MOM more secure, and best practices for deploying MOM in the most secure way possible.

Disk Based Backup: All Hype or the Best Protection for your Data?

Date - Mar 08, 2005

Section - Articles / Misc Network Security

In this article, we’ll look at disk based backup and how it can be used to replace or supplement your current tape backup system.

Testifying in a Computer Crimes Case

Date - Feb 03, 2005

Section - Articles / Misc Network Security

As an IT professional and working network administrator, you may find yourself called upon to testify as a victim or witness (i.e., a representative of a company whose network is victimized) in a computer-related crime. Another possibility is that you might someday want to use your technical expertise to become a professional expert witness in computer-related cases. In this article, we examine the basics of testifying in either capacity in a case involving computer crimes, and how you can move into the lucrative field of computer forensics, on either a full- or part-time basis.

Use Microsoft's Virtual PC to Test Software Before Deploying It

Date - Jan 13, 2005

Section - Articles / Misc Network Security

The introduction of new operating systems, new applications and even patches or fixes on your production network can pose its own kind of threat, if you don't know what the "unintended consequences" will be. Best practice is to first set up a test environment that emulates your production environment and run the new software there. Buying a lot of machines to do this can be prohibitively expensive, so many network administrators have turned to virtual machine software. In this article, we take a look at what's different in VPC and how to install and use it.

Web Server Security Issues and Front Page Server Extensions

Date - Dec 14, 2004

Section - Articles / Web Server Security

It's "common knowledge" (at least in some circles) that FrontPage Server Extensions are insecure and Web Sites created with FrontPage are vulnerable -- but is it true? What are the risks associated with FrontPage and what can you do about them? What are the recommended best practices for securing FP Web sites? In this article, we'll look at Web security from the FrontPage perspective.

Is it Time to Start Encrypting Your E-mail?

Date - Dec 09, 2004

Section - Articles / Content Security (Email & FTP)

Longing for a little privacy? Thinking it might be time to start encrypting your e-mail? This article looks at the pros and cons, examines e-mail encryption technologies, and provides some tips for getting the most out of e-mail encryption.

Do You Leave Sensitive Data Lying Around?

Date - Nov 04, 2004

Section - Articles / Misc Network Security

How much can another person find out about you and your business by examining your hard disk? Probably a lot more than you think! This article takes a look at how a computer forensics examiner seemingly works magic to bring data that was "gone" back from the dead, and can be useful both to those who want to recover data on their systems and those who want to "forensics proof" their computers.

Instant Messaging: Does it have a Place in Business Networks?

Date - Nov 02, 2004

Section - Articles / Misc Network Security

Instant Messaging (IM) is wildly popular with home users, but in a business environment the ability to communicate with colleagues in real time can be either a benefit or a phenomenal time waster. This article looks at the pros and cons of allowing IM protocols on your business network, how to make IM more secure if you do allow it, and how to prevent users from using it altogether.

Understanding E-mail Spoofing

Date - Oct 20, 2004

Section - Articles / Content Security (Email & FTP)

Spam and e-mail-laden viruses can take a lot of the fun and utility out of electronic communications, but at least you can trust e-mail that comes from people you know – except when you can’t. A favorite technique of spammers and other “bad guys” is to “spoof” their return e-mail addresses, making it look as if the mail came from someone else. In effect, this is a form of identity theft, as the sender pretends to be someone else in order to persuade the recipient to do something (from simply opening the message to sending money or revealing personal information). In this article, we look at how e-mail spoofing works and what can be done about it, examining such solutions as the Sender Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it.

Review: Windows XP Security Guide

Date - Oct 07, 2004

Section - Articles / Windows OS Security

Microsoft has recently released an updated version of the Windows XP Security Guide (version 2.0) that includes information on XP with Service Pack 2 installed. It is a very comprehensive document that should be a part of the security arsenal of every network administrator who has Windows XP clients on the network. In this article, we’ll provide a review of the new Guide and point out which parts are most useful to administrators.

Controlling Portable Storage Device Usage (USB/CDs etc) - Software Review: GFI LANguard P.S.C.

Date - Sep 16, 2004

Section - Articles / Product Reviews

It seems as if almost every user has one or more USB devices to upload/download a gigabyte or more of data. Because of the reliability, portability and ease of use of flash memory - not to mention falling prices - portable storage devices are becoming ubiquitous. However, these also pose a serious threat to network security. GFI has just released their newest product: PSC (or Portable Storage Control) to control the usage of such devices within a network.

Personal Firewalls for Remote Access Users

Date - Aug 12, 2004

Section - Articles / Firewalls & VPNs

Administrators of enterprise level networks often don’t pay much attention to the personal firewall market. After all, you need something much more sophisticated to protect your corporate network. But what about the telecommuters and on-the-road executives who connect to your company’s network from remote locations? This article looks at how and why you should develop a policy requiring that remote access users have personal firewalls installed – and enabled! – and how to enforce that policy, as well as an overview of some of the personal firewall products available that will do the job at low or no cost.

Web Browser Vulnerabilities: Is Safe Surfing Possible?

Date - Aug 05, 2004

Section - Articles / Misc Network Security

This article takes a look at what makes Web browsers vulnerable to malicious attackers, how popular Web browsers differ (or don’t) in this regard, and what you can do to protect yourself when Web surfing, no matter which browser you choose.

802.11i, WPA, RSN and What it all Means to Wi-Fi Security

Date - Jul 15, 2004

Section - Articles / Wireless Security

We've all heard about the flaws and vulnerabilities in WEP, but the effort to create a standard that provides better security for wireless networks has been a long and bumpy one. The IEEE's 802.11i project has been implemented, in part, by the Wi-Fi Alliance's Wi-Fi Protected Access (WPA) and by the Robust Secure Network (RNS). What does it all mean to you, the wireless user or network administrator? In this article, we take a look at the new wireless networking security mechanisms and how you can use them to protect your Wi-Fi network.

Securing Your Pocket PC

Date - Jul 06, 2004

Section - Articles / Wireless Security

Busy executives and tech toy aficionados don't leave home without them - their Pocket PCs, that is. The ability to quickly check e-mail or pull up a Web site while on the go is invaluable, but what about the security implications of connecting to your home or office network with a mobile device? This article discusses security for handheld computers running Pocket PC/Windows Mobile 2003 operating systems.

Software Review: LANguard N.S.S. 5

Date - Jun 30, 2004

Section - Articles / Product Reviews

We’re big fans of the security scanner concept; this is software that allows you to take proactive measures to protect your network instead of waiting for hackers to discover where you’re vulnerable. In order to outwit the hackers, you have to be able to think like a hacker – but merely thinking isn’t enough. You must also be able to simulate the types of attackers that hackers use. A security scanner automates the process and makes it possible for you to find the “weak links” in your network’s security more quickly and easily. In this article, we briefly review the latest incarnation of LANguard N.S.S., version 5, focusing especially on what’s new and what those new features do for you.

Comparing VPN Options

Date - Jun 10, 2004

Section - Articles / Firewalls & VPNs

Virtual private networking has become necessity for business users who need to remotely access their files. Of course, they could dial in directly to a remote access server, but that solution has a couple of significant drawbacks. The solution, of course, is a VPN connection. This article will discuss the different VPN options available.

SSL Acceleration and Offloading: What Are the Security Implications?

Date - Jun 02, 2004

Section - Articles / Web Server Security

Secure Sockets Layer (SSL) is a popular method for encrypting data transferred over the Internet. It is commonly used to provide secure transfer of credit card information and other sensitive data in an e-commerce situation. SSL can also be used to create a virtual private networking (VPN) tunnel, as an alternative to “old standbys” IPSec and PPTP. I will discuss SSL VPNs in next month’s article titled VPN Options.

Server 2003’s Network Access Quarantine Control: What is it and How Does it Enhance Security?

Date - May 26, 2004

Section - Articles / Authentication, Access Control & Encryption

Windows Server 2003 includes many new features designed to make your servers and networks more secure. One of the least understood is the new network access quarantine control feature, even if you’ve heard of it, you might not know what it is or how it can be used to enhance your network’s security. Quarantine control is perhaps Server 2003’s least documented great new feature.

Authorization Manager and Role-Based Administration in Windows Server 2003 (Part 2)

Date - May 12, 2004

Section - Articles / Authentication, Access Control & Encryption

In Part 1 of this article, we discussed Microsoft’s new emphasis on role-based security and provided an overview of the concepts involved in using the Authorization Manager MMC snap-in. In Part 2, we’ll discuss how to configure role and task definitions, how to create role assignments within an application, and how to create and work with scopes. You’ll also learn about authorization rules.

Securing Server 2003 Domain Controllers

Date - May 05, 2004

Section - Articles / Windows 2003 Security

Because the domain controller, as its name implies, in many ways has control over your Windows domain and all of the computers that belong to it, it is essential that you take extra precautions to ensure that your DCs are and remain secure. In this article, we will look at a few of the important security measures you should take in regard to your domain controllers.

Authorization Manager and Role-Based Administration in Windows Server 2003 (Part 1)

Date - Apr 28, 2004

Section - Articles / Authentication, Access Control & Encryption

Microsoft has placed on emphasis on role-based security in their .NET framework, and one of the new security features in Windows Server 2003 is the ability to implement role-based administration through the Authorization Manager MMC snap-in.

Should Microsoft Identity Integration Server Be Part of Your Security Plan?

Date - Apr 06, 2004

Section - Articles / Misc Network Security

Microsoft’s Identity Integration Server (MIIS) and its “lite” version, the Identity Integration Feature Pack for Windows Server 2003 (IIFP) can help organizations get a handle on all the disparate databases throughout the organization that contain information about a person’s identity. In this article, we'll take a look at what MIIS is, how it works and what the latest version has to offer.

How to Defend your Network Against Social Engineers

Date - Mar 30, 2004

Section - Articles / Misc Network Security

You can buy the most expensive firewall equipment, install the best anti-virus software, add the greatest intrusion detection system, but there is still a “weakest link” in your security plan that you may have overlooked. In this article, we discuss some common social engineering tactics and, more importantly, what you can do to protect your organization’s network against those who specialize in exploiting the weaknesses of people rather than those of the software.

Is Open Source Really More Secure?

Date - Mar 04, 2004

Section - Articles / Misc Network Security

In this article we'll discuss the claim made by proponents of open source software that such software is more secure. Is open source really inherently more secure than closed source commercial software? If so, why? And if not, why do so many have that perception?

Comparing Firewall Features

Date - Feb 23, 2004

Section - Articles / Firewalls & VPNs

In this article, we’ll take a look at some of the factors you should consider when buying a firewall, features available on some of the most popular offerings, and how to compare the real cost of each (hint: the initial purchase price is only a starting point).

Making Microsoft Software Update Services Part of your Patch Management Strategy

Date - Feb 12, 2004

Section - Articles / Windows 2003 Security

Windows Server 2003 includes a number of interesting and useful new features, and one that will be especially helpful to administrators who are struggling with a way to keep a large number of systems updated with the appropriate patches and fixes is the Software Update Service (SUS). SUS can also run on Windows 2000. In this article, we’ll describe how SUS works and give you some pointers on deploying SUS within your organization.

E-mail spam: Is it a Security Issue?

Date - Feb 03, 2004

Section - Articles / Content Security (Email & FTP)

The daily deluge of unsolicited commercial or offensive messages (more commonly known as spam) comprises one of the biggest problems facing network administrators and users today. In this article, we will examine how spam presents a security threat to your network, and we’ll discuss the most effective way to deal with it: a multi-layered or “defense in depth” approach that addresses spam at the firewall, server and client levels.

Application Layer Filtering (ALF): What is it and How does it Fit into your Security Plan?

Date - Jan 15, 2004

Section - Articles / Firewalls & VPNs

ALF, not a nickname for Alfred but an acronym for Application Layer Filtering, is one of the hottest new buzzwords in a jargon-laden security subfield: firewall technology. Firewall vendors are rushing to implement ALF into their firewall products, and/or beefing up their ALF implementations to compete with those of other vendors. But exactly what is ALF and is it a “must have” feature to look for when you buy a firewall, or just another bit of marketing hype?

How URL Authorization Increases Web Server Security

Date - Jan 13, 2004

Section - Articles / Web Server Security

Web servers, by their very nature, are usually exposed to outsiders and thus are vulnerable to compromise and attack. Internet Information Services (IIS) version 6, included with Windows Server 2003, provides a number of new security features designed to increase web server security. One of these is URL authorization, which works in conjunction with Server 2003’s Authorization Manager. In this article, we’ll take a look at how URL authorization is implemented in IIS 6.0, the practicalities of using it in your web services environment, and how it enhances the security of your web sites and services.

How Secure are Windows Terminal Services?

Date - Jan 09, 2004

Section - Articles / Windows OS Security

Microsoft’s Windows Terminal Services (built into Windows 2000 Server and Windows Server 2003) and Windows XP’s Remote Desktop, which is based on Terminal Services, provide an easy, convenient way for administrators to implement thin computing within an organization or for users to connect to their XP desktops from a remote computer and run applications or access files.

IPv6: Windows Server 2003 Supports a More Secure IP – Sort of

Date - Nov 19, 2003

Section - Articles / Windows 2003 Security

When you think of version 6, the “next generation” of the Internet Protocol, your first thought is probably more available addresses. Indeed, the primary reason for developing a new version of IP was the anticipated critical shortage of addresses under the 32 bit addressing scheme of version 4. However, IPv6 provides for more than just an increase in the number of available addresses. It is also designed to provide for better performance and, even more important in today’s business world, better security of IP communications.

Changes to Default Settings Make Windows Server 2003 More Secure (Part 2)

Date - Oct 23, 2003

Section - Articles / Windows 2003 Security

Microsoft has made a number of changes to the default settings in Windows 2003 to make it more secure “out of the box.” In Part 2, we’ll examine the changes that have been made to the default settings for common services and changes in the authentication process, and we’ll discuss some areas in which some believe that Server 2003’s defaults are still too open.

Changes to Default Settings Make Windows Server 2003 More Secure (Part 1)

Date - Oct 10, 2003

Section - Articles / Windows 2003 Security

One big change, very noticeable in Windows Server 2003, is the difference in default settings. In this two-part article, we’ll look at how the out-of-the-box server differs in its defaults from previous versions and how the new defaults make the OS more secure (while at the same time causing frustration for some admins and users who find themselves unable to gain access that was available without any reconfiguration in earlier operating systems). In Part 1, we’ll focus on how the default permissions have changed, changes to the membership of the Everyone group, and ownership of objects.

How New Delegation of Authentication Options Improve Security

Date - Sep 25, 2003

Section - Articles / Windows 2003 Security

Delegation is the act of giving power, responsibility or authority to someone (or something). When we talk about delegation in the context of administering our Windows Server 2003 computers and networks, we can be talking about either the Delegation of administrative authority (also called delegation of control); or the Delegation of authentication (allowing a service to use a user or computer account for access to resources). It is this second type of delegation that we will discuss in this article. Windows Server 2003 has provided some enhancements to this feature that will make your administrative life a little easier.

How the Windows Rights Management Service can Enhance the Security of your Documents

Date - Sep 23, 2003

Section - Articles / Windows 2003 Security

Security has many facets when it comes to computers. We often focus on securing the network and our systems from outside intruders and from malicious code such as viruses, worms and Trojans. Because the damage from these can be so immediate and so drastic, we sometimes overlook the need to secure the data contained in our documents from others within the organization, and even to control the extent of access for those with whom we do need to share our information.

What’s New with Windows Server 2003 Certificate Services?

Date - Aug 20, 2003

Section - Articles / Windows 2003 Security

Now, with the release of Windows Server 2003, Microsoft has provided a number of enhancements and improvements to this popular feature. In this article, we will look at the new certificate services features included in the Standard, Enterprise and Datacenter editions of Server 2003.

What’s New in Windows Server 2003 IPSec (Part 2)

Date - Aug 05, 2003

Section - Articles / Windows 2003 Security

In Part 1 of this two-part article, we took a look at one of the most important new additions to Windows Server 2003’s implementation of IPSec: the new and improved IP Security Monitor. You learned about its new look (MMC console) and increased functionality. In Part 2, we’ll discuss the other improvements that Microsoft has made to IPSec in Windows Server 2003. Many of these are small things, but taken together, they make IPSec more secure and easier for administrators to manage than ever before.

What’s New in Windows Server 2003 IPSec (Part 1)

Date - Jul 29, 2003

Section - Articles / Windows 2003 Security

With the release of Windows Server 2003, Microsoft has made improvements to a number of their operating system security features, including several new features for IPSec. In this two part article, we’ll focus on what’s new for IPSec in Windows Server 2003, and show you how to use its new features to make it even easier for you to ensure secure communications across your network. Part One covers the IP Security Monitor, which has a brand new look and added functionality.

What’s New in Windows 2003 Server: IIS Security Enhancements

Date - Jul 15, 2003

Section - Articles / Windows 2003 Security

Microsoft’s Internet Information Services (IIS), while one of the most popularly deployed web servers, has long been considered to be a weak point on any server on which it is installed, when it comes to security. Web servers, by their very nature, are generally open to the Internet (unless they are used only for intranet access) and this makes them a natural target for hackers and attackers. In this article, we’ll cover some of the changes to the new version of IIS that are intended to make it less vulnerable to attackers.

Protecting your Email from Viruses and Other MalWare

Date - Jun 05, 2003

Section - Articles / Content Security (Email & FTP)

Virus writers, who used to spread their virtual “diseases” via infected floppies and network shares, have seized the opportunity posed by email programs that support attached files, HTML messages, and embedded scripts to send viruses and other malicious software (called “malware”) to hundreds or thousands of people with just a few keystrokes. In this article, we will look at how email viruses work and what you can do to protect your computer and network from them.

Securing Remote Access Connections

Date - May 15, 2003

Section - Articles / Authentication, Access Control & Encryption

Today many companies are enjoying the cost savings inherent in allowing some employees to work from home, while those employees benefit from the convenience of telecommuting. In addition, executives, salespeople and others need to connect to the company network when they go on the road, and/or need to access network resources in the evenings or on the weekends from home. All this adds up to a lot of remote access connections to the organization's network. In this article, we will discuss how to prevent remote connections from creating a security nightmare on your network.

Passwords: the Weak Link in Network Security

Date - May 07, 2003

Section - Articles / Authentication, Access Control & Encryption

In this article, we will discuss how passwords work, why and how passwords are vulnerable, how to create more secure passwords, how to create effective password policies, and some alternatives to password-only authentication for high security environments.

How Windows Server 2003’s Software Restriction Policies Improve Security

Date - Apr 30, 2003

Section - Articles / Windows 2003 Security

Allowing any unauthorized software to run on company computers, especially those connected to the network, poses many dangers. Even if the program isn’t infested with malicious code, incompatibility problems can result in operating system crashes, or interfere with the operation of other programs, and complicate tech support and troubleshooting – not to mention licensing issues. For this reason, Microsoft includes a new feature with Windows Server 2003 and Windows XP: software restriction policies.

Where Does EFS Fit into your Security Plan?

Date - Mar 25, 2003

Section - Articles / Authentication, Access Control & Encryption

The ability to encrypt data – both data in transit (using IPSec) and data stored on the disk (using the Encrypting File System) without a need for third party software is one of the biggest advantages of Windows 2000 and XP/2003 over earlier Microsoft operating systems. Unfortunately, many Windows users don’t take advantage of these new security features or, if they do use them, don’t fully understand what they do, how they work, and what the best practices are to make the most of them. In this article I'll discuss EFS: its use, its vulnerabilities, and how it can fit into your overall network security plan.

Understanding the Role of the PKI

Date - Mar 18, 2003

Section - Articles / Authentication, Access Control & Encryption

The Public Key Infrastructure is a concept that is discussed frequently in the IT security world, but is not always well understood. Most of us know that the PKI is used for authentication and has something to do with public key pairs, but many only vaguely understand how the components of a PKI work together and the differences between private and commercial PKIs. In this article, we’ll provide a brief overview of what a PKI is and does, and where it can fit into your organization’s security plan.

Securing Data in Transit with IPSec

Date - Feb 17, 2003

Section - Articles / Windows OS Security

With her first article for WindowSecurity.com, we are pleased to welcome Debra Littlejohn Shinder to our team of authors. Network security has many facets, and much emphasis is placed (rightly) on keeping intruders and attackers out of the network via firewalls. However, in today’s business environment, there are also many instances in which sensitive data needs to be protected within the local network from users who have legitimate access to the network – but do not need to have access to the data in question. The answer in that case is encryption.