Welcome to Robert J. Shimonski's Section

Robert J. Shimonski's Latest Contributions

Physical Security Primer (Part 2)

Date - May 26, 2005

Section - Articles / Misc Network Security

In this article we will continue with our detailed look at applying physical security whenever and wherever possible. In this article we will cover Backup Power. Let’s take a look at what you can do to make sure that power remains a reality at your facility, home or office.

Wipe your Deleted Data Away: Using cipher.exe

Date - Apr 12, 2005

Section - Articles / Windows OS Security

In this article we will look at how to use a tool called ‘cipher’ which is a command line tool included with Windows 2000 and XP. We will learn how to use its newest functionality – allowing administrators the ability to wipe all deleted (marked for deletion) data on the hard disk. This would overwrite all of the deleted data and provide for better security. If someone steals your system, like a laptop, then the thief would not be able to recover that data. In this article we learn how to perform this procedure.

Configure a VPN Connection Using Windows XP

Date - Mar 18, 2005

Section - Articles / Firewalls & VPNs

In this article we will learn how to configure a connection to a virtual private network (VPN) using Windows XP. This article will show you how to create a new VPN connection using Microsoft Windows XP. By creating an encryption tunnel through the Internet, data can be passed safely.

How To: Mastering PortQry.exe (Part 2)

Date - Feb 22, 2005

Section - Articles / Misc Network Security

In this article we will cover advanced topics when using the PortQry command line tool. The utility allows you to select a computer, analyze it and get a report of port status on TCP and/or UDP ports. In the second part of this two article set we will cover advanced topics and other scanning and analysis examples. We will also look at installing and using the UI *User Interface* that you can also add on to it.

How To: Mastering PortQry.exe (Part 1)

Date - Jan 25, 2005

Section - Articles / Misc Network Security

In this article we will cover the fundamentals of using the PortQry command line tool. PortQry.exe is a utility that you can use to help you troubleshoot TCP/IP connections. The PortQry.exe utility runs on Windows 2000-based computers, on Windows XP-based computers, and on Windows Server 2003-based computers.

How to Plan for a Possible Network Attack

Date - Jan 05, 2005

Section - Articles / Misc Network Security

In this article we will focus on a much needed topic which is proactive planning. Planning for your systems and network devices to get hit so that you can avert it if it does. A saying pops into my head – "lack of prior planning on your part does not constitute an emergency on mine." This simply means that if you failed to plan, you planned to fail. In this article we will cover the basics you need to know about properly assessing your chances for attack and ways to proactively plan for attack.

Quick Check: Is Internet Explorer Safe?

Date - Dec 21, 2004

Section - Articles / Windows OS Security

In the spirit of the Holidays coming up, I wanted to put a quick article together and out to you, the community so that you can quickly do a ‘health check’ on your Internet Explorer browsers. It’s not uncommon to have your PC filled with spyware, browser vulnerabilities, or other problems that affect its use. This year you may be shopping online, or doing some online banking. This article quickly covers some essential things you should do to ensure you are safe this holiday season while online.

Windows Server 2003 Hardening List (Part 1)

Date - Dec 07, 2004

Section - Articles / Windows 2003 Security

In this article, we will cover the most common issues that you will need to look over to make certain that your Windows Server 2003 is completely locked down from attack. We will look at the most common items you will need to address in Part 1, and then in subsequent parts, we will look at other items such as advanced techniques, as well as how to use GPOs and dealing with services running on Windows Server 2003 like File, Print as well as IIS. In this first installment, we cover the most common items you should address.

Threats and your Assets – What is really at Risk?

Date - Aug 10, 2004

Section - Articles / Misc Network Security

In this article we will cover some of the most important items you will need to consider when discussing, analyzing, designing or implementing a security posture within your place of business, or perhaps in a company you may be servicing. Considering that threats and their origins are constantly changing... shifting, we need to (as Security Analysts/Engineers) focus on what those threats are, where they originate from and what we can do about them as well as deal with their drift from the norm which was basically from being heavily focused on external threats to being in balance with internal threats. This article covers those details as well as why ‘Defense in Depth’ is so critical. We will also focus on Microsoft products (as well as other technologies) while doing so.

Applying Windows XP Group Policy in a Windows 2000 Domain (Part 2)

Date - Jul 29, 2004

Section - Articles / Misc Network Security

In this two part article set we will cover the fundamentals of putting Windows XP securely into your network while utilizing the Group Policy Objects in Windows 2000. This two part article covers all the details on how to configure Windows 2000 and XP so that GPOs can be used. Part 1 covers the fundamentals and setup, Part 2 covers the Implementation.

Applying Windows XP Group Policy in a Windows 2000 Domain (Part 1)

Date - Jul 22, 2004

Section - Articles / Misc Network Security

In this two part article set we will cover the fundamentals of putting Windows XP securely into your network while utilizing the Group Policy Objects in Windows 2000. This two part article covers all the details on how to configure Windows 2000 and XP so that GPOs can be used. Part 1 covers the fundamentals and setup, Part 2 covers the Implementation. If you are not familiar with GPOs, I will cover some fundamentals in the beginning of Part 1.

Microsoft Windows and the Common Criteria Certification Part II

Date - Jul 08, 2004

Section - Articles / Misc Network Security

In today’s computer networks, it is important to start to concern yourself with another level of detail in security other than how to ‘harden a system’ by killing unneeded services or adding yet another service pack or hotfix to your system(s). In this article set, we will explore Common Criteria Certification, what it is and what it means. Part I of this article covered the fundamentals. In Part II of this article set we will look at how the Common Criteria is when implemented on a server at the EAL4 class level.

Windows 2000 and 2003 Server Physical/Logical Security Primer (Part 1)

Date - Jun 22, 2004

Section - Articles / Misc Network Security

As more and more advancements are made on security in the ‘logical’ sense (which is to implement access control rules on Firewalls, to implement IDS (Intrusion Detection) on your hosts and networks, to set up GPOs on your servers, there is little said about the actual ‘physical’ security of your systems and the site in which they are located. In this three part article, we will cover all the aspects of physical security you should be paying attention to as a security professional working with Windows based servers, or any other system for that matter.

Microsoft Windows and the Common Criteria Certification Part I

Date - Jun 17, 2004

Section - Articles / Misc Network Security

In today’s computer networks, it is important to start to concern yourself with another level of detail in security other than how to ‘harden a system’ by killing unneeded services or adding yet another service pack or hotfix to your system(s). In this article set, we will explore Common Criteria Certification, what it is and what it means.

Windows Server 2003 Disaster Recovery Planning (Part 2)

Date - Oct 17, 2003

Section - Articles / Windows 2003 Security

In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part II in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general.

A Glance at the Windows Server 2003 Security Guide

Date - Oct 15, 2003

Section - Articles / Windows 2003 Security

Not only is Microsoft Boasting that Windows Server 2003 is very secure... they have also released prior to the selling of the actual operating system, the ‘free’ (yes you heard this right), security guide for the base operating system as well as many of the services that come with it, like IIS, File and Print services and more.

Windows Server 2003 Disaster Recovery Planning (Part 1)

Date - Oct 03, 2003

Section - Articles / Windows 2003 Security

In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part I in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general. In part I, we will look at Windows 2000 & Windows Server 2003 Clustering & Load Balancing for high availability, as well as general planning information.

Windows 2000 DMZ Design.

Date - Oct 03, 2003

Section - Network Security Library / Windows Security

In this chapter you learn about Windows 2000 security but only as it relates to this subject matter. In other words, this chapter is not a general Windows 2000 security chapter, but rather is one customized to fit the needs of designing security within the DMZ. Of course, the chapter covers many security topics revolving around Windows 2000, but all the content will be tailored for the most part to security administrators working within a DMZ environment.

Trojan Horse Primer

Date - Sep 03, 2003

Section - Articles / Viruses, trojans and other malware

A Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can gain control and do its chosen form of damage, such as erasing the data on your hard drive. A Trojan can cause massive harm to you and your systems and worse yet, may turn your system into a killing machine as well! Lets look at Back Orifice specifically so we can highlight why a tool like this can get ugly if installed on your systems.

Auditing for Increased Security (Part 1)

Date - Aug 26, 2003

Section - Articles / Windows OS Security

You will need to Audit your systems for enhanced and increased security. When Microsoft laid out this objective, they were most likely thinking about building your security strategy up with Defense in Depth. This strategy is outlined as a way to avoid depending on one single protective measure deployed on your network. In other words, to eliminate the feeling of being secured because you implemented a firewall on your Internet connection you should implement other security measures like an IDS (Intrusion Detection) system, Auditing and Biometrics for Access Control.

Windows Server 2003 System Security Analysis 'Quick and Easy'

Date - Jul 25, 2003

Section - Articles / Windows 2003 Security

In this article we will look at demystifying the simple analysis of a Windows Server 2003's security posture. Too many times, administrators seem confused about how to do an initial security analysis test on a newly minted Windows Server 2003. (Or 2000 for that matter) In this article we will look at how to perform this very quickly, very easily with Windows Server 2003. This article will cover the steps needed to create the Security Database and perform the analysis on your Windows Server 2003 system.

Your Quick Guide to Common Attacks

Date - May 20, 2003

Section - Articles / Misc Network Security

In this guide we'll go over many of the common attacks by providing a brief description of the attack and it's unique characteristics.

Wireless Security Primer (Part II)

Date - Apr 23, 2003

Section - Articles / Wireless Security

In this article, we will discuss what every Wireless Administrator should do (or think about) to keep their Wireless LANs (WLANs) safe and secure. Every time you deploy a Wireless network, you should always ask yourself the following questions outlined within this article. Much has been done to secure wireless transmissions, but there are still items missed that can help your security posture, that many administrators are still not doing and are very important.

Defining a Security Policy

Date - Apr 10, 2003

Section - Articles / Misc Network Security

Security Polices are a necessary evil in today’s enterprise networks. Without a Security Policy, you leave yourself open and vulnerable to a lot of political attacks. In this article, we will begin to look at all the measures you will need to deploy to successfully define a security policy.

Minimizing Security Incidents

Date - Mar 11, 2003

Section - Articles / Misc Network Security

One of the most pertinent strategies you can implement is one of minimizing the number and of course the severity of Security incidents. One of the biggest issues that I see when looking at security infrastructure is the fact that there is not a great deal of effort put into the possibility that there may even be a problem. In fact, most times when I come to an organization, security is not even something anyone really gave a lot of thought to. Because of this, many security problems linger in the darkness of the networks in questions.

SMBDie: Crashing Windows Servers with Ease

Date - Mar 04, 2003

Section - Articles / Windows OS Security

In this article, we will look at Windows based Security tools, and in this article, we will look at how to easily crash a Windows server in about 5 seconds. What is SMBDie? SMBDie is a tool (proof of concept) that was created to exploit a problem with the Windows operating system and when activated, will crash and Blue Screen the server immediately.

Wireless Attacks Primer

Date - Feb 24, 2003

Section - Articles / Wireless Security

In general, attacks on wireless networks fall into four basic categories: passive attacks, active attacks, man-in-the middle attacks, and jamming attacks. Let's review what these attacks mean on a wireless network.

Make an Incident Response Plan

Date - Feb 12, 2003

Section - Articles / Misc Network Security

Incident Response is when a problem occurs, it is identified and then you need to respond to it. Responding to such an incident would be deemed “Incident Response” and you need to know the underlying concepts to Incident Response for be able to run your network efficiently. In this article, we will look at all the underpinnings of Incident Response, Chain of Custody and how to deal with a problem that occurs on a Microsoft based network.

Denial of Service 101

Date - Feb 05, 2003

Section - Articles / Misc Network Security

A denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of all network connectivity and services. In this article we will look at a DoS and a DDoS which is a “Distributed Denial of Service” attack where the attack comes from multiple hosts, not just one host, to maximize the resulting devastation.

Wireless Security Primer 101

Date - Dec 16, 2002

Section - Articles / Wireless Security

The first article in a two part series that serves as an introduction to wireless communication, as well as a description of wireless networks, protocols and security standards.

Risk Assessment and Threat Identification

Date - Nov 25, 2002

Section - Articles / Misc Network Security

Although you’ve gathered a considerable amount of data to this point, you will need to analyze this information to determine the probability of a risk occurring, what is affected, and the costs involved with each risk. Once you’ve identified the risks that can pose a probable threat to your company, and determined how much loss can be expected from an incident, you are then prepared to make decisions on how to protect your company.

What You Need to Know About Intrusion Detection Systems

Date - Nov 18, 2002

Section - Articles / Intrusion Detection

Firewalls and other simple boundary devices lack some degree of intelligence when it comes to observing, recognizing, and identifying attack signatures that may be present in the traffic they monitor and the log files they collect. Without sounding critical of such other systems’ capabilities, this deficiency explains why intrusion detection systems are becoming increasingly important in helping to maintain proper network security.

Windows XP: Your Definitive Lockdown Guide

Date - Sep 18, 2002

Section - Articles / Windows OS Security

In this article we will look at Windows XP Professional and what you need to do to be secure. After reading this, you may be surprised about some of the items you may have taken for granted! Let's take a look…

SSH: Using Secure Shell for Windows

Date - Sep 09, 2002

Section - Articles / Authentication, Access Control & Encryption

In this article, we will look at Windows based Security tools that have always been heavily used on Unix based systems, and not used as often on Windows based systems.

Windows 2000 Service Pack 3: Basics and Installation

Date - Aug 26, 2002

Section - Articles / Firewalls & VPNs

SP3 includes a component called Set Program Access and Defaults, which lets end-users to control Microsoft's software like Internet Browsers and Email Clients. This article chronicles the fundamentals you need to know to install it, where to get it from and the changes it makes.

New Internet Explorer 6.0 Security Features with the .NET Server default browser

Date - Aug 19, 2002

Section - Articles / Windows OS Security

Windows .NET Server comes standard with Internet Explorer Version 6. You should be aware of the many security advantages you have with the new browser. This article, Robert Shimonski will show you what you can expect.

Locking Down IIS 6.0 with .NET: The Default Security Wizard

Date - Jul 18, 2002

Section - Articles / Web Server Security

Yeah, you’ve heard it a million times. How often you hear that IIS has been hacked, another unchecked buffer (the millionth one this year) and no, not another service pack or hot fix!

Windows .NET Server locks down “Everyone”

Date - Jul 18, 2002

Section - Articles / Windows OS Security

Well, I thought I would never see the day that Microsoft actually followed up with industry on reversing their infamous “everything open” mentality with their Operating systems when first installed. Before .NET Server, everything was open to everyone by default. In this article let’s look at the major difference in default security settings with the Everyone Group.