WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2009
[	5	]	January, 2009	[	5	]	February, 2009	[	5	]	March, 2009
[	6	]	April, 2009	[	5	]	May, 2009	[	5	]	June, 2009
[	5	]	July, 2009	[	5	]	August, 2009	[	5	]	September, 2009
[	5	]	October, 2009	[	3	]	November, 2009
2008
[	8	]	January, 2008	[	6	]	February, 2008	[	6	]	March, 2008
[	11	]	April, 2008	[	6	]	May, 2008	[	7	]	June, 2008
[	8	]	July, 2008	[	6	]	August, 2008	[	6	]	September, 2008
[	7	]	October, 2008	[	6	]	November, 2008	[	5	]	December, 2008
2007
[	10	]	January, 2007	[	9	]	February, 2007	[	8	]	March, 2007
[	6	]	April, 2007	[	8	]	May, 2007	[	6	]	June, 2007
[	7	]	July, 2007	[	11	]	August, 2007	[	7	]	September, 2007
[	12	]	October, 2007	[	11	]	November, 2007	[	7	]	December, 2007
2006
[	13	]	January, 2006	[	9	]	February, 2006	[	11	]	March, 2006
[	9	]	April, 2006	[	12	]	May, 2006	[	10	]	June, 2006
[	9	]	July, 2006	[	11	]	August, 2006	[	9	]	September, 2006
[	10	]	October, 2006	[	11	]	November, 2006	[	9	]	December, 2006
2005
[	9	]	January, 2005	[	11	]	February, 2005	[	12	]	March, 2005
[	12	]	April, 2005	[	11	]	May, 2005	[	14	]	June, 2005
[	12	]	July, 2005	[	14	]	August, 2005	[	10	]	September, 2005
[	10	]	October, 2005	[	8	]	November, 2005	[	9	]	December, 2005
2004
[	4	]	January, 2004	[	3	]	February, 2004	[	5	]	March, 2004
[	3	]	April, 2004	[	6	]	May, 2004	[	9	]	June, 2004
[	9	]	July, 2004	[	8	]	August, 2004	[	8	]	September, 2004
[	7	]	October, 2004	[	9	]	November, 2004	[	9	]	December, 2004
2003
[	6	]	January, 2003	[	5	]	February, 2003	[	10	]	March, 2003
[	8	]	April, 2003	[	15	]	May, 2003	[	8	]	June, 2003
[	11	]	July, 2003	[	5	]	August, 2003	[	6	]	September, 2003
[	13	]	October, 2003	[	5	]	November, 2003	[	4	]	December, 2003
2002
[	1	]	March, 2002	[	9	]	April, 2002	[	7	]	June, 2002
[	29	]	July, 2002	[	7	]	August, 2002	[	4	]	September, 2002
[	537	]	October, 2002	[	10	]	November, 2002	[	8	]	December, 2002
2001
[	6	]	February, 2001	[	1	]	May, 2001	[	1	]	October, 2001
2000
[	129	]	February, 2000	[	188	]	April, 2000	[	5	]	September, 2000
[	2	]	December, 2000

Articles & Tutorials for 2004 year

Happy Holidays from WindowSecurity.com!: Date - Dec 23, 2004; Author - The Editor; Section - Site News; The WindowSecurity.com team would like to extend the warmest holiday wishes to all of our esteemed members and guests. Through your loyal support we continue to be regarded as one of the world's leading free online security resources. Now, as we approach the end of the year, we have our sights set on expanding and improving our service even further over the course of 2005 so we hope to see you all again after the festivities are over. Thanks to all of you!
Quick Check: Is Internet Explorer Safe?: Date - Dec 21, 2004; Author - Robert J. Shimonski; Section - Articles / Windows OS Security; In the spirit of the Holidays coming up, I wanted to put a quick article together and out to you, the community so that you can quickly do a ‘health check’ on your Internet Explorer browsers. It’s not uncommon to have your PC filled with spyware, browser vulnerabilities, or other problems that affect its use. This year you may be shopping online, or doing some online banking. This article quickly covers some essential things you should do to ensure you are safe this holiday season while online.
Enforcing GPO Security Settings: Date - Dec 16, 2004; Author - Derek Melber; Section - Articles / Misc Network Security; Do you currently use Group Policy to help configure key security settings on domain controllers, servers, and clients within your Active Directory domain? Do you feel confident that these settings can’t be changed once the GPO deploys them? What if I were to tell you that these settings can easily be overwritten? You might be more at risk than you think!
Securing Wireless LANs with Certificate Services: Date - Dec 15, 2004; Author - Microsoft; Section - Network Security Library / Wireless Security; Securing Wireless LANs with Certificate Services is a prescriptive guide that addresses vulnerabilities in today’s wireless networks.
Web Server Security Issues and Front Page Server Extensions: Date - Dec 14, 2004; Author - Deb Shinder; Section - Articles / Web Server Security; It's "common knowledge" (at least in some circles) that FrontPage Server Extensions are insecure and Web Sites created with FrontPage are vulnerable -- but is it true? What are the risks associated with FrontPage and what can you do about them? What are the recommended best practices for securing FP Web sites? In this article, we'll look at Web security from the FrontPage perspective.
The Information Workers' Security Handbook: Date - Dec 10, 2004; Author - Microsoft; Section - Network Security Library / Network Security; Today’s information workers depend on computers and networks to perform many of their job duties. In the past, IT departments have focused on helping you become more productive and providing easier access to the data and network resources you need. As business networks have become more complex and interconnected, a new priority has emerged: securing the computer systems you use and the information that is stored on them and on the network.
Is it Time to Start Encrypting Your E-mail?: Date - Dec 09, 2004; Author - Deb Shinder; Section - Articles / Content Security (Email & FTP); Longing for a little privacy? Thinking it might be time to start encrypting your e-mail? This article looks at the pros and cons, examines e-mail encryption technologies, and provides some tips for getting the most out of e-mail encryption.
Windows Server 2003 Hardening List (Part 1): Date - Dec 07, 2004; Author - Robert J. Shimonski; Section - Articles / Windows 2003 Security; In this article, we will cover the most common issues that you will need to look over to make certain that your Windows Server 2003 is completely locked down from attack. We will look at the most common items you will need to address in Part 1, and then in subsequent parts, we will look at other items such as advanced techniques, as well as how to use GPOs and dealing with services running on Windows Server 2003 like File, Print as well as IIS. In this first installment, we cover the most common items you should address.
Social Engineering meets the Bot (Part 3) - All is Revealed: Date - Dec 02, 2004; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; In the final installment of this article series we get to see the trojan operate at the packet level itself. No matter how clever the exploit, or trojan it must still dial home as it were. It will do so at the packet level, which we will examine.
Windows Update Services Review: Date - Nov 30, 2004; Author - Amit Zinman; Section - Articles / Windows 2003 Security; The long awaited Microsoft patch management replacement for SUS is finally in public Beta and provides some much required features.
Using Restricted Groups: Date - Nov 25, 2004; Author - Derek Melber; Section - Articles / Windows OS Security; If you are a medium or large sized organization, you might have thousands of clients and hundreds of servers that you need to manage. Manually trying to manage all of the local groups on all of these computers is difficult, and almost impossible. Have no fear, Group Policy Objects (GPOs) are here! GPOs provide a mechanism that allows you to control the membership in local groups, and even domain groups, on any computer in the Active Directory enterprise. The specific configuration that you use for this task is the Restricted Groups GPO setting.
Social Engineering meets the Bot (Part 2): Date - Nov 23, 2004; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; In part two if this article is where we begin to get some answers. Much like the fabled trojan horse contained soldiers who opened the gates of Troy our supposed ASM is not what it appears to be.
Social Engineering meets the Bot (Part 1): Date - Nov 18, 2004; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; All exploits or malware leverage a specific weak link in a program. This is done through various means. Social engineering on the other hand exploits the human link. What though if both an exploit and social engineering were combined? Read on to find out how both worlds collide.
Darwinism Meets the Virus and Worm: Date - Nov 16, 2004; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; Viruses are largely a threat that is contained if one has an anti-virus solution. This begs the question of what then is the next big threat in terms of malware code? The answer to that would be the new, and more lethal worms such as Slammer for one. What would happen though if someone with coding talent were to harness the chaotic world of the worm?
Customizing Windows Security Templates: Date - Nov 11, 2004; Author - Derek Melber; Section - Articles / Misc Network Security; Are there security settings that you wish were in a Group Policy Object, but are not? How much time, effort, and administration time could you save if you had these security settings deployed through a Group Policy Object? I am going to unlock the ability for you to customize the security settings that are deployed by Group Policy Objects.
Review of Microsoft’s Security Risk Management Guide: Date - Nov 09, 2004; Author - Mitch Tulloch; Section - Articles / Misc Network Security; The new Security Risk Management Guide from Microsoft provide prescriptive guidance for companies to help them learn how to implement sound risk management principles and practices for enhancing the security of their networks and information assets. This article reviews the contents of this guide and recommends other vendor-neutral resources on similar topics.
Do You Leave Sensitive Data Lying Around?: Date - Nov 04, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; How much can another person find out about you and your business by examining your hard disk? Probably a lot more than you think! This article takes a look at how a computer forensics examiner seemingly works magic to bring data that was "gone" back from the dead, and can be useful both to those who want to recover data on their systems and those who want to "forensics proof" their computers.
Instant Messaging: Does it have a Place in Business Networks?: Date - Nov 02, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; Instant Messaging (IM) is wildly popular with home users, but in a business environment the ability to communicate with colleagues in real time can be either a benefit or a phenomenal time waster. This article looks at the pros and cons of allowing IM protocols on your business network, how to make IM more secure if you do allow it, and how to prevent users from using it altogether.
Protect Against Weak Authentication Protocols and Passwords: Date - Oct 28, 2004; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; Did you know that your Windows computers store and send weak password hashes which are very easy to crack? Even if you run legacy operating systems, there are methods that you can implement that will protect against these weak authentication protocols and password hashes being generated.
How Spyware And The Weapons Against It Are Evolving: Date - Oct 26, 2004; Author - Brien Posey; Section - Articles / Viruses, trojans and other malware; Spyware has reached epidemic proportions and is only getting worse. I have seen recent statistics indicating that approximately 95% of the world’s PCs are infected with spyware. Unfortunately, removal techniques that worked just a couple of months ago are no longer effective in many cases and new types of spyware being released are more advanced than most computer viruses. In this article, I will discuss why the spyware problem has gotten so out of hand and more importantly, what you can do about it.
Understanding E-mail Spoofing: Date - Oct 20, 2004; Author - Deb Shinder; Section - Articles / Content Security (Email & FTP); Spam and e-mail-laden viruses can take a lot of the fun and utility out of electronic communications, but at least you can trust e-mail that comes from people you know – except when you can’t. A favorite technique of spammers and other “bad guys” is to “spoof” their return e-mail addresses, making it look as if the mail came from someone else. In effect, this is a form of identity theft, as the sender pretends to be someone else in order to persuade the recipient to do something (from simply opening the message to sending money or revealing personal information). In this article, we look at how e-mail spoofing works and what can be done about it, examining such solutions as the Sender Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it.
Public Key Infrastructure: Date - Oct 14, 2004; Author - Vinoth K. Anandan; Section - Network Security Library / Auth. & Access Control; Public Key Infrastructure, aka PKI, vaunted as the solution for addressing the network security issues in the cyberspace using cryptographic techniques. This article discusses about how the PKI attempts to address network security threats and issues associated with the PKI.
Customizing Windows Firewall: Date - Oct 13, 2004; Author - Mitch Tulloch; Section - Articles / Firewalls & VPNs; This article looks at the different ways you can customize Windows Firewall when deploying Service Pack 2 for Windows XP. The methods covered include manually configuring Windows Firewall, customizing the Unattend.txt answer file used by unattended setup, customizing the Netfw.inf file that defines the default configuration of Windows Firewall, configuring Windows Firewall using the new firewall context of the netsh command in XP SP2, and configuring Windows Firewall using new Group Policy settings in Windows XP SP2.
Review: Windows XP Security Guide: Date - Oct 07, 2004; Author - Deb Shinder; Section - Articles / Windows OS Security; Microsoft has recently released an updated version of the Windows XP Security Guide (version 2.0) that includes information on XP with Service Pack 2 installed. It is a very comprehensive document that should be a part of the security arsenal of every network administrator who has Windows XP clients on the network. In this article, we’ll provide a review of the new Guide and point out which parts are most useful to administrators.
Understanding Windows Security Templates: Date - Oct 06, 2004; Author - Derek Melber; Section - Articles / Misc Network Security; A security template contains hundreds of possible settings that can control a single or multiple computers. The security templates can control areas such as user rights, permissions, and password policies. Security templates can be deployed centrally using Group Policy objects (GPOs). Finally, security templates can be customized to include almost any security setting on a target computer.
Baselining with Security Templates: Date - Sep 30, 2004; Author - Derek Melber; Section - Articles / Misc Network Security; When it comes to network and computer security, it is always best to have your decisions made before you install a computer or network device. In conjunction with this philosophy, it is also ideal to have a benchmark or baseline of what the security initially was on computers and network devices in case you need to troubleshoot an issue or audit the security settings. In this article we will review how to use security templates to establish security baselines on every computer in the organization. Not only will we establish the security baseline, we will keep it persistently affecting the computers.
Removing Pests from Windows (Part 2): Date - Sep 28, 2004; Author - Ricky M. Magalhaes; Section - Articles / Misc Network Security; In this two part article I will discuss pests and potential issues associated with pests that may be encountered within windows. These pests are like parasites of the digital world. These parasites feed off the electronic resources of the host machine, eventually draining the machine to standstill point.
Removing Pests from Windows (Part 1): Date - Sep 22, 2004; Author - Ricky M. Magalhaes; Section - Articles / Misc Network Security; In this two part article I will discuss pests and potential issues associated with pests that may be encountered within windows. IT security professionals are faced with these resource and information divulging threats daily and because at his point there is not mature technology to deal with the problem officially it is challenging to remove these pests form the computer or server manually. These pests are like parasites of the digital world. These parasites feed off the electronic resources of the host machine, eventually draining the machine to standstill point.
Controlling Portable Storage Device Usage (USB/CDs etc) - Software Review: GFI LANguard P.S.C.: Date - Sep 16, 2004; Author - Deb Shinder; Section - Articles / Product Reviews; It seems as if almost every user has one or more USB devices to upload/download a gigabyte or more of data. Because of the reliability, portability and ease of use of flash memory - not to mention falling prices - portable storage devices are becoming ubiquitous. However, these also pose a serious threat to network security. GFI has just released their newest product: PSC (or Portable Storage Control) to control the usage of such devices within a network.
Group Policy Management Console (GPMC): Date - Sep 14, 2004; Author - Amit Zinman; Section - Articles / Misc Network Security; Overview of the Group Policy Management Console, Microsoft's new tool for managing operating system settings.
WindowSecurity.com New Article Alerts for your PC or Website Using our RSS Feed!: Date - Sep 09, 2004; Author - The Editor; Section - Site News; It is now possible to retrieve instant updates of the latest articles posted to all our websites by using the recently launched RSS feed service! Simply retrieve updates for your personal use or enhance your own website by providing your visitors with convenient access to our highly rated content as it's released.
Using Windows Terminal Services to Run a Single Application: Date - Sep 07, 2004; Author - Amit Zinman; Section - Articles / Windows OS Security; Using Group Policy and some scripting to publish a single application to Remote Desktop users.
Auditing Users and Groups with the Windows Security Log: Date - Sep 02, 2004; Author - Randall F. Smith; Section - Articles / Windows OS Security; Active Directory is one of the most important areas of Windows that should be monitored for intrusion prevention and the auditing required by legislation like HIPAA and Sarbanes-Oxley. I say that because Active Directory is home to objects most associated with user access: user accounts, groups, organizational units and group policy objects. This article deals with monitoring users and groups using the Windows Security Log.
Implementing and Troubleshooting Account Lockout: Date - Aug 31, 2004; Author - Mitch Tulloch; Section - Articles / Authentication, Access Control & Encryption; This article examines the advantages and disadvantages from a security standpoint of implementing account lockout on a network running Active Directory. The article also describes some account lockout and management tools you can obtain from the Microsoft Download Center and how to use these tools to troubleshoot account lockout problems.
MSExchange.org Server Based Antispam Comparison: Date - Aug 31, 2004; Author - The Editor; Section - Network Security Library / Anti Spam; With the multitude of antispam solutions for Exchange, choosing the one that's suited to your network's present and future needs is no simple task. That's why we have prepared this feature comparison in which eight of the leading vendors of antispam solutions have participated. By comparing the features of these solutions side by side, you should be able to get a clearer picture of which solution is the best overall and which one will provide you with the best value for money, ensuring that the solution that you eventually pursue turns out to be the right one.
Remote user security: Your IT's Achilles heel?: Date - Aug 26, 2004; Author - Sophos; Section - Network Security Library / Anti Virus; Remote working has radically altered employment practices within the new economy, but the benefits (such as employee flexibility and increased productivity) need to be balanced against the problems of managing teleworkers. In particular, companies need to make sure that remote PCs remain properly protected against computer viruses and other security exposures.
Top 10 Security Modifications in Windows XP Service Pack 2: Date - Aug 24, 2004; Author - Derek Melber; Section - Articles / Windows OS Security; Windows XP Professional and Home will soon be introduced to Service Pack 2, which is really nothing more than security updates and new security features. Here are the top 10 security features and modifications that you can expect after the installation.
Personal Firewalls for Remote Access Users: Date - Aug 12, 2004; Author - Deb Shinder; Section - Articles / Firewalls & VPNs; Administrators of enterprise level networks often don’t pay much attention to the personal firewall market. After all, you need something much more sophisticated to protect your corporate network. But what about the telecommuters and on-the-road executives who connect to your company’s network from remote locations? This article looks at how and why you should develop a policy requiring that remote access users have personal firewalls installed – and enabled! – and how to enforce that policy, as well as an overview of some of the personal firewall products available that will do the job at low or no cost.
Threats and your Assets – What is really at Risk?: Date - Aug 10, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; In this article we will cover some of the most important items you will need to consider when discussing, analyzing, designing or implementing a security posture within your place of business, or perhaps in a company you may be servicing. Considering that threats and their origins are constantly changing... shifting, we need to (as Security Analysts/Engineers) focus on what those threats are, where they originate from and what we can do about them as well as deal with their drift from the norm which was basically from being heavily focused on external threats to being in balance with internal threats. This article covers those details as well as why ‘Defense in Depth’ is so critical. We will also focus on Microsoft products (as well as other technologies) while doing so.
Web Browser Vulnerabilities: Is Safe Surfing Possible?: Date - Aug 05, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; This article takes a look at what makes Web browsers vulnerable to malicious attackers, how popular Web browsers differ (or don’t) in this regard, and what you can do to protect yourself when Web surfing, no matter which browser you choose.
Security Log Secrets Seminar: Date - Aug 04, 2004; Author - Randall F. Smith; Section - Site News; Monterey Technology Group announces new “Security Log Secrets” seminar by Windows security expert Randy Franklin Smith. Security Log Secrets is an intensive 2 day course in which Randy shares the wealth of knowledge he has gleaned over years of research on the Windows Security log. Security Log Secrets is available now for on-site classes and scheduled as a public seminar on October 4, 5 in New York City.
Applying Windows XP Group Policy in a Windows 2000 Domain (Part 2): Date - Jul 29, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; In this two part article set we will cover the fundamentals of putting Windows XP securely into your network while utilizing the Group Policy Objects in Windows 2000. This two part article covers all the details on how to configure Windows 2000 and XP so that GPOs can be used. Part 1 covers the fundamentals and setup, Part 2 covers the Implementation.
DHCP Server Security (Part 2): Date - Jul 27, 2004; Author - Mitch Tulloch; Section - Articles / Misc Network Security; In Part 1 of this two-part article we looked at the different types of threats faced by DHCP servers and outlined some general countermeasures for mitigating these threats. Part 2 continues with a list of practical steps administrators can follow and tools they can use to help secure their Windows 2000 and Windows Server 2003 DHCP servers.
Applying Windows XP Group Policy in a Windows 2000 Domain (Part 1): Date - Jul 22, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; In this two part article set we will cover the fundamentals of putting Windows XP securely into your network while utilizing the Group Policy Objects in Windows 2000. This two part article covers all the details on how to configure Windows 2000 and XP so that GPOs can be used. Part 1 covers the fundamentals and setup, Part 2 covers the Implementation. If you are not familiar with GPOs, I will cover some fundamentals in the beginning of Part 1.
DHCP Server Security (Part 1): Date - Jul 20, 2004; Author - Mitch Tulloch; Section - Articles / Misc Network Security; Part 1 of this two-part article looks at the different types of threats faced by DHCP servers and countermeasures for mitigating these threats. Part 2 will continue the discussion with a list of practical steps administrators can follow and tools they can use to help secure their Windows 2000 and Windows Server 2003 DHCP servers.
802.11i, WPA, RSN and What it all Means to Wi-Fi Security: Date - Jul 15, 2004; Author - Deb Shinder; Section - Articles / Wireless Security; We've all heard about the flaws and vulnerabilities in WEP, but the effort to create a standard that provides better security for wireless networks has been a long and bumpy one. The IEEE's 802.11i project has been implemented, in part, by the Wi-Fi Alliance's Wi-Fi Protected Access (WPA) and by the Robust Secure Network (RNS). What does it all mean to you, the wireless user or network administrator? In this article, we take a look at the new wireless networking security mechanisms and how you can use them to protect your Wi-Fi network.
Using a Split DNS to Support Small Business Remote Access Connections: Date - Jul 13, 2004; Author - Thomas Shinder; Section - Articles / Authentication, Access Control & Encryption; Small businesses are getting into the remote access market. No, I don’t mean that small businesses are becoming ISPs. What I do mean is that small businesses want to be able to access information stored on machines located on their small business network no matter where they go, in the same way big businesses do it.
Microsoft Windows and the Common Criteria Certification Part II: Date - Jul 08, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; In today’s computer networks, it is important to start to concern yourself with another level of detail in security other than how to ‘harden a system’ by killing unneeded services or adding yet another service pack or hotfix to your system(s). In this article set, we will explore Common Criteria Certification, what it is and what it means. Part I of this article covered the fundamentals. In Part II of this article set we will look at how the Common Criteria is when implemented on a server at the EAL4 class level.
Securing Your Pocket PC: Date - Jul 06, 2004; Author - Deb Shinder; Section - Articles / Wireless Security; Busy executives and tech toy aficionados don't leave home without them - their Pocket PCs, that is. The ability to quickly check e-mail or pull up a Web site while on the go is invaluable, but what about the security implications of connecting to your home or office network with a mobile device? This article discusses security for handheld computers running Pocket PC/Windows Mobile 2003 operating systems.
Kerberos Authentication Events Explained: Date - Jul 01, 2004; Author - Randall F. Smith; Section - Articles / Authentication, Access Control & Encryption; On Windows 2000 and Windows Server 2003 you can track all the logon activity within your domain by going no futher than your domain controller security logs. But you must interpret Kerberos events correctly in order to to identify suspicious activity. This article explains how Kerberos works in the Windows environment and how to understand the cryptic codes your find in the security log.
Software Review: LANguard N.S.S. 5: Date - Jun 30, 2004; Author - Deb Shinder; Section - Articles / Product Reviews; We’re big fans of the security scanner concept; this is software that allows you to take proactive measures to protect your network instead of waiting for hackers to discover where you’re vulnerable. In order to outwit the hackers, you have to be able to think like a hacker – but merely thinking isn’t enough. You must also be able to simulate the types of attackers that hackers use. A security scanner automates the process and makes it possible for you to find the “weak links” in your network’s security more quickly and easily. In this article, we briefly review the latest incarnation of LANguard N.S.S., version 5, focusing especially on what’s new and what those new features do for you.
Using Client Certificate Authentication with IIS 6.0 Web Sites: Date - Jun 24, 2004; Author - Thomas Shinder; Section - Articles / Web Server Security; In spite of the fact that there’s no such thing as a secure network, there are still a lot of things you can do that doesn’t require you to take a second mortgage on your home and thousands of man-hours. This is especially true when it comes to providing secure access to Microsoft IIS Web servers.
Windows 2000 and 2003 Server Physical/Logical Security Primer (Part 1): Date - Jun 22, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; As more and more advancements are made on security in the ‘logical’ sense (which is to implement access control rules on Firewalls, to implement IDS (Intrusion Detection) on your hosts and networks, to set up GPOs on your servers, there is little said about the actual ‘physical’ security of your systems and the site in which they are located. In this three part article, we will cover all the aspects of physical security you should be paying attention to as a security professional working with Windows based servers, or any other system for that matter.
Microsoft Windows and the Common Criteria Certification Part I: Date - Jun 17, 2004; Author - Robert J. Shimonski; Section - Articles / Misc Network Security; In today’s computer networks, it is important to start to concern yourself with another level of detail in security other than how to ‘harden a system’ by killing unneeded services or adding yet another service pack or hotfix to your system(s). In this article set, we will explore Common Criteria Certification, what it is and what it means.
Intrusion Detection Systems (IDS) Part 2 - Classification; methods; techniques: Date - Jun 15, 2004; Author - Przemyslaw Kazienko & Piotr Dorosz; Section - Articles / Intrusion Detection; Due to a growing number of intrusion events and also because the Internet and local networks have become so ubiquitous, organizations are increasingly implementing various systems that monitor IT security breaches. This is the second article devoted to these systems. The previous article dealt with IDS categorization and architecture. At this point we will provide further in depth guidance. This includes an overview of the classification of intrusion detection systems and introduces the reader to some fundamental concepts of IDS methodology: audit trail analysis and on-the-fly processing as well as anomaly detection and signature detection approaches. We will also discuss the primary intrusion detection techniques.
Comparing VPN Options: Date - Jun 10, 2004; Author - Deb Shinder; Section - Articles / Firewalls & VPNs; Virtual private networking has become necessity for business users who need to remotely access their files. Of course, they could dial in directly to a remote access server, but that solution has a couple of significant drawbacks. The solution, of course, is a VPN connection. This article will discuss the different VPN options available.
Secure Installation of Microsoft SQL Server 2000: Date - Jun 08, 2004; Author - Thomas Kopacz; Section - Articles / Misc Network Security; In this article I’d like to introduce you to a way of installing the SQL server, which will guarantee a high level of the service’s security.
Deciphering Authentication Events on Your Domain Controllers: Date - Jun 04, 2004; Author - Randall F. Smith; Section - Articles / Authentication, Access Control & Encryption; Beginning with Windows 2000, Microsoft introduced a new audit policy called “Audit account logon events” which solved one of the biggest shortcomings with the Windows security log. Until this new category it was impossible to track logon activity for domain accounts using your domain controllers’ security logs. This article will explain how to decipher authentication event on your domain controllers.
SSL Acceleration and Offloading: What Are the Security Implications?: Date - Jun 02, 2004; Author - Deb Shinder; Section - Articles / Web Server Security; Secure Sockets Layer (SSL) is a popular method for encrypting data transferred over the Internet. It is commonly used to provide secure transfer of credit card information and other sensitive data in an e-commerce situation. SSL can also be used to create a virtual private networking (VPN) tunnel, as an alternative to “old standbys” IPSec and PPTP. I will discuss SSL VPNs in next month’s article titled VPN Options.
Server 2003’s Network Access Quarantine Control: What is it and How Does it Enhance Security?: Date - May 26, 2004; Author - Deb Shinder; Section - Articles / Authentication, Access Control & Encryption; Windows Server 2003 includes many new features designed to make your servers and networks more secure. One of the least understood is the new network access quarantine control feature, even if you’ve heard of it, you might not know what it is or how it can be used to enhance your network’s security. Quarantine control is perhaps Server 2003’s least documented great new feature.
MSSQL and Security: Date - May 19, 2004; Author - Krzysztof Kleszynski; Section - Articles / Windows 2003 Security; When planning a secure MS SQL-based computer system you have to focus on several key elements: an appropriate installation with proper access rights, well-set rules for MS SQL users and a mechanism which would register all the operations performed in a database so that in case of problems the administrator could take closer and easier guesses about their real source. Moreover, do not forget that you have to design emergency procedures, such as data recovery and transferring them to another server, and test them, too.
Authorization Manager and Role-Based Administration in Windows Server 2003 (Part 2): Date - May 12, 2004; Author - Deb Shinder; Section - Articles / Authentication, Access Control & Encryption; In Part 1 of this article, we discussed Microsoft’s new emphasis on role-based security and provided an overview of the concepts involved in using the Authorization Manager MMC snap-in. In Part 2, we’ll discuss how to configure role and task definitions, how to create role assignments within an application, and how to create and work with scopes. You’ll also learn about authorization rules.
Four Popular Anti Spam Filters for Exchange Reviewed: Date - May 10, 2004; Author - Synoradzki J., Wawrzyniak P., and Zmudziñski M.; Section - Network Security Library / Anti Spam; Your only true defense against spam mail using Microsoft Exchange is to install third-party solutions. With this article, we are going to compare and evaluate four products, each of them somewhat differentiated by its mode of operation and email filtering techniques.
Securing Server 2003 Domain Controllers: Date - May 05, 2004; Author - Deb Shinder; Section - Articles / Windows 2003 Security; Because the domain controller, as its name implies, in many ways has control over your Windows domain and all of the computers that belong to it, it is essential that you take extra precautions to ensure that your DCs are and remain secure. In this article, we will look at a few of the important security measures you should take in regard to your domain controllers.
SecurityTalk with K Rudolph, CISSP: Date - May 03, 2004; Author - Dancho Danchev; Section - Articles / Misc Network Security; The SecurityTalks is an initiative aimed at providing the scene with the worlds' leading security experts' thoughts on various information security issues, in a way much different than the usual, small and concise interviews you are used to seeing.
Authorization Manager and Role-Based Administration in Windows Server 2003 (Part 1): Date - Apr 28, 2004; Author - Deb Shinder; Section - Articles / Authentication, Access Control & Encryption; Microsoft has placed on emphasis on role-based security in their .NET framework, and one of the new security features in Windows Server 2003 is the ability to implement role-based administration through the Authorization Manager MMC snap-in.
GFI Releases a Major Upgrade of its Acclaimed Network Security Scanner: Date - Apr 13, 2004; Author - The Editor; Section - Site News; GFI today announced the release of GFI LANguard Network Security Scanner (N.S.S.) 5, a major upgrade of its popular network security scanner. The new interface (see screenshot) makes detecting and fixing vulnerabilities much easier. Among the new features are improved filtering and reporting, the easy creation of different types of scans and vulnerability tests, better patch management, and improved Linux/Unix security scanning.
Should Microsoft Identity Integration Server Be Part of Your Security Plan?: Date - Apr 06, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; Microsoft’s Identity Integration Server (MIIS) and its “lite” version, the Identity Integration Feature Pack for Windows Server 2003 (IIFP) can help organizations get a handle on all the disparate databases throughout the organization that contain information about a person’s identity. In this article, we'll take a look at what MIIS is, how it works and what the latest version has to offer.
How to Defend your Network Against Social Engineers: Date - Mar 30, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; You can buy the most expensive firewall equipment, install the best anti-virus software, add the greatest intrusion detection system, but there is still a “weakest link” in your security plan that you may have overlooked. In this article, we discuss some common social engineering tactics and, more importantly, what you can do to protect your organization’s network against those who specialize in exploiting the weaknesses of people rather than those of the software.
Hidden Threat: Alternate Data Streams: Date - Mar 24, 2004; Author - Ray Zadjmool; Section - Articles / Windows OS Security; A relatively unknown compatibility feature of NTFS, Alternate Data Streams (ADS) provides hackers with a method of hiding root kits or hacker tools on a breached system and allows them to be executed without being detected by the systems administrator.
Malware - It's Getting Worse: Date - Mar 18, 2004; Author - Dancho Danchev; Section - Articles / Viruses, trojans and other malware; The recent MyDoom Worm successfully infected enough victims in order to shut down SCO's web site, followed by new variants that targeted Microsoft's web site. This paper isn't intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.
WindowsNetworking.com - New Networking Site Launched: Date - Mar 09, 2004; Author - The Editor; Section - Site News; We are pleased to announce the launch of our latest site - WindowsNetworking.com - a site completely dedicated to Windows networking related topics such as setting up Windows NT/XP/2000/2003 networks, troubleshooting, connectivity and much more.
Is Open Source Really More Secure?: Date - Mar 04, 2004; Author - Deb Shinder; Section - Articles / Misc Network Security; In this article we'll discuss the claim made by proponents of open source software that such software is more secure. Is open source really inherently more secure than closed source commercial software? If so, why? And if not, why do so many have that perception?
Comparing Firewall Features: Date - Feb 23, 2004; Author - Deb Shinder; Section - Articles / Firewalls & VPNs; In this article, we’ll take a look at some of the factors you should consider when buying a firewall, features available on some of the most popular offerings, and how to compare the real cost of each (hint: the initial purchase price is only a starting point).
Making Microsoft Software Update Services Part of your Patch Management Strategy: Date - Feb 12, 2004; Author - Deb Shinder; Section - Articles / Windows 2003 Security; Windows Server 2003 includes a number of interesting and useful new features, and one that will be especially helpful to administrators who are struggling with a way to keep a large number of systems updated with the appropriate patches and fixes is the Software Update Service (SUS). SUS can also run on Windows 2000. In this article, we’ll describe how SUS works and give you some pointers on deploying SUS within your organization.
E-mail spam: Is it a Security Issue?: Date - Feb 03, 2004; Author - Deb Shinder; Section - Articles / Content Security (Email & FTP); The daily deluge of unsolicited commercial or offensive messages (more commonly known as spam) comprises one of the biggest problems facing network administrators and users today. In this article, we will examine how spam presents a security threat to your network, and we’ll discuss the most effective way to deal with it: a multi-layered or “defense in depth” approach that addresses spam at the firewall, server and client levels.
Windows Scripting Host - disabling .VBS association: Date - Jan 22, 2004; Author - Norman; Section - Network Security Library / Anti Virus; Windows Scripting Host (WSH) is a part of some of Microsoft's 32 bits operating systems, or is installed when certain Microsoft programs are installed. WSH may be used to run Visual Basic Scripts (VBS) to automate some actions which are to be performed frequently, and could thus be a useful tool. However - WSH are also used by some virus authors to perform malicious actions on computers.
Application Layer Filtering (ALF): What is it and How does it Fit into your Security Plan?: Date - Jan 15, 2004; Author - Deb Shinder; Section - Articles / Firewalls & VPNs; ALF, not a nickname for Alfred but an acronym for Application Layer Filtering, is one of the hottest new buzzwords in a jargon-laden security subfield: firewall technology. Firewall vendors are rushing to implement ALF into their firewall products, and/or beefing up their ALF implementations to compete with those of other vendors. But exactly what is ALF and is it a “must have” feature to look for when you buy a firewall, or just another bit of marketing hype?
How URL Authorization Increases Web Server Security: Date - Jan 13, 2004; Author - Deb Shinder; Section - Articles / Web Server Security; Web servers, by their very nature, are usually exposed to outsiders and thus are vulnerable to compromise and attack. Internet Information Services (IIS) version 6, included with Windows Server 2003, provides a number of new security features designed to increase web server security. One of these is URL authorization, which works in conjunction with Server 2003’s Authorization Manager. In this article, we’ll take a look at how URL authorization is implemented in IIS 6.0, the practicalities of using it in your web services environment, and how it enhances the security of your web sites and services.
How Secure are Windows Terminal Services?: Date - Jan 09, 2004; Author - Deb Shinder; Section - Articles / Windows OS Security; Microsoft’s Windows Terminal Services (built into Windows 2000 Server and Windows Server 2003) and Windows XP’s Remote Desktop, which is based on Terminal Services, provide an easy, convenient way for administrators to implement thin computing within an organization or for users to connect to their XP desktops from a remote computer and run applications or access files.