March 2008 - Posts

Malware that wants to stay - Some passive protection tricks
20 March 08 08:31 PM
Hello again I wanted to talk about some of the things that malware does to make itself hard to remove. Most Trojans are designed to work on an average XP workstation and make assumptions based on that – which typically breaks servers in rather nasty ways. Read More...
Postedby marklon | 0 Comments    
Filed under: , , ,
Small glitch - MS08-017 for Office 2000 is not currently downloadable
12 March 08 04:29 PM
Hi folks Just a quick heads up - we know that the link from the bulletin is broken. We had a problem with propagating out the file to the web farm (it is a big old webfarm) and so the file is not universally available just yet. We have a lot of operations Read More...
Postedby marklon | 0 Comments    
Firewalls and old school attacks
07 March 08 08:55 PM
I saw a really old fashioned denial of service attack today. A customer was concerned that they were seeing odd ICMP packets. ICMP is the protocol used for pings. Very few system admins bother to monitor them because they are generally rather dull. However, Read More...
Postedby marklon | 1 Comments    
I passed my CISSP exam
05 March 08 10:35 AM
Well, nothing like getting all of my news out of the way in one go. Because of my self imposed rule that all blogs must have some technical content: Most bots don't use hard coded IP addresses for their command and control mechanism. Sometimes the engine Read More...
Postedby marklon | 2 Comments    
Testing times
03 March 08 06:21 PM
Hello all I am sorry that I haven’t blogged for a while. It has been a bit of a busy time. After developing all that training (and I would love to be able to say who the audience were but I really can’t), I was on the receiving end of some for a change. Read More...
Postedby marklon | 1 Comments    

This Blog

Syndication

The opinions stated here are my own and may not represent those of Microsoft.
Page view tracker