June 2004 - Posts
It doesn't go deep, indeed, it covers nothing below the UI really, but this is a pretty nice article about some of the stuff we've done in Windows XP SP2... http://www.securitypipeline.com/22102982
Read More...
Perhaps this one will be a little less controversial than my previous post! When I review threat models, I often target it on the mitigations, making sure they are good, solid and well thought out. One mitigation type that worries me is when a team mitigates
Read More...
We're on the home stretch for Windows XP SP2! I can't begin to tell you what a relief it is to see it almost done. Anyone, over the next few weeks I want to outline some of the new features in the product. Ok, here's the the first, I call it protecting
Read More...
Kevin Lam, David LeBlanc, & Ben Smith have released a new book, “Assessing Network Security” from MSPress. To quote Ben in an email he sent, “The book is primarily aimed at security professionals new to penetration testing and IT
Read More...
I finally have in my sweaty little paws a copy of “Threat Modeling” from MSPress, written by Swiderski and Snyder. It's a great read, you'll learn a ton. And at 255pp, you'll read it in one sitting :) In my opinion, it's probably one of the
Read More...
The Sasser worm took advantage of a defect in logging code within the Local Security Authority Subsystem (LSASS.) The entry point for this functionality is through an RPC interface, which is open by default for all users to access on Windows 2000 and
Read More...
Did you ever want to know which ports are used by the Cluster Service or Exchange? Well, there's a list available entitled, “Network Ports Used by Key Microsoft Server Products” at http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/ref_net_ports_ms_prod.mspx
Read More...
Build 2149 is RC2 http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
Read More...
I have to admit, I don't do much ASP.NET work, I mainly write Win32 apps in C++ and C#, but when I do use ASP.NET I invariably have to use the debugger. Mainly because I use the technology so infrequently. So here is the problem - I'm not an admin! When
Read More...
I have been a big supporter of threat modeling since a bunch of us started defining and using the process within Microsoft. It's a very useful way to determine how bad guys will attempt to compromise a piece of software, and define appropriate mitigations.
Read More...
From the “Well-waddya-know Dept.” I just found out this morning there's an RSS feed for Microsoft Security bulletins. You learn something every day! Point your reader at http://www.microsoft.com/technet/security/bulletin/secrss.aspx .
Read More...
Big thanks to Peter Gutmann and Morten Andersen for their comments.I have highlighted what's new in RED . Errata for Writing Secure Code 2 nd Edition By Michael Howard and David LeBlanc Last Updated 2-Jun-2004 Entire Book Please replace all references
Read More...
