August 2004 - Posts
A nice article on the subject, focused firmly on infrastructure, written by Pete Lindstrom at Information Security Magazine: http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss446_art927,00.html The two opening para's sum it up nicely: The time
Read More...
I talk to many people about threat modeling. All the time! Invariably, an idea pops into my head about about ways to streamline things, or make them more concrete or usable. Just recently, I scribbled down some notes about threat modeling. I assume you
Read More...
Ages ago, I wrote a little DHTML tool to help people determine the appropriate authentication settings to use with different browsers, servers and Web servers. It helped a good many people, but it was simple. Today, the IIS team has released a much more
Read More...
http://www.jinx.com/scripts/details.asp?affid=-1&s=1&productID=143 :-)
Read More...
"Application Compatibility Testing and Mitigation Guide for Windows XP Service Pack 2" is now available here . From the abstract: Windows® XP Service Pack 2 introduces a number of security features and technologies to help protect against attacks on computers
Read More...
Last night I bought a shiny new PC for home; it's based on an AMD Athlon 64 FX, with 2x160Gb SATA RAID-0 drives, 1Gig of RAM and an nVidia GeForce 6800 Ultra. It's pretty quick :) I got the AMD Athlon CPU primarily for the Data Execution Protection support.
Read More...
Blurb from http://www.microsoft.com/mbsa : New version, MBSA 1.2.1, needed for Windows XP SP2 compatibility: Users of Windows XP Service Pack 2 will need to update their MBSA to version 1.2.1 for compatibility with SP2 security improvements. Windows XP
Read More...
The Windows Privacy Statement highlights 27 components that have historically been of interest to privacy advocates and customers, and the 6 page IE Privacy Statement highlights some of the new IE features including “Pop up Blocker”, “Untrusted Publishers”,
Read More...
I'm just gonna give a diff this time Chapter 16, Page 515 The URL for SiteLock is now incorrect – the new link is http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/samples/internet/components/sitelock .
Read More...
There's been a little confusion about raw sockets and Windows XP SP2. Hopefully, this little entry from the "Changes in functionality..." doc (see my last blog entry for an URL to the doc) should explain things a little better: A very small number of
Read More...
I would highly recommend you read this! http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2chngs.mspx
Read More...
I was asked by a TechEd attendee which web sites often visit. I scan the following every morning, just to see if there's any little tidbits of useful stuff: http://security-protocols.com/ http://www.csoonline.com/ http://www.governmentsecurity.org/ http://johnny.ihackstuff.com/
Read More...
I'm in New Zealand right now, talking at TechEd. A customer asked me where he could find list of all my old “Code Secure” columns on MSDN. I wasn't aware but things have moved around a little on msdn.microsoft.com, making it a little hard
Read More...