Browse by Tags
All Tags » Security Admin ( RSS)
-
|
1. Introduction Nowadays information is much easier to find than it was in the past, you can find information about pretty much everything by just searching on the web (try http://www.letmebingthatforyou.com/?q=dns%20atacck for example). For this reason...
|
-
|
1. Introduction The new URL Filtering option on Forefront TMG 2010 allows you to manually add web sites to a specific category; such feature is called URL Category Override . This can be a good approach when you want to force a specific site to be categorized...
|
-
|
I’ve being so busy lately that I couldn’t really stop to write some posts that I have on hold, waiting for me to complete it. Me and Tom Shinder are also very busy working on a tight schedule for a new MSPress book (details will be revealed soon) and...
|
-
|
Introduction This post is about an interesting issue where a third party application that was configured as service was failing to establish a connection with the destination server because ISA Server was denying the traffic. For this brief description...
|
-
|
Developers, developers, developers, developers (I bet you that you know this song). As you build your new application you should start thinking about security from the source (inside out approach). However even when you try to mitigate all scenarios that...
|
-
|
If you are using Windows 7 or Windows Server 2008 R2, make sure to test the new version of the Microsoft Baseline Security Analyzer 2.1.1. Read more about it here http://technet.microsoft.com/en-us/security/cc184923.aspx and download it from MS Download...
|
-
|
This week I worked in an issue where ISA Server 2006 was stopping answering request and NLB on ISA Server was constantly appearing with the status for “Unavailable”. The odd thing about this scenario was that every time that the firewall admin changed...
|
-
|
Today ISSA released the ISSA Journal – September 2009 issue that contains an article that I wrote about unified threat management. If you are ISSA Member, you can view the online version at: https://www.issa.org/Members/Journal.html Share this post: Read...
|
-
|
Microsoft Malware Protection Center Blog put together the latest update about Conficker worm, the attack vectors, how to prevent and how to clean the system. It is all consolidated in their blog that you can access from here: http://blogs.technet.com...
|
-
|
Check this out this nice tool that allows you to analyze IIS logs and see if the ASP pages were victim of SQL Injection attack: http://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=WSUS&ReleaseId=13436 Share this post: Read More...
|
-
|
1. Introduction This is another one of those cases where ISA Server Service mysterious crashes once a day, at the same time and nothing changed in the environment. This just make me really fell that the lack of communication between the teams that deals...
|
-
|
This post could easily be called “Slow Internet through ISA Server”, but I decided to change the title and the focus. I’m doing that for a simple reason: people still thinking that only Windows system needs to be patched. What an untrue statement this...
|
-
|
Yesterday I was playing a little bit with IE8 when I received the following warning message in IE window: Internet Explorer has modified this page to prevent a potential cross-site-scripting attack. Yep, that’s right: IE8 now mitigates XSS attack by using...
|
-
|
The Microsoft Windows Server 2008 Event Viewer is a whole new program inside the Operating System, the changes made to it were completely significant and rich in new features. There are so many things that you can now do with Event Viewer that it is worth...
|
-
|
1. Understanding the Problem I already worked in many cases where customer wants to know why ISA is alerting that it might be under attack by logging events such as: Figure 1 – Number of TCP Connections. …and also this one: Figure 2 – Denied Connections...
|
-
|
After writing the post SQL Injection, the threat beyond the perimeter I received some emails with this question. If you company also has the same dilemma you need to leverage this to upper management and show the real risk that they are running in to...
|
-
|
1. Introduction One process that it is becoming more and more common today is the hardening server’s process. This is really an excellent idea in the security perspective, the problem is when you tight too much or when you do it in an unsupported manner...
|
-
|
It is very common to us from CSS Security receive calls about SQL Injection and sometimes customers prefers to apply a bandage in the perimeter rather than work in the real root cause. When I say beyond the perimeter is because as a matter of fact, the...
|
-
|
The CSS Security Team released yesterday a very cool tool that combines features from WSUS MPSReports tool and the FCS MPSReports tool. Click it here to see for more details and download the tool. Share this post: Read More...
|
-
|
1. Introduction The process flow is very known by all IT professionals: user can’t access a web site and calls the Help Desk. First contact, initial troubleshooting, can’t fix and it calls the network admin. At that point, after troubleshoot his “piece...
|
-
|
Last July 8th Microsoft released the security update MS08-039 for OWA, the following Exchange versions are affected: Software Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by this Update Microsoft Exchange Server 2003 Service Pack...
|
-
|
About one month ago, a friend of mine from Brazil told me about the idea to write the Security Article of the month and we got together on this. We wrote an overview about Microsoft Security Products and how to use a layered approach to use them. Today...
|
-
|
1. Introduction This case was originally written in Portuguese back in September 2006, it is about a case where customer was really concern about security. However his application was not that concern about this subject. Here is the scenario: · Customer...
|
|
|