Browse by Tags

All Tags » General Security » Windows Vista (RSS)
Friday, July 25, 2008 2:03 AM

Kaminsky Black-Hat Webcast: "By Any Other Name: DNS has doomed us all."

Okay, so the talk’s official title was “ Dan Kaminsky’s DNS Discovery: The Massive, Multi-Vendor Issue and the Massive, Multi-Vendor Fix ”. Arcane details of TCP are something of a hobby of mine, so I attended the webcast to see...
Posted by Alun Jones | 2 comment(s)
Filed under: , , ,
Monday, July 21, 2008 10:09 PM

Whoops - Information Wanted to be Free Again.

Picture the scene at Security Blogs R Us: "We're so freakin' clever, we've figured out Dan Kaminsky's DNS vulnerability" "Yeah, but what if someone else figures it out - won't we look stupid if we post second to them...
Posted by Alun Jones | 2 comment(s)
Filed under: , , ,
Saturday, July 19, 2008 12:02 AM

DNS Server Reserves 2500 Ports.

After applying the patch for MS08-037 - KB 953230 (the multi-OS DNS flaw found by Dan Kaminski ), you may notice your Windows Server 2003 machine gets a little greedy. At least, mine sucks up 2500 - yes, that's two thousand five hundred - UDP sockets...
Posted by Alun Jones | 11 comment(s)
Filed under: , , ,
Tuesday, June 10, 2008 9:17 PM

The difference between liking and hating UAC?

Totally unscientifically, I have carried out a poll of people who like UAC (okay, a few security geeks like myself), and those who hate UAC - mostly my wife. Something struck me as both a surprising common factor, and also a rather obvious explanation...
Posted by Alun Jones | 5 comment(s)
Filed under: , , ,
Thursday, April 24, 2008 4:47 PM

UAC - The Emperor's New Clothes

I heard a complaint the other day about UAC - User Account Control - that was new to me. Let's face it, as a Security MVP, I hear a lot of complaints about UAC - not least from my wife, who isn't happy with the idea that she can be logged on as...
Posted by Alun Jones | 6 comment(s)
Filed under: , , , ,
Tuesday, February 26, 2008 11:55 AM

CS-RCS Pro on Vista

I've been trying back and forth to get CS-RCS Pro , a version control suite, to work on Windows Vista. I like CS-RCS Pro for a number of reasons: Files stored in CS-RCS Pro are kept in a simple format, open and well-documented. As a result, if I ever...
Posted by Alun Jones | with no comments
Filed under: , , ,
Thursday, January 24, 2008 9:19 PM

Vista's Secret Windows Firewall hole

First, the good news - it's not a flaw in the operation of Windows Firewall on Windows Vista. It's a design feature, it makes sense, and it fits in with the principle that the firewall should keep out unsolicited traffic. It's not really a...
Posted by Alun Jones | 2 comment(s)
Filed under: , , ,
Friday, January 11, 2008 9:03 PM

Why you don't run as root

[... or administrator, or whatever] I like Roger Grimes, he's a nice guy, and he generally makes me think about what he has to say. That's a good thing, because otherwise he'd either be part of the same choir as me, or he'd be the sort...
Posted by Alun Jones | 4 comment(s)
Filed under: , , , , ,
Saturday, December 29, 2007 11:23 AM

Is a NAT a security device?

I've been working lately on a couple of IPv6-related projects. First, there's a chapter for an upcoming book, and second, there's the effort to make WFTPD and WFTPD Pro work on IPv6, since it's enabled by default in Windows Vista and Windows...
Posted by Alun Jones | 6 comment(s)
Filed under: , , ,
Monday, September 03, 2007 8:51 PM

Why complain about UAC prompts?

Jesper's article in TechNet Magazine on the purpose and future of UAC in Windows Vista and beyond reminded me that there's a whole slew of behaviours more annoying than UAC's prompting (which, as Jesper points out, is only the most visible...
Posted by Alun Jones | 2 comment(s)
Filed under: , , , ,
Thursday, June 28, 2007 9:13 PM

Wireless PC Lock - part 2

Over the last several days, I've been getting more and more requests for my updated Wireless PC Lock software that I described way back last year . Possibly, it's because of stories like this one : At New York-based Big Four accounting firm Ernst...
Posted by Alun Jones | 14 comment(s)
Filed under: , , ,
Wednesday, June 06, 2007 2:58 PM

Public, Home and Work networks

Here I am at TechEd, and I want to connect back home. No problem - I can use a VPN, because I have one set up on my server back at home. [Perhaps that's not normal, but I'm a geek] Now I want to browse my home network, partly because I want to...
Posted by Alun Jones | with no comments
Filed under: , ,
Tuesday, May 01, 2007 7:45 PM

NULL DACL Behaviour in Windows Vista

Subtitled: Don't believe everything you hear at TechEd. I was inspired by my "empty DACL" issue , and what I remembered of Jesper's "Is That Application Really Secure?" talk from last June's Microsoft Tech-Ed conference...
Posted by Alun Jones | 3 comment(s)
Filed under: , ,
Tuesday, May 01, 2007 10:00 AM

Vista incompatibility isn't always Vista

In fact, it is very rarely Vista, from the problems I've seen. Sure, there are some programs that rely on features and functionality that has been removed from Vista - but by and large, that functionality was already documented by Microsoft as being...
Posted by Alun Jones | 6 comment(s)
Filed under: , ,
Thursday, April 26, 2007 9:50 PM

Alternate Data Streams in Windows Vista

Windows NT 3.1 was released ... oh, back in the early to mid '90s. Ever since then, I've been aware that it supported Alternate Data Streams, also known as ADS, or in some technical documents that didn't make it to final review, Alternative...
Posted by Alun Jones | 8 comment(s)
Filed under: , , , ,
Wednesday, April 25, 2007 10:16 PM

What do those dollar signs on shares do?

Most Windows administrators have used "hidden shares" from time to time. " net use * \\computer\c$ " gives you a share, if you have access, to the C: drive on the named computer. Occasionally, someone will suggest that hidden shares...
Posted by Alun Jones | with no comments
Filed under: ,
Monday, April 02, 2007 12:01 PM

Don't catch exceptions

A long time ago, the developer of a competing product to my own WFTPD Pro decided that he was going to do something about GPFs in his software. He released a new version, and declared that you would never see another GPF from his software. How did he...
Posted by Alun Jones | 3 comment(s)
Filed under: , ,
Monday, January 29, 2007 8:17 AM

Vulnerabilities and asset management

There's a little buzz going around right now over Microsoft's latest Security Advisory - "Vulnerability in Microsoft Word 2000 Could Allow Remote Code Execution". A few people are irritated simply that there's an attack doing the rounds, and yet there...
Posted by Alun Jones | 2 comment(s)
Filed under: , ,
Friday, January 19, 2007 9:02 PM

Visual Studio 2005 SP1 recommends /what/?

That's a great way to ruin a message that several of us have been trying to push for several years - the suggestion here is that you should be an administrator because some of the things that you may want to do might require administrative privilege....
Posted by Alun Jones | 2 comment(s)
Filed under: , ,
Saturday, January 13, 2007 9:30 PM

Certificate Manager does not require administrator access.

When you manage your personal certificates in Windows, the tool to use is Certificate Manager - you can access it either by running " certmgr.msc " to access your own personal certificate store, or by running MMC, the Microsoft Management Console, and...
Posted by Alun Jones | 1 comment(s)
Filed under: , , ,
More Posts Next page »