WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2008
[ 8 ] January, 2008 [ 6 ] February, 2008 [ 6 ] March, 2008
[ 11 ] April, 2008 [ 1 ] May, 2008
2007
[ 10 ] January, 2007 [ 9 ] February, 2007 [ 8 ] March, 2007
[ 6 ] April, 2007 [ 8 ] May, 2007 [ 6 ] June, 2007
[ 7 ] July, 2007 [ 11 ] August, 2007 [ 7 ] September, 2007
[ 12 ] October, 2007 [ 11 ] November, 2007 [ 7 ] December, 2007
2006
[ 13 ] January, 2006 [ 9 ] February, 2006 [ 11 ] March, 2006
[ 9 ] April, 2006 [ 12 ] May, 2006 [ 10 ] June, 2006
[ 9 ] July, 2006 [ 11 ] August, 2006 [ 9 ] September, 2006
[ 10 ] October, 2006 [ 11 ] November, 2006 [ 9 ] December, 2006
2005
[ 9 ] January, 2005 [ 11 ] February, 2005 [ 12 ] March, 2005
[ 12 ] April, 2005 [ 11 ] May, 2005 [ 14 ] June, 2005
[ 12 ] July, 2005 [ 14 ] August, 2005 [ 10 ] September, 2005
[ 10 ] October, 2005 [ 8 ] November, 2005 [ 9 ] December, 2005
2004
[ 4 ] January, 2004 [ 3 ] February, 2004 [ 5 ] March, 2004
[ 3 ] April, 2004 [ 6 ] May, 2004 [ 9 ] June, 2004
[ 9 ] July, 2004 [ 8 ] August, 2004 [ 8 ] September, 2004
[ 7 ] October, 2004 [ 9 ] November, 2004 [ 9 ] December, 2004
2003
[ 6 ] January, 2003 [ 5 ] February, 2003 [ 10 ] March, 2003
[ 8 ] April, 2003 [ 15 ] May, 2003 [ 8 ] June, 2003
[ 11 ] July, 2003 [ 5 ] August, 2003 [ 6 ] September, 2003
[ 13 ] October, 2003 [ 5 ] November, 2003 [ 4 ] December, 2003
2002
[ 1 ] March, 2002 [ 9 ] April, 2002 [ 7 ] June, 2002
[ 29 ] July, 2002 [ 7 ] August, 2002 [ 4 ] September, 2002
[ 537 ] October, 2002 [ 10 ] November, 2002 [ 8 ] December, 2002
2001
[ 6 ] February, 2001 [ 1 ] May, 2001 [ 1 ] October, 2001
2000
[ 129 ] February, 2000 [ 188 ] April, 2000 [ 5 ] September, 2000
[ 2 ] December, 2000

Articles & Tutorials for October, 2003

Installing and Securing IIS Servers (Part 1)
Date - Oct 28, 2003
Author - Bronek Kozicki
Section - Articles / Web Server Security
IIS, an acronym for Internet Information Services is a web application server program that handles HTTP requests, ranking second in popularity (after Apache). Its popularity is mainly due to the fact that IIS sites are so easy to implement - just a few mouse-clicks away - from a total disaster.
Changes to Default Settings Make Windows Server 2003 More Secure (Part 2)
Date - Oct 23, 2003
Author - Deb Shinder
Section - Articles / Windows 2003 Security
Microsoft has made a number of changes to the default settings in Windows 2003 to make it more secure “out of the box.” In Part 2, we’ll examine the changes that have been made to the default settings for common services and changes in the authentication process, and we’ll discuss some areas in which some believe that Server 2003’s defaults are still too open.
Using passwords as a defense mechanism to improve Windows security (Part 2)
Date - Oct 21, 2003
Author - Ricky M. Magalhaes
Section - Articles / Authentication, Access Control & Encryption
In this article I will focus more on the global settings of password policies and where to change them to incorporate the 20 Golden rules of good password management in Part 1. This article will describe the possibilities of these policies and will run though real world reasons where these global settings should be applied. Different ways of generating passwords will also be described to make it easier for your users to come up with new passwords in a quick trouble free way.
Windows Server 2003 Disaster Recovery Planning (Part 2)
Date - Oct 17, 2003
Author - Robert J. Shimonski
Section - Articles / Windows 2003 Security
In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part II in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general.
Reducing Corporate Liability With Filtering and Policy Tools
Date - Oct 16, 2003
Author - Postini
Section - Network Security Library / Anti Spam
The overwhelming majority of corporate email addresses today receive unsolicited commercial email, or spam. For a growing number of recipients, this includes spam with adult content or pornography known as unsolicited pornographic email (UPE). UPE poses serious legal risks to corporations, wastes valuable corporate computing resources, and reduces employee productivity.
A Glance at the Windows Server 2003 Security Guide
Date - Oct 15, 2003
Author - Robert J. Shimonski
Section - Articles / Windows 2003 Security
Not only is Microsoft Boasting that Windows Server 2003 is very secure... they have also released prior to the selling of the actual operating system, the ‘free’ (yes you heard this right), security guide for the base operating system as well as many of the services that come with it, like IIS, File and Print services and more.
Changes to Default Settings Make Windows Server 2003 More Secure (Part 1)
Date - Oct 10, 2003
Author - Deb Shinder
Section - Articles / Windows 2003 Security
One big change, very noticeable in Windows Server 2003, is the difference in default settings. In this two-part article, we’ll look at how the out-of-the-box server differs in its defaults from previous versions and how the new defaults make the OS more secure (while at the same time causing frustration for some admins and users who find themselves unable to gain access that was available without any reconfiguration in earlier operating systems). In Part 1, we’ll focus on how the default permissions have changed, changes to the membership of the Everyone group, and ownership of objects.
Blocking over 98% of spam using Bayesian filtering technology
Date - Oct 08, 2003
Author - GFI Software
Section - Network Security Library / Anti Spam
This white paper describes how Bayesian mathematics can be applied to the spam problem, resulting in an adaptive, ‘statistical intelligence’ technique that is much harder to circumvent by spammers. It also explains why the Bayesian approach is the best way to tackle spam once and for all, as it overcomes the obstacles faced by more static technologies such as blacklist checking, databases of known spam and keyword checking. This is not to say that these technologies are obsolete, but they cannot be used as effectively as needed if not combined with a Bayesian filter.
Securing the Windows 2000 Registry
Date - Oct 07, 2003
Author - Ray Zadjmool
Section - Articles / Windows OS Security
One key security practice that is often overlooked by admins is the Windows registry. In addition to configuration information, the registry contains security contexts that can be used to elevate a user’s privilege. If left unsecured, it is a good platform from which a hacker can use to gain access to administrative functions of the computer, and even possibly the domain as well.
Beating Hackers to the Patch
Date - Oct 06, 2003
Author - NetSupport Solutions, Inc
Section - Network Security Library / Patch Management
It’s a good thing the Blaster worm and its variations weren’t really insidious. Had it devastated hard drives, it could have inflicted billions of dollars in lost productivity and other damages globally rather than just significantly annoying Microsoft and IT managers. But Blaster and the Sobig variations are a wake-up call. Cyber attacks are growing rapidly and the potential for them to quickly exploit security holes and wreak havoc is mounting.
Different Methods of Stopping Spam
Date - Oct 03, 2003
Author - Paul Graham
Section - Network Security Library / Anti Spam
There are many ways to fight spam. Which works best? So far the best single solution is probably Bayesian filtering. But you don't have to choose just one. Many of the following solutions could be used in combination.
Windows Server 2003 Disaster Recovery Planning (Part 1)
Date - Oct 03, 2003
Author - Robert J. Shimonski
Section - Articles / Windows 2003 Security
In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part I in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general. In part I, we will look at Windows 2000 & Windows Server 2003 Clustering & Load Balancing for high availability, as well as general planning information.
Windows 2000 DMZ Design.
Date - Oct 03, 2003
Author - Robert J. Shimonski
Section - Network Security Library / Windows Security
In this chapter you learn about Windows 2000 security but only as it relates to this subject matter. In other words, this chapter is not a general Windows 2000 security chapter, but rather is one customized to fit the needs of designing security within the DMZ. Of course, the chapter covers many security topics revolving around Windows 2000, but all the content will be tailored for the most part to security administrators working within a DMZ environment.

Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center

Readers' Choice

Which is your preferred Email Anti Virus solution?