WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2008
[	8	]	January, 2008	[	6	]	February, 2008	[	6	]	March, 2008
[	11	]	April, 2008	[	1	]	May, 2008
2007
[	10	]	January, 2007	[	9	]	February, 2007	[	8	]	March, 2007
[	6	]	April, 2007	[	8	]	May, 2007	[	6	]	June, 2007
[	7	]	July, 2007	[	11	]	August, 2007	[	7	]	September, 2007
[	12	]	October, 2007	[	11	]	November, 2007	[	7	]	December, 2007
2006
[	13	]	January, 2006	[	9	]	February, 2006	[	11	]	March, 2006
[	9	]	April, 2006	[	12	]	May, 2006	[	10	]	June, 2006
[	9	]	July, 2006	[	11	]	August, 2006	[	9	]	September, 2006
[	10	]	October, 2006	[	11	]	November, 2006	[	9	]	December, 2006
2005
[	9	]	January, 2005	[	11	]	February, 2005	[	12	]	March, 2005
[	12	]	April, 2005	[	11	]	May, 2005	[	14	]	June, 2005
[	12	]	July, 2005	[	14	]	August, 2005	[	10	]	September, 2005
[	10	]	October, 2005	[	8	]	November, 2005	[	9	]	December, 2005
2004
[	4	]	January, 2004	[	3	]	February, 2004	[	5	]	March, 2004
[	3	]	April, 2004	[	6	]	May, 2004	[	9	]	June, 2004
[	9	]	July, 2004	[	8	]	August, 2004	[	8	]	September, 2004
[	7	]	October, 2004	[	9	]	November, 2004	[	9	]	December, 2004
2003
[	6	]	January, 2003	[	5	]	February, 2003	[	10	]	March, 2003
[	8	]	April, 2003	[	15	]	May, 2003	[	8	]	June, 2003
[	11	]	July, 2003	[	5	]	August, 2003	[	6	]	September, 2003
[	13	]	October, 2003	[	5	]	November, 2003	[	4	]	December, 2003
2002
[	1	]	March, 2002	[	9	]	April, 2002	[	7	]	June, 2002
[	29	]	July, 2002	[	7	]	August, 2002	[	4	]	September, 2002
[	537	]	October, 2002	[	10	]	November, 2002	[	8	]	December, 2002
2001
[	6	]	February, 2001	[	1	]	May, 2001	[	1	]	October, 2001
2000
[	129	]	February, 2000	[	188	]	April, 2000	[	5	]	September, 2000
[	2	]	December, 2000

Articles & Tutorials for July, 2005

Securing Windows Member Servers: Date - Jul 28, 2005; Author - Derek Melber; Section - Articles / Windows 2003 Security; Every company has member servers at some capacity or another. Some companies have just a few, where others might have thousands. These member servers are the work horses of your network, providing the core production services for the company. From running the intranet, providing print services, SQL databases, e-mail services, file storage, and application support. With member servers providing all of these essential functions, it goes hand-in-hand with the fact that you need to protect these servers. This article will discuss some of key security configurations that can be made to help protect your member servers.
Ubuntu - A new Linux based on the rock that Debian built!: Date - Jul 27, 2005; Author - Jeff McDermott; Section - Network Security Library / Unix Security; With many distributions of Linux out there, which one is the right one for you. This article helps shed some light on a fairly new flavor of Linux, and why it might be the right one for you. Ubuntu is yet another distro of Linux based on Debian, and out to make Linux a practical tool for the average person, and yet powerful for the advanced user.
Installing and Configuring Microsoft’s Data Protection Manager (DPM) Part 1: Date - Jul 26, 2005; Author - Deb Shinder; Section - Articles / Windows 2003 Security; The beta of Microsoft's new Data Protection Manager (formerly called Data Protection Server) is now available to the public. DPM brings disk-based backup and recovery to enterprise networks as part of Microsoft’s new System Center product umbrella that also includes Microsoft Operations Manager (MOM) and Systems Management Server (SMS). In this two part article, we show you how to install and configure DPM and evaluate how this newest member of Microsoft's System Center product umbrella can be integrated into your overall security strategy.
Sys Admin: Friend or Foe?: Date - Jul 21, 2005; Author - Don Parker; Section - Articles / Misc Network Security; The network system administrator is the first line, and sometimes last line of defence that a network has. What happens though if that very same defender becomes more of a liability?
Second-order Code Injection: Advanced Code Injection Techniques and Testing Procedures: Date - Jul 20, 2005; Author - Gunter Ollmann; Section - Network Security Library / Web Security; Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user's current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into a data storage area that may be executed at a later date or time. Depending upon the nature of the application and the way the malicious data is stored or rendered, the attacker may be able to conduct a second-order code injection attack.
Ethical Issues for IT Security Professionals: Date - Jul 19, 2005; Author - Deb Shinder; Section - Articles / Misc Network Security; This article takes a look at a neglected area of most computer security professionals' training: how to deal with the ethical issues that can - and invariably do - crop up during the course of doing your job.
The Student, the Teacher, and Optix Pro (Part 3): Date - Jul 14, 2005; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; In this last part of the article series we will show John finding, and retrieving the upcoming math exam, as well as his getting caught. Rounding it out will be a quick incident handling roundup.
Social Engineering: You Have Been A Victim: Date - Jul 13, 2005; Author - Darren Miller; Section - Network Security Library / Network Security; Social Engineering is a method often employed in the attempt to break through network security. It is based on the premise that it is often easier to ask for something than to work for it. Although "social engineering" is not a brand new style of gaining network access. This article will make you think about how easy a person can fall for social engineering.
How Do Compliance Issues Affect your Network?: Date - Jul 12, 2005; Author - Deb Shinder; Section - Articles / Misc Network Security; Government regulations such as HIPAA, SOX and the GLB Act require changes to many network security infrastructures and IT procedures. As if wading through this alphabet soup of statutes and regulations weren’t enough, it's not enough to be compliant; you must also be able to prove your compliance if the feds come knocking. This article looks at how regulations affecting specific industries impact the computer networks of companies in those industries, as well as some of the common myths and misconceptions about various compliance requirements.
The Student, the Teacher, and Optix Pro (Part 2): Date - Jul 07, 2005; Author - Don Parker; Section - Articles / Viruses, trojans and other malware; In this part of the article series we see John begin to configure his trojan server on the professor’s computer, and will ultimately see him connect to it from his class room.
Avoiding Identity Theft: Date - Jul 06, 2005; Author - Jeff McDermott; Section - Network Security Library / Privacy; Identity theft is the fastest growing crime in America. According to the Federal Trade Commission, the number of identity theft incidents reached 9.9 million in 2003, and is estimated to have taken the average victim $500 and 30 hours to resolve. This article is designed to help network administrators and consumers understand the issues surrounding the rapidly growing concern of "Identity Theft".
Book Reviews: Still More Security Books: Date - Jul 05, 2005; Author - Mitch Tulloch; Section - Articles / Misc Network Security; Security books keep flooding in from publishers, so it looks like the business of information security continues to occupy a forefront in the minds of both business executives and IT professionals. Here’s my latest pick of what’s good.