On the Security & Tecnology Online (SATO) online conferences portal, from IPEvents company, you'll find this new webcast about endpoint security:
http://www.satoevents.com/enter_session.php?sess_id=109&spid;=1162
Portal registration and webcast view are free.
I'd like to remember to CISSP professionals that all SATO online events, included this one, worth Continuing Professional Education (CPE) credits, thanks to a IPEvents and (ISC)2 partnership.
Thursday, September 29, 2005
Monday, September 26, 2005
Migrating WSUS database from MSDE to SQL Server 2000
Windows Server Update Services (WSUS), formerly known as SUS 2.0, is one of the best security tools Microsoft ever realized.
This new version introduces a great flexibility level and permits patching of operating systems and other products like Office, SQL Server e Exchange, in various languages. And in the near future the service will be extended to all Microsoft back-end servers and even third parties products.
With this new updating capability a storage strategy replanning is mandatory.
Usually WSUS, being a free product, is tested in a light configuration with MSDE database support. But this capped SQL Server edition has a database limit imposed to 2GB, which can become full even in a single day, depending on how many updates you are synchronizing.
99% of times, passing from a test environment to a production environment means you need to change your database server, passing from MSDE to SQL Server 2000.
This operation isn't that easy so this article taken from the WSUSwiki will be highly useful:
http://www.wsuswiki.com/UpgradingMSDEtoSQL2000
This new version introduces a great flexibility level and permits patching of operating systems and other products like Office, SQL Server e Exchange, in various languages. And in the near future the service will be extended to all Microsoft back-end servers and even third parties products.
With this new updating capability a storage strategy replanning is mandatory.
Usually WSUS, being a free product, is tested in a light configuration with MSDE database support. But this capped SQL Server edition has a database limit imposed to 2GB, which can become full even in a single day, depending on how many updates you are synchronizing.
99% of times, passing from a test environment to a production environment means you need to change your database server, passing from MSDE to SQL Server 2000.
This operation isn't that easy so this article taken from the WSUSwiki will be highly useful:
http://www.wsuswiki.com/UpgradingMSDEtoSQL2000
Monday, September 19, 2005
Building firewall and IPSec IPv6 aware applications
For unlucky developers who missed this year Microsoft Professional Developers Conference (PDC) should be interesting checking a Mohit Talwar, Development Lead di Microsoft, session titled Building IPv6 (Firewall & IPSec) Aware Applications.
The transition to IPv6 will hurt: there will be technical problems with applications migrations, logistical problems with enterprise network re-addressing, security problems coming out from networking vulnerabilities.
But the greatest difficulty to front during the migration will be spreading the knowledge.
The fastest developers and IT managers will start thinking in IPv6 the fastest they will be able to develop and manage these new networks.
Slides are here: http://216.55.183.63/pdc2005/slides/COM304_Talwar.ppt
The transition to IPv6 will hurt: there will be technical problems with applications migrations, logistical problems with enterprise network re-addressing, security problems coming out from networking vulnerabilities.
But the greatest difficulty to front during the migration will be spreading the knowledge.
The fastest developers and IT managers will start thinking in IPv6 the fastest they will be able to develop and manage these new networks.
Slides are here: http://216.55.183.63/pdc2005/slides/COM304_Talwar.ppt
Tuesday, September 13, 2005
Check Point SmartConsole on Linux
(Very OT but likely very appreciated)
One thing Check Point doesn't do is producing its VPN-1 administrative console (the so called SmartConsole) for Linux platforms.
Available versions are for Windows (free of charge) and for Solaris (priced) only.
This is still true with the new NGX version.
But nothing prevents us from running the Windows SmartConsole on a Linux Wine session.
Daniele Besana realized a good how-to about doing so with the NG R55 SmartConsole (I didn't tried and cannot be sure it works even for the NGX R60 SmartConsole).
You can find it here:
http://www.itvc.net/educational/index.asp?id=45
One thing Check Point doesn't do is producing its VPN-1 administrative console (the so called SmartConsole) for Linux platforms.
Available versions are for Windows (free of charge) and for Solaris (priced) only.
This is still true with the new NGX version.
But nothing prevents us from running the Windows SmartConsole on a Linux Wine session.
Daniele Besana realized a good how-to about doing so with the NG R55 SmartConsole (I didn't tried and cannot be sure it works even for the NGX R60 SmartConsole).
You can find it here:
http://www.itvc.net/educational/index.asp?id=45
Saturday, September 10, 2005
A maximum security keyboard
Just read on the Marco Russo blog about the Das Keyboard: 104 keys without any label.
Advertised as the perfect tool to develop skilled typing capabilities, this could easily be used as a physical security tool.
This keyboard also has another features: keys can be weighted in 5 ways, while standard keyboards have 55gr keys.
I'm wondering if a typical problem of standard keyboards can be avoided calibrating keys with accuracy: most used keys consumption (very severe when the input device is used for passwords submission only).
I'm also wondering if weighted keys can avoid rumors produced by keys pressing, as exposed in this brillant Berkley University research titled Keyboard Acoustic Emanations Revisited.
Generally speaking I would define this a good security through obscurity example :)
Advertised as the perfect tool to develop skilled typing capabilities, this could easily be used as a physical security tool.
This keyboard also has another features: keys can be weighted in 5 ways, while standard keyboards have 55gr keys.
I'm wondering if a typical problem of standard keyboards can be avoided calibrating keys with accuracy: most used keys consumption (very severe when the input device is used for passwords submission only).
I'm also wondering if weighted keys can avoid rumors produced by keys pressing, as exposed in this brillant Berkley University research titled Keyboard Acoustic Emanations Revisited.
Generally speaking I would define this a good security through obscurity example :)
Saturday, September 03, 2005
Attachment handling in Microsoft Outlook
It's really irrating when you cannot choose which email attachment to block and which one to see, isn't it?
Since Office 2000 SR1, Microsoft introduced a security filter for handling email attachments.
From that moment any kind of attachment with non graphical extensions (from .com to .asp, from .url to .inf and so on), not archived within a zipped file (.zip, .rar, ecc.) is blocked: the attachment isn't deleted, just blocked.
There is no way to disable or modify the filter behavior (at least up to Outlook 2003).
The only way to workaround this thing (apart using another mail client...) is manually create a list of allowed file extensions inside Windows Registry.
Which it's not a so silly task to achieve. The whole procedure is here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;829982
Adrian Bateman, aware of the frustration sometimes Microsoft technologies can provoke, developed a simple program to automate the operation. You can find it here:
http://www.visiontech.ltd.uk/software/ol2k2sec.html
After that Adrian went to work in Microsoft...
Since Office 2000 SR1, Microsoft introduced a security filter for handling email attachments.
From that moment any kind of attachment with non graphical extensions (from .com to .asp, from .url to .inf and so on), not archived within a zipped file (.zip, .rar, ecc.) is blocked: the attachment isn't deleted, just blocked.
There is no way to disable or modify the filter behavior (at least up to Outlook 2003).
The only way to workaround this thing (apart using another mail client...) is manually create a list of allowed file extensions inside Windows Registry.
Which it's not a so silly task to achieve. The whole procedure is here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;829982
Adrian Bateman, aware of the frustration sometimes Microsoft technologies can provoke, developed a simple program to automate the operation. You can find it here:
http://www.visiontech.ltd.uk/software/ol2k2sec.html
After that Adrian went to work in Microsoft...
Subscribe to:
Posts (Atom)