Malware and administrative rights

For about a year I have been telling a story to highlight how users running as administrators are much more likely to get malware installed on their systems than users who run as normal users. The story is actually in Protect Your Windows Network if you wanted to see it. The conclusion was that if…

6

Exceptions to the rule – When you may WANT to turn off SMB message signing

Being a security guy I see the world in black and white. People are either good or bad. Technical security means are either secure or not. We are either underpaid, or we are in marketing. No, seriously, nothing is that black and white. Take SMB Message Signing for instance. Obviously it provides some serious security…

10

Protect Your Windows Network site now live!

After a delay that was WAY too long we finally got the Protect Your Windows Network site up and running. Mostly it is just about the book for now, and it really highlights how bad I am at UI design. Eventually I thought I would start putting some personal things up there, like downloadable presentations, some tools,…

2

How to shoot yourself in the foot with ACLs

My latest TechNet article, “How to Shoot Yourself in the Foot with Security, Part 2: To ACL or Not To ACL” was just published in the TechNet Newsletter. It turns out that ACLs is one of the major ways people destroy their systems, and of course it is also one of the major ways to…

8

Taped presentations

I’ve been meaning for a while to put together a list of my taped presentations and web casts. More and more of them are turning up in various places, and it is kind of fun to watch actually. Here is a list. If you know of more, send me an e-mail and let me know…

4