Blocking certain extensions in ISA server

For some reason I decided that today was a good day to figure out how to block certain file extensions from being accessible over the web. This could be very useful, for instance, if you are trying to prevent a particular exploit that utilizes a particular file extension for its payload. To do this go…

27

Weird ISA error, and apparent solution

This morning when I tried to use FrontPage (don’t even start) to edit one of my web sites, I was faced with this error: Error Code: 500 Internal Server Error. Internet Control Message Protocol (ICMP) network is unreachable. For more information about this event, see ISA Server Help. (10051) 10051 means “System Call Interrupted.” That…

4

Getting OMA to work with SBS Premium and WM 5.0

Being that I am on vacation, I just had to take a break from all the relaxing and get my new K-JAM/QTek 9100 to connect to OMA on my SBS server. These devices have not been out very long and run the latest version of Windows Mobile (nee, Windows CE), version 5.0.  Nick, one of the SBS…

2

Biometrics

Apart from the obvious issues with biometric authentication (like the fact that revoking them is quite onerous and the fact that they are actually detachable) I have never really been much of a fan of them for other reasons, like the issue that they always seem to be fooled by low-tech means. A recent scientific…

4

Good Enough Security

At some point about six weeks ago I once again was hit with arguments that pointed to people considering security as black and white; you are either secure or you are not. Security is not now, nor has it ever been, a binary decision. There are a lot of factors we need to consider, all…

6

Tools and other new stuff from the book now available

When we wrote Protect Your Windows Network we put some tools on the CD. The tools are now posted on the website: http://www.protectyourwindowsnetwork.com. There is even a new version of the passgen tool available there. The new version supports setting passwords up to 256 characters, which will make it impossible to log on with the…

4

Malware and administrative rights

For about a year I have been telling a story to highlight how users running as administrators are much more likely to get malware installed on their systems than users who run as normal users. The story is actually in Protect Your Windows Network if you wanted to see it. The conclusion was that if…

6

Exceptions to the rule – When you may WANT to turn off SMB message signing

Being a security guy I see the world in black and white. People are either good or bad. Technical security means are either secure or not. We are either underpaid, or we are in marketing. No, seriously, nothing is that black and white. Take SMB Message Signing for instance. Obviously it provides some serious security…

10

Protect Your Windows Network site now live!

After a delay that was WAY too long we finally got the Protect Your Windows Network site up and running. Mostly it is just about the book for now, and it really highlights how bad I am at UI design. Eventually I thought I would start putting some personal things up there, like downloadable presentations, some tools,…

2

How to shoot yourself in the foot with ACLs

My latest TechNet article, “How to Shoot Yourself in the Foot with Security, Part 2: To ACL or Not To ACL” was just published in the TechNet Newsletter. It turns out that ACLs is one of the major ways people destroy their systems, and of course it is also one of the major ways to…

8