Website Security Suggestion: Get rid of cruft! (script included)

Right: One of my pet hates is cruft on a production website. Cruft is stuff – files – which has accumulated because nobody’s paying attention. Cruft includes sampleware. Developer experiments. Readmes. Sample configs. Backups of files which never get cleaned up. Just general accumulated stuff. It’s website navel lint. Hypertext hairballs. Cruft. Has. No. Place….

0

Sunsetting TMG 2010 with some (free!) Best Practices

Long and boring post ahead. So: KITTENS! There. Fluffy now. As one of the Premier Field Engineers performing ISA Server Health Checks and then Threat Management Gateway (TMG) configuration reviews (by default, from my long association with Proxy 2.0 and then ISA), I was reviewing a document I put together for a customer just before…

2

Simple IIS Kerberos Q&A

Posting a hopefully-useful tidbit. Hi Tristan, Do you have by any chance a guide on how to set up IIS for kerberos auth? I’m helping my customer and I’m a beginner with IIS. It is a farm of 6 IIS servers, they will be using a service acct. DNS is configured to do the following…

0

Tip: Check that your Offline Root CA is actually Offline, mmkay?

I spend a fair whack of time chatting PKI and certificates with customers, and tyre-kicking their environments as part of the Active Directory Certificate Services Assessment (or ADCSA – available via Premier Support). Many customers have a fairly standard design, often deployed by a partner (it’s the “off the shelf plus customize” option), which includes…

2

Huh.

You find lots of draft posts when your user interface changes… Hi! I’ve been waiting for my blog to migrate for what seems like forever. Now it’s back, and Open Live Writer’s a thing, and so I guess I might be back too. Sweet. Somewhere to jot things and rant a bit. FAQ: Yep, still…

0