Browse by Tags

All Tags » General Security » Windows Server 2008 (RSS)
Friday, July 25, 2008 2:03 AM

Kaminsky Black-Hat Webcast: "By Any Other Name: DNS has doomed us all."

Okay, so the talk’s official title was “ Dan Kaminsky’s DNS Discovery: The Massive, Multi-Vendor Issue and the Massive, Multi-Vendor Fix ”. Arcane details of TCP are something of a hobby of mine, so I attended the webcast to see...
Posted by Alun Jones | 2 comment(s)
Filed under: , , ,
Monday, July 21, 2008 10:09 PM

Whoops - Information Wanted to be Free Again.

Picture the scene at Security Blogs R Us: "We're so freakin' clever, we've figured out Dan Kaminsky's DNS vulnerability" "Yeah, but what if someone else figures it out - won't we look stupid if we post second to them...
Posted by Alun Jones | 2 comment(s)
Filed under: , , ,
Saturday, July 19, 2008 12:02 AM

DNS Server Reserves 2500 Ports.

After applying the patch for MS08-037 - KB 953230 (the multi-OS DNS flaw found by Dan Kaminski ), you may notice your Windows Server 2003 machine gets a little greedy. At least, mine sucks up 2500 - yes, that's two thousand five hundred - UDP sockets...
Posted by Alun Jones | 11 comment(s)
Filed under: , , ,
Thursday, April 24, 2008 4:47 PM

UAC - The Emperor's New Clothes

I heard a complaint the other day about UAC - User Account Control - that was new to me. Let's face it, as a Security MVP, I hear a lot of complaints about UAC - not least from my wife, who isn't happy with the idea that she can be logged on as...
Posted by Alun Jones | 6 comment(s)
Filed under: , , , ,
Friday, January 11, 2008 9:03 PM

Why you don't run as root

[... or administrator, or whatever] I like Roger Grimes, he's a nice guy, and he generally makes me think about what he has to say. That's a good thing, because otherwise he'd either be part of the same choir as me, or he'd be the sort...
Posted by Alun Jones | 4 comment(s)
Filed under: , , , , ,
Saturday, December 29, 2007 11:23 AM

Is a NAT a security device?

I've been working lately on a couple of IPv6-related projects. First, there's a chapter for an upcoming book, and second, there's the effort to make WFTPD and WFTPD Pro work on IPv6, since it's enabled by default in Windows Vista and Windows...
Posted by Alun Jones | 7 comment(s)
Filed under: , , ,