Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Forefront products, WSUS, Security Incident Response, and whatever else comes up.
Incident Response: The Importance of Anti-Virus
Heading home from the CSS Security Global Summit on Friday, I got stuck in Cincinnati’s airport....
Date: 11/23/2009
SQL Injection Hijinks
or Why I Keep Harping On Blacklisting Summary: An incident reveals attempts to get around...
Date: 10/31/2008
PASSGEN
Occasionally, I see a security incident where one of the things that went wrong was that all of the...
Date: 10/22/2008
Err
I might be the last person to know this but one of my favorite internal Microsoft tools is now...
Date: 08/12/2008
Input Validation Is Not The Answer
I just sent a piece of e-mail to my team about input validation and SQL injection and it occurred to...
Date: 08/07/2008
Forefront Server Security Management Console, Templates, and Revisions
Sometimes, working in support, you come across a best practice or a bit of knowledge that is...
Date: 07/11/2008
Does This Make Me A Fanboy?
I upgraded my iPhone to the 2.0 firmware today and I've been playing with the app store all day....
Date: 07/10/2008
Antigen 9.1 Hotfix Rollup 3 and Performance Monitor
While investigating an issue where mail was queuing in the Exchange Information Store, we discovered...
Date: 07/09/2008
SQL Storm: Possible ASP.Net
I’ve had an unconfirmed report that the SQL Storm attacks are now also affecting ASP.Net...
Date: 06/04/2008
SQL Injection: Trends & Guidance
I've been working with the SWI team to write a comprehensive overview of the SQL Storm attacks with...
Date: 05/30/2008
SQLInjectionFinder
My colleague Greg, who has forgotten more about command line scripting than I will ever know, put...
Date: 05/27/2008
SQL Injection Mitigation: Using Parameterized Queries part 2 (types and recordsets)
(Part 1 is here) Previously, I provided a simple example of using parameterized queries in classic...
Date: 05/23/2008
SQL Injection Mitigation: Using Parameterized Queries
Michael Howard wrote an excellent article yesterday on how the SDL addresses SQL injection. He walks...
Date: 05/21/2008
SQL Injection -- A Comment
Kumar comments here and I think he has some questions/concerns that are worth addressing. I'm...
Date: 04/07/2008
Mass SQL Injection -- Get Used To It
It looks like another wave of the mass SQL injection I talked about last month is going on. ...
Date: 04/04/2008
Good News
The good news is that, whatever else might happen, these guys won't get pwned by SQL injection....
Date: 03/20/2008
Anatomy of a SQL Injection Incident, Part 2: Meat
Intro It would appear that the incident I wrote about yesterday is still ongoing. I've been using a...
Date: 03/15/2008
Anatomy of a SQL Injection Incident
A number of people are reporting that 10K+ websites have been hacked via a SQL injection attack that...
Date: 03/14/2008
LogParser, Event Logs, and Vista
LogParser is one of my absolute favorite tools, particularly for doing incident response. I use it a...
Date: 08/15/2007
Rating Music (iTunes Edition)
I have a large collection of music, all of which is (finally) in iTunes. I'd like to rate all of it...
Date: 08/15/2007
Detecting ARP Spoofing Attacks
After investigating an ARP spoofing incident recently, I started thinking of how we could easily...
Date: 07/05/2007
Microlending
I commute about 90 minutes a day, total, on an average day. I spend most of the commute listening to...
Date: 07/05/2007
ARP Cache Poisoning Incident
I recently worked on an interesting incident response with several of my colleagues. The problem, as...
Date: 06/28/2007
Reboot
I started blogging on MSDN back in 2004 with the best of intentions. I was working with the...
Date: 06/27/2007
It's the New Phone
I finally lost my patience with my old mobile provider last week & decided it was time for a...
Date: 10/28/2004
SMB Perf articles
I've been working a lot with file sharing performance, and I'm trying to write a few essays on those...
Date: 10/26/2004
SMB/CIFS Performance Over WAN Links
I often have customers who ask me to wrestle with the performance of SMB (otherwise known as CIFS)...
Date: 10/26/2004
Quick Figuring Optimal TCP Window Size
There generally isn't a single correct way to figure out the optimal TCP window for an interface...
Date: 10/26/2004
Conversations
My favorite cartoonist wrote something that started me thinking... “All products are...
Date: 06/02/2004
Finding Retransmits in Ethereal
With the full version of Netmon, it's relatively easy to find retransmitted packets with the expert;...
Date: 06/02/2004
Disclaimer
These postings are provided "AS IS" with no warranties, and confers no rights. The content of this...
Date: 06/02/2004
Network Sniffing Tools
Posted on my favorite network sniffing tools.
Date: 06/01/2004
Network Sniffing Tools
Intro Network sniffing is a major part of my life -- I've probably pored over, on average, a trace a...
Date: 06/01/2004
Categorizing Packet Loss
I've quite frequently run into situations where I've been asked to diagnose packet loss based only...
Date: 06/01/2004
Bio
I recently realized that I spend a lot of time writing about things that I know only a little about...
Date: 06/01/2004