Security

Windows 7 and Direct Access: The Anywhere Experience

Over the past few weeks, Windows 7 Release Candidate has been widely downloaded, used, praised (including by some very vocal critics), and loved. It’s easy to fall in love with the Windows 7 user experience, and I don’t just mean the lovely wallpapers and themes that are in stark contrast to the kind of visual […]

More →

ASN1 Bad Tag Error Installing an SSL Certificate in IIS 7

You’ve installed SSL certificates on previous versions of IIS more times than you care to remember. It’s no rocket science – you create a certificate request, request the certificate from a Certification Authority, get the certificate and complete your certificate request. Then there’s IIS 7. Modularized. Optimized. Secure. You follow the same procedure as you […]

More →

Internet Explorer 8 and OWA: Where Are The Images?

Internet Explorer 8 was released last week at MIX09. It’s likely many users may already be running either the RTM version or one of the earlier betas. IE 8 is more secure than previous versions (see Stay Safer Online for a list of IE8’s security features), including some of the default settings. Here’s one of […]

More →

Google Docs’ Privacy Blunder: Shares Your Docs Without Permission

Just as I was beginning to warm up to certain kinds of cloud computing comes news of Google Docs’ “privacy blunder”. Google has sent a notice to a number of users notifying them that it may have inadvertently shared some of their documents with contacts who were never granted access to them. Jason Kincaid writes […]

More →

Released: Update Rollup 6 for Exchange 2007 Service Pack 1

Update Rollup 6 for Exchange Server 2007 SP1 has been released. Download it here. As noted in previous posts, Exchange 2007 updates are cumulative and release-specific. Additionally, as Ananth notes in the post on the Exchange team blog (read ‘Update Rollup 6 for Exchange Server 2007 Service Pack 1 Released‘), this update has a fix […]

More →

McCain Campaign Sells Loaded BlackBerry Smartphones

As part of winding down operations, the McCain-Palin campaign ended up making yet another security foible – the campaign sold 10 BlackBerry smartphones without wiping them clean. According to Fox News, the devices with confidential campaign data on them were sold for $20 each. More in McCain Campaign Sells Info-Loaded Blackberry to FOX 5 Reporter.

More →

SCRIPT: List Delegates With Send On Behalf Access

Send On Behalf access allows a user to send mail on behalf of the mailbox owner. Figure 1: Send On Behalf access can be assigned from ADUC | recipient properties | Exchange General | Delivery Options, or by the mailbox owner using Microsoft Outlook Here’s a script that lists all users with delegates. File: listDelegates.zip […]

More →

Microsoft: “High Priest of Secure Software Development”

From a company most frequently bashed for the security woes of the world, Microsoft has morphed into what CNET calls the “high priest of secure software development”, which is now helping others develop secure software. The Trustworthy Computing Initiative started six years ago is paying off. More in ‘Microsoft becomes high priest of secure software […]

More →

Where are mailbox last logon, client IP address and other details in Exchange 2007 & Exchange 2010?

In Exchange Server 2003/2000, expanding a Mailbox Database (MDB) provides information about mailboxes in a database, last logon/logoff times and account(s) that logged on to mailboxes (see ‘Displaying Client IP Address in Exchange System Manager‘ for details). Figure 1: In Exchange 2003, the Logons node displays Store logon-related information. Click here to see a bigger […]

More →

IIS 7 Authentication: What happened to the IUSR_MachineName account?

In previous versions of IIS, the IUSR_MachineName account is created for anonymous authentication. This is an actual user account created on the server (a domain account can be used in domain environments), and like all user accounts— it has a SID, and an account password with the accompanying management costs and risks. One of the […]

More →