Steve Lamb's Blog : Articles

Articles (RSS)

How to secure your web server and transactions via PKI and ISA - check out my detailed article in TechNet Magazine

I've recently written an article for November/December's TechNet Magazine which looks in detail at how to secure both your web server and transactions between it and your customer's browser(s). It's pretty technical and is approximately two Read More

posted Thursday, November 03, 2005 9:24 AM by Steve Lamb | 1 Comments
Filed Under: How to Articles, Security Systems, Articles, Information, Information Security

Royal Holloway MSc in Computer Security

<I've edited this post to add a link to the pictures together with the following image> Thank you to everyone I met at Royal Holloway from the MSc in Computer Security (distance learning) course. I can honestly say I rarely get to meet to many Read More

posted Monday, September 19, 2005 2:05 PM by Steve Lamb | 4 Comments
Filed Under: Events, How to Articles, Security Systems, Articles, blogcasts, Discussions, Information, Information Security, Wireless technology

"Robin Hood" syndrome - Hackers donate YOUR money to support Katrina relief efforts!

Just browse to a recent article on Brian Krebs' "Security Fix" column to read all about Phishers who appear to be donating to the relief effort using the credit card details of their victims! Read More

posted Tuesday, September 13, 2005 10:53 AM by Steve Lamb | 0 Comments
Filed Under: Articles, Information, Information Security

What's the best way to build/design/architect a windows server environment?

Shawn posted an interesting article along these lines which is accessible here Browse to http://www.microsoft.com/msa to download free blueprint guidance for building a wide range of data centre scenarios. MSA stands for Microsoft Systems Architecture, Read More

posted Tuesday, June 07, 2005 3:18 PM by Steve Lamb | 0 Comments
Filed Under: How to Articles, Security Systems, Articles, Information, Information Security

Add security requirements to your functional spec and acceptance testing as the result will be more secure code and less risk

Matthew Fisher has written written an interesting article for the Industry Insider's blog which is hosted on TechNet. We're getting quite a few submissions from people like Matt who have best practise advise for you based on their practical experience. Read More

posted Friday, May 20, 2005 12:22 PM by Steve Lamb | 0 Comments
Filed Under: How to Articles, Security Systems, Articles, Information, Information Security

Security in operation article looking at the Security notifications for Microsoft Redhat and Novell Suse

How do you compare and make sense of the security vulnerability announcements from different vendors? Jeff Jones's short article looks into the way Redhat, Novell Suse and Microsoft announce vulnerabilities in their software and suggests Read More

posted Thursday, May 12, 2005 3:20 PM by Steve Lamb | 1 Comments
Filed Under: Security Systems, Publications, Articles, Information Security

Nice article about preventing SQL Injection

Rhys Wilkins recently made me aware of an article which advises several good practises in making sure your code isn't susceptable to SQL Injection attacks. The first prosecution (that I've heard of) was way back in 1996! The article is Read More

posted Friday, May 06, 2005 11:46 AM by Steve Lamb | 0 Comments
Filed Under: How to Articles, Security Systems, Articles, Information Security

What is RIPA and why is it important to your organisation?

RIPA is an acronym for The Regulation of Investigatory Powers Act 2000 which is a piece of UK legislation governing the right of the authorities to recover information from UK organisations as required for investigations. I am not a legal expert, make Read More

posted Friday, February 25, 2005 3:29 PM by Steve Lamb | (Comments Off)
Filed Under: Security Systems, Articles, Discussions, Information Security

How Microsoft secure our own systems - ITShowCase

Another resource I've mentioned when presenting @ TechNet events is ITShowCase - the following URL is the home of a wealth of information (including "how to" build guides) written by our internal technical administrators and architects when building and Read More

posted Friday, February 25, 2005 3:15 PM by Steve Lamb | (Comments Off)
Filed Under: How to Articles, Security Systems, Articles, Discussions, Information Security, Wireless technology

Looking for UK security metrics? The DTI Information Security Breaches report can be found here..

I've spoken at a number of TechNet events recently at which I've mentioned the DTI report as a useful source of UK metrics for security breaches and risks. The latest report(released in 2004) is located at the following URL. http://www.infosec.co.uk/page.cfm?HyperLink=http://www.infosec.co.uk/files/DTI_Survey_Report.pdf Read More

posted Friday, February 25, 2005 3:12 PM by Steve Lamb | (Comments Off)
Filed Under: Security Systems, Articles, Information Security

For those who haven't heard yet there's a way to compute SHA-1 hashes faster than brute force

Bruce's recent article has started a great deal of debate. Clearly the implications for the way cryptographic signatures are relied upon more and more come into question. IMHO the sky's not about to fall down but certainly it's sensible for all software Read More

posted Friday, February 25, 2005 6:25 PM by Steve Lamb | 2 Comments
Filed Under: Blogs, Security Systems, Articles, Information Security

Threats Vulnerabilities and Exploits to mobile phones, PDAs, mobile devices and cars as discussed in a report published this week by IBM Security Intelligence Services

I've just read the summary to an IBM Report which discusses the perceived risk of security problems on mobile devices and even cars akin to those suffered by Personal Computer users today. This is something I've been thinking of writing about Read More

posted Sunday, February 13, 2005 10:13 AM by Steve Lamb | 2 Comments
Filed Under: Blogs, Security Systems, Websites, Whitepapers, Articles, Discussions, Information, Information Security

What is the Padlock for in Internet Explorer? Claims of Breaking SSL in Internet Explorer

I've seen sessions @ security events which claim to "Break SSL in Internet Explorer" & recently received an email along the same lines (listed after the next couple of paragraphs starting "Subject"). The "Padlock" is part of Internet Explorer as Read More

posted Tuesday, February 08, 2005 10:14 AM by Steve Lamb | 1 Comments
Filed Under: How to Articles, Security Systems, Articles, Information Security

I'm in a cool discussion on Blogging by Robert Scoble

Robert's talking to a whole bunch of folk who want to blog but are terrified! I find Blogging's a little like a first date - pretty scary ahead of time, generally lots of fun when you stop worring and get on with it - of course that's not the case with Read More

posted Tuesday, January 18, 2005 6:41 PM by Steve Lamb | 2 Comments
Filed Under: Blogs, Articles

Threat Modelling helps Microsoft Developers to build more secure code

Larry Osterman's posted a really interesting article explaining how Threat Modelling helps his team improve the security of the code they develop. As Larry goes on to explain the technique's not new, nor is it rocket science and yet it's often under utilised Read More

posted Sunday, January 16, 2005 3:12 AM by Steve Lamb | (Comments Off)
Filed Under: Blogs, How to Articles, Security Systems, Articles, Information Security

Steve Lamb's Blog

Search

Archives

News

Post Categories

Disclaimer

Interesting Security Blogs

MSFT Evangelists

Other Blogs

Misc