Welcome to TechNet Blogs
Sign in
|
Join
|
Help
Steve Lamb's Blog
Security Matters
RSS 2.0
Atom 1.0
Home
About
Email
<
May 2005
>
Su
Mo
Tu
We
Th
Fr
Sa
24
25
26
27
28
29
30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
3
4
Search
Go
Archives
August 2006 (16)
July 2006 (18)
June 2006 (15)
May 2006 (29)
April 2006 (38)
March 2006 (22)
February 2006 (19)
January 2006 (8)
December 2005 (14)
November 2005 (16)
October 2005 (18)
September 2005 (23)
August 2005 (15)
July 2005 (30)
June 2005 (31)
May 2005 (38)
April 2005 (19)
March 2005 (2)
February 2005 (8)
January 2005 (19)
December 2004 (17)
November 2004 (15)
News
The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion. Inappropriate comments will be deleted at the authors discretion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
If you'd prefer to talk rather than type then please feel free to contact me on the following number - remember that I'm based in London!
+44 7812 980621
Post Categories
Articles (31)
Beta Products (17)
blogcasts (15)
Blogs (47)
Books (7)
Chats (0)
Discussions (38)
Events (109)
How to Articles (165)
Information (301)
Information Security (309)
Integration / LINUX (5)
Interviews (8)
JourneyThrough: Network Access Protection (3)
News (8)
News Groups (0)
Newsletters (0)
Nothing to do with Security whatsoever (23)
Posters (0)
Publications (7)
Security Systems (297)
Social Engineering (27)
Training (21)
User Groups (7)
Webcasts (28)
Websites (24)
Whitepapers (10)
Windows Vista (18)
Wireless technology (24)
Disclaimer
Please read
Interesting Security Blogs
Steve Riley
Bruce Schneier
Rafal Lukawiecki
Mark Russinovich
Jesper Johansson
Alun Rogers
Michael Howard
MSFT Evangelists
Eileen Brown
William Gunaratne
Steve Horne
Melville
James O'Neill
Other Blogs
My Mobile/Picture Blog(moblog)
Sarah Blow's Dev Mobile Wifi Blog
Mr Mobile - Jason Langridge
John Howard
Misc
Technorati Profile
Blogcast Repository
Microsoft Open Source(!) Software Lab
Channel9 - MSFT warts and all!
May 2005 - Posts
What blogcasts is Steve going to produce following questions on the technical roadshow
I'll record blogcasts showing you how to do the following: Use the Encrypting File System(EFS) and backup/recover the keys Configure Protected Extensible Authentication Protocol(PEAP) for wireless security Configure Extensible Authentication Protocol
Read More
posted
Tuesday, May 31, 2005 1:52 PM
by
Steve Lamb
|
2 Comments
Filed Under:
Events
,
How to Articles
,
Security Systems
,
Information
,
Information Security
How to secure your network via segmentation using IPSec
Head to http://www.microsoft.com/ipsec for details of how to use this important feature of Windows XP, Windows 2000 Server and Windows Server 2003.
Read More
posted
Friday, May 27, 2005 6:13 PM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Security Systems
,
Information
,
Information Security
What links did Steve mention at the Technical Roadshow in Birmingham
Those of you who join us at the Technical roadshow in Birmingham earlier in the week may recall that I mentioned a series of links - particularly at the end of the show. Here's a list: http://www.blogcastrepository.com - this is a site hosted by Brian
Read More
posted
Friday, May 27, 2005 5:45 PM
by
Steve Lamb
|
2 Comments
Filed Under:
Events
,
Security Systems
,
Information
,
Information Security
How to display information about your config on the screen like I did at the Technical Roadshow in Birmingham
It was great to see so many of you at yesterday's technical roadshow in Birmingham. Many people asked me what software I was running on the demo machines as they had information listed on the backdrop detailing IP address, hostname et al. I use a utility
Read More
posted
Thursday, May 26, 2005 3:51 PM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Security Systems
,
Information
,
Information Security
Effective ways to use least privilege
Check out Aaron Margosis' blog for tricks and tips to make it easier for you (and those around you!) to run with Least Privilege User Access(LUA). We're no doubt all familiar with the argument of "I need Administrator/root access to do my job" - and of
Read More
posted
Monday, May 23, 2005 10:14 AM
by
Steve Lamb
|
3 Comments
Filed Under:
Blogs
,
How to Articles
,
Security Systems
,
blogcasts
,
Information
,
Information Security
Learn about rootkits malware and network isolation from subject matter experts, testers and editors who create security guidance solutions namely the Microsoft Solutions for Security(MSS) team
I'm a huge fan of getting the most value from the software I already have - I always talk about this at events and in papers I write. The Microsoft Solutions for Security(MSS) team produce prescriptive guidance to show you exactly HOW to get the most
Read More
posted
Saturday, May 21, 2005 9:53 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
How to Articles
,
Training
,
Security Systems
,
Information
,
Information Security
,
Wireless technology
Add security requirements to your functional spec and acceptance testing as the result will be more secure code and less risk
Matthew Fisher has written written an interesting article for the Industry Insider's blog which is hosted on TechNet. We're getting quite a few submissions from people like Matt who have best practise advise for you based on their practical experience.
Read More
posted
Friday, May 20, 2005 12:22 PM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Security Systems
,
Articles
,
Information
,
Information Security
Send messages to your MSN Space from your mobile phone
With SMS to Spaces you can easily send text messages to your MSN Space even if you are not near a PC! There is no charge for sending messages to your MSN Space however standard mobile charges apply. So you can be out on the road and still post text entries
Read More
posted
Thursday, May 19, 2005 2:35 PM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Beta Products
,
Information
IT's Showtime - webcasts from Steve Riley, Jesper and Rafal
Follow this link to access free webcasts from technical experts showing you how to get the maximum value from a range of Microsoft technologies including Security of course. Please give feedback to this post if there are topics you'd like us to cover
Read More
posted
Thursday, May 19, 2005 1:44 PM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Training
,
Security Systems
,
Webcasts
,
Information
,
Information Security
Recommended security sessions from our free TechNet Virtual Labs
IMHO many of the most interesting security labs are actually listed under "Microsoft Windows Server 2003" in the labs - these include IPSec, Group Policy and Rights Management. I've listed the available sessions for both below - just incase my earlier
Read More
posted
Thursday, May 19, 2005 9:24 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Training
,
Security Systems
,
Information
,
Information Security
,
Wireless technology
When are TechNet heading to a town near you?
People often ask me when TechNet plan to host security events North of London. I was born in Yorkshire and hence am well aware that we should head outside of the South East when we can. Well as you may be aware the Technical roadshow has already visited
Read More
posted
Thursday, May 19, 2005 8:13 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
Training
,
Security Systems
,
Information
,
Information Security
Free TechNet Virtual Labs - learn how to use just about every windows security feature on our test servers via your browser!
TechNet Virtual LabsEver wanted to test Microsoft's newest software in a totally secure sandbox environment? Wouldn't it be great to be able to test new servers immediately, without formatting hard drives or dedicating one or more computers to the project?
Read More
posted
Wednesday, May 18, 2005 9:05 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Training
,
Security Systems
,
Information
,
Information Security
,
Wireless technology
There are only three days left for you to qualify for a discounted TechEd Europe ticket
There's a discount of Three Hundred Euros if you register for this year's TechEd Europe in the next three days. The event includes a pre-conference day on Monday 4th July, the main conference runs from Tuesday 5th to Friday the 8th July in Amsterdam.
Read More
posted
Tuesday, May 17, 2005 3:32 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
How to Articles
,
Training
,
Security Systems
,
Information
,
Information Security
MSN Desktop Search is now complete and available for free download
I'm sure I'm not alone in getting frustrated that I can find what I'm looking for so quickly on the Internet and yet until recently it took forever to find information by keyword search on my local PC! The finished code for MSN Search Toolbar is now
Read More
posted
Tuesday, May 17, 2005 9:34 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Information
Free webcasts showing you exactly HOW to solve many of today's security problems using software you already own!
I'm a firm believer in making the most of what you have. If you've ever seen me speak you'll be familiar with my message that Windows includes a comprehensive range of security features and functions that quite often can be used out of the box to effectively
Read More
posted
Tuesday, May 17, 2005 8:51 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Training
,
Security Systems
,
Webcasts
,
Information Security
,
Wireless technology
Security Myths - read an extract of the upcoming book titled Protect Your Windows Network
If you'd like more information to help dispel security myths in your organisation then I suggest you take a look at an extract from the upcoming book "Protect Your Windows Network" which was written by Jesper M. Johansson and Steve Riley. You can download
Read More
posted
Friday, May 13, 2005 3:32 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Blogs
,
Security Systems
,
Publications
,
Information Security
Security in operation article looking at the Security notifications for Microsoft Redhat and Novell Suse
How do you compare and make sense of the security vulnerability announcements from different vendors? Jeff Jones's short article looks into the way Redhat, Novell Suse and Microsoft announce vulnerabilities in their software and suggests
Read More
posted
Thursday, May 12, 2005 3:20 PM
by
Steve Lamb
|
1 Comments
Filed Under:
Security Systems
,
Publications
,
Articles
,
Information Security
Details of Rafal Lukawiecki's security seminars are now available on TechNet
You may recall that I mentioned this event a couple of weeks ago with the detailed post that's accessible here. Well as promised the event's now open for registration via the TechNet site - just click here to browse to the registration site. The event
Read More
posted
Wednesday, May 11, 2005 6:22 PM
by
Steve Lamb
|
1 Comments
Filed Under:
Events
,
Security Systems
,
Information Security
Find out more about the Security Development Lifecycle(SDL)
Many people ask me what substance exists to the Trustworthy Computing Initative and specificially what changes Microsoft have made to our development process to significantly increase the resilience of code. There's a interesting paper which was written
Read More
posted
Wednesday, May 11, 2005 3:04 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Would you like to be involved in setting the security agenda for vendors? Then perhaps you should join the Jericho Forum
Some members of the community have asked me about the Jericho Forum, what is it and where can they find out more. The Jericho Forum is completely vendor neutral and was formed by the heads of information security in a number of international organisations.
Read More
posted
Tuesday, May 10, 2005 6:51 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Thought Theives - how to raise the profile of security in your organisation
Microsoft are running a competition whereby entrants record a short film to highlight the growing problem of Intellectual Property(IP) theft and raise awareness at a consumer level. Details of the competition can be found here. I'm not expecting many
Read More
posted
Tuesday, May 10, 2005 5:59 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Microsoft Baseline Security Analyser v2 Beta is available
Incase you're not familiar with MBSA is a free utility which can be downloaded from <http://www.microsoft.com/mbsa> which you can use to scan systems in your environment to determine where patches are missing and where systems are misconfigured.
Read More
posted
Tuesday, May 10, 2005 3:31 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Guidance on how to improve your security policy
A number of people have asked me for suggestions of third party online references which provide guidance upon how to make better security policies. Clearly Risk and Security policy should be the foundation of all things security in each of our organisations
Read More
posted
Monday, May 09, 2005 5:55 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Presentation covering Windows Security Internals
The team @ Skilldrive http://www.skilldrive.com have put together a really interesting presentation which is targetted at developers but I think it works well for IT Professionals too. If you'd like to understand how the logon process works, how Windows
Read More
posted
Monday, May 09, 2005 4:56 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Who are the most interesting security speakers out there?
There are quite a few people in the Information Security Industry these days. Who do you like to listen to? and more importantly who provides you with useful information you can act upon? Such people may not be well known - let me know who you'd recommend.
Read More
posted
Monday, May 09, 2005 4:42 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
Free Security Videos for download including advice to avoid Phising and teaching children about safe browsing
There are a number of videos which can be freely downloaded from here - they are not technical but may be useful to help your friends and colleagues. The following sessions are available: 3 things you can do to prevent spyware What you should
Read More
posted
Monday, May 09, 2005 4:25 PM
by
Steve Lamb
|
1 Comments
Filed Under:
Security Systems
,
Information Security
What sensitive information is "lying around" in your office & who can access it?
It’s amazing how much you can find out about a person or organisation from simple "non-sensitive" pieces of information. I’m staggered how much information is freely available in public areas of most corporations. I view most large offices (apart
Read More
posted
Monday, May 09, 2005 4:21 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
What security problems are you finding most difficult right now?
I'm trying to avoid the tendancy of assuming that I know the pain you're going through when it comes to applying effective security techniques to your environment and/or that of your customers/clients. What I'm asking for hear is a reality check in the
Read More
posted
Monday, May 09, 2005 3:27 PM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
My Blog is now hosted on TechNet please use the new address
Recently my Blog was moved from http://blogs.msdn.com/steve_lamb to http://blogs.technet.com/steve_lamb and a redirect was set up from the old one to the new. Please use the technet address in future (and update your aggregator if you're using one)
Read More
posted
Monday, May 09, 2005 3:14 PM
by
Steve Lamb
|
0 Comments
Blogcast showing how to secure a home wireless network via WPA
I've recorded a Blogcast(short focused webcast) which demonstrates how to secure a home wireless network using Wireless Protected Access(WPA). The Blogcast itself can be accessed via this link. I show how to configure a LinkSys wireless access point to
Read More
posted
Monday, May 09, 2005 3:06 PM
by
Steve Lamb
|
3 Comments
Filed Under:
How to Articles
,
Security Systems
,
blogcasts
,
Information Security
,
Wireless technology
Nice article about preventing SQL Injection
Rhys Wilkins recently made me aware of an article which advises several good practises in making sure your code isn't susceptable to SQL Injection attacks. The first prosecution (that I've heard of) was way back in 1996! The article is
Read More
posted
Friday, May 06, 2005 11:46 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Security Systems
,
Articles
,
Information Security
Interesting articles about Rights Management Service Pack 1
Rights Management provides the capability for the author of a document or email to define the way in which the information can be used - the data is encrypted and it's rights "live" with the document. General information about Rights Management can be
Read More
posted
Thursday, May 05, 2005 8:44 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
,
Interviews
Free MIIS technical event which includes practical demonstrations - this is not a sales event
Come and spend a day with Microsoft and partner Identity Management experts who will demonstrate how to deal with user administration, security, compliance, directory services, single sign on, password management, and self service. There
Read More
posted
Wednesday, May 04, 2005 10:18 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
How to Articles
,
Security Systems
,
Discussions
,
Information Security
TechEd Europe is just around the corner
It seems like no time since ITForum and yet it's almost time for TechEd Europe which will take place in Amsterdam, there's a pre-conference day on 4th July, the main conference runs from 5 - 8th July. The pre-conference day offers a wide range of subjects
Read More
posted
Wednesday, May 04, 2005 10:05 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
Training
,
Security Systems
,
Information Security
Information about Network Access Protection(NAP) / Quarantine
Windows Server 2003 Service Pack 1 includes support for the Quarantine feature of Routing and Remote Access(RRAS). Quarantine can be used to automatically assess the "health" of client machines which attempt to access corporate resources via dial up or
Read More
posted
Wednesday, May 04, 2005 8:00 AM
by
Steve Lamb
|
1 Comments
Filed Under:
Security Systems
,
Information Security
What will it take to get security requirements added to the functional spec and hence acceptance testing
I've spoken to a number of people recently about how to improve the level of security in software that's written both "in house" and by third party developers. One thing that came up again and again is that it's very rare for security requirements to
Read More
posted
Wednesday, May 04, 2005 7:15 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Security Systems
,
Information Security
The Microsoft presentations from InfoSec will be posted as follows...
It was great to meet so many of you at InfoSec last week in London. As promised all of the presentations from our Security Academy(in the Pillar Room) will be posted for free download to the following URL http://www.microsoft.com/uk/technet/learning/
Read More
posted
Wednesday, May 04, 2005 7:04 AM
by
Steve Lamb
|
0 Comments
Filed Under:
Events
,
Security Systems
,
Information Security
How to segment your network via IPSec to isolate untrusted machines and limit the spread of worms
A series of seven papers covering all aspects of IPsec are now available for free download from our website. Microsoft recently deployed IPsec internally to isolate our network domains and prevent traffic from automatically passing between boundaries.
Read More
posted
Tuesday, May 03, 2005 11:43 AM
by
Steve Lamb
|
0 Comments
Filed Under:
How to Articles
,
Security Systems
,
Information Security