Bryan Owen of OSIsoft, a Portaledge participant, shared some more information on the Microsoft Server Core patching situation. Remember Server Core is the minimal installation of Server 2008 so it has a small attack surface, no GUI and hopefully much less patching is required. A few points:

Auto update is turned off by default which makes [...]

Previously we recorded a podcast on the minimal install / small attack surface install of Windows Server 2008 called Server Core. One benefit of a smaller attack surface should be fewer security patches. We made some estimates on the reduced patching if a Server Core had existed for Server 2003, but this admittedly was an [...]

ASLR has been an interesting topic in the security world since Vistas release, but there hasn’t been a lot of discussion of it in a SCADA context.  For those of you who don’t know ASLR is a technology used by Windows Vista and Server 2008 that changes the memory address space that programs are loaded into each [...]

Our podcast and blog on Microsoft’s new minimal attack surface Server Core seemed to get the same reaction Server Core got at the MSMUG summit - - little or none. We believe this is an important development, even potential top ten story for 2008, so let me try another way.
We reviewed the 25 security bulletins [...]

Minimizing your attack surface is an important security principle. This has been a challenge with bloated operating systems, but this is changing with an interesting build of Windows 2008 Server called Server Core. To make matters even more interesting, a control system vendor will soon release an application on Server Core. Hopefully this is the [...]

 

 Server Core for Control Systems: Play Now | Play in Popup | Download

For the past week I have been looking at the MS08-008 OLE remote execution vulnerability. During that time, I have been speaking with an exploit writer who wishes to remain anonymous. According to my anonymous source, the vulnerability exists within the ActiveX class MSForms Image and uses the IImage Interface. As the vulnerability [...]

Catching up on some magazines on airplane rides I ran across a feature in the September issue of Automation World, Vista and Office 2007 Target Manufacturing. Sounds interesting. To my great surprise it read like a PR piece and most of the benefits listed had nothing to do with control systems.
Let me give you [...]

There’s been a delay in releasing the final paper of the three part OPC Security Whitepaper series as the paper has been going through some extensive testing. Our initial testing was with a limited amount of servers as a large amount of OPC servers exist and we’ve started to build a list on the SCADApedia [...]

Many SCADA and DCS vendors are integrating their applications with Microsoft’s Active Directory. There are some benefits to this:

Control system vendors no longer need to develop and maintain user management system and other directory services (typically not a core competency)
Support for strong, two-factor authentication
Group policy to harden OS platforms
Single sign-on

However one of the benefits we [...]

Dale previously blogged about Peter Gutmann’s whitepaper on Vista. Peter’s paper is constantly updated with information regarding Vista and it’s new “features”.
I was wondering if Microsoft would answer to Peter’s whitepaper and maybe comment or correct him on any misnomers. Some of the Microsoft Vista Development team decided to fill in the blanks and do [...]