Last week, I discussed the updates to the active profiles and port ranges within rules features. Today, I wanted to talk about a couple encryption and authorization features. Specifically, the ability to dynamically create encryption tunnels and manage the users/computers that can and cannot communicate to the firewalled network service.
The dynamic encryption feature [...]

Recently, I was onsite at a vendor’s office as part of the Bandolier project and ran into a situation where the Win2k3 firewall was not enabled or configured. After the onsite visit and a little Firewall enabling, I started to think about how much the Windows Firewall has changed since WinXP/Win2k3. Specifically, I [...]

Fuzzing is growing up.  From the academics of the late 80s throwing random data at unix command line tools, to the early work by researchers and commercial groups in the last 90s and early 2000s, to the explosion of fuzzing topics at conferences around the world about 5 years ago its come a long way.
As [...]

There’s a great write-up on building and maintaining a Windows tiered patching infrastructure over at Ars Technica today. It sets up like this:
Windows updates have historically been a constant annoyance for IT staff. Manual updates were a huge pain, and, while the advent of the Automatic Update feature improved the situation, it brought with it [...]

Yes, you read the title correctly. There is a new and improved security driven version of Windows being distributed. The National Institute for Standards and Technology, the Defense Information Systems Agency and the Center for Internet Security consulted on this product to help create the most secure configuration of Windows yet. It [...]

Two researchers from Microsoft’s Security Engineering Center (MSEC) gave an interesting presentation at the CanSecWest conference last week.  The researchers detailed a project created by MSEC that is supposed to help detect exploitable software.  The project, !exploitable (pronounced “bang exploitable”) Crash Analyzer, is a tool that helps automate the detection of bugs in an application [...]

Even while some engineers are still dealing with Windows NT (or much older) servers and workstations, Windows Vista and Server 2008 are making their way into control system environments. It doesn’t seem that long ago that I was heading up a committee on whether to upgrade to Windows 2000 or XP, but I digress.
I’ve been [...]

It’s a busier day than usual in regards to network security, and a couple of those events are worth noting here.
For starters it looks like some malware delivery website(s) are targeting industrial control software.  An older vulnerability in an ActiveX control included with ICONICS OPC-enabled visualization tools is being actively exploited by at least one [...]

Bryan Owen of OSIsoft, a Portaledge participant, shared some more information on the Microsoft Server Core patching situation. Remember Server Core is the minimal installation of Server 2008 so it has a small attack surface, no GUI and hopefully much less patching is required. A few points:

Auto update is turned off by default which makes [...]

Previously we recorded a podcast on the minimal install / small attack surface install of Windows Server 2008 called Server Core. One benefit of a smaller attack surface should be fewer security patches. We made some estimates on the reduced patching if a Server Core had existed for Server 2003, but this admittedly was an [...]