Browse by Tags

Good Morning AskPerf!  Today’s post is a bit of a departure from what we normally discuss, but since this past Sunday was Father’s Day, I thought this might be an interesting topic to share.  Actually, this conversation came up while I was having lunch with my parents.  My daughters are...

APPLICATION COMPATIBILITY - USER ACCOUNT CONTROL (UAC) Description: User Account Control (UAC) is the functionality within Windows Vista that allows a user to run under a safer, less privileged context, but switch to an Administrator context when needed. Under normal circumstances, every user...

Over the last couple of weeks, there has been an uptick in the number of different malware programs aimed at exploiting the vulnerability patched in MS08-067 .  If you’ve been monitoring the various security websites and blogs, then you’ve probably already seen information on malware such as Worm...

Hello AskPerf readers, it’s Don Geddes again and I’m back with that post that I promised you about that pesky dialog box that we all know so well. In this post, I’m going to walk through some common client/server scenarios and explain the technical details of what generates the “Unknown Publisher” dialog...

Hello AskPerf readers!  My name is Leena Nair, and I am a Support Engineer on the Performance team.  Over the last couple of months, I’ve had some very interesting discussions with customers regarding anti-virus software selection, and I thought it might be interesting to share some pieces...

Welcome back AskPerf Readers. In my last post we covered the basics of Network Access Protection (NAP) – what it is, and what it can (and can’t!) do for you. Today we’re going to go over the various components of NAP. The diagram below from the NAP Architecture Whitepaper (the link to the Whitepaper...

We've talked about security in previous posts.  We've also talked about SMB, Large File Copies and a number of other networking-related issues.  Today we're going to talk about Network Access Protection (NAP) and its role in the enterprise.  Now, I know you're probably asking yourself...

Privacy.  Personally Identifiable Information.  Choice.  Disclosure.  These are all key concepts in the digital age.  We expose more of our personal data electronically than at any time in our history.  IE8 gives users more choice about controlling what information is shared...

We often get questions on configuring Terminal Server Authentication.  The questions have less to do with configuring a simple logon scenario than they do with preventing attacks, in particular “Man in the Middle” attacks – especially when the Terminal Servers may be publicly accessible.  For...

OK, so today's isn't really something "Performance" related, but nevertheless, I think we can all safely agree that this is something that all administrators should be aware of.  During our Windows Vista and Windows Server 2008 posts we've been talking about "reducing the attack surface"...

Welcome to Day Twenty-One.  We're three weeks into our series and there are only six days left.  Today's topics for discussion are Frontside Authentication and Single Sign-On (SSO) in the Terminal Services space.  So, let's get started ... Frontside Authentication is a new connection process...

Welcome to Day Sixteen.  We're continuing on with our series on Windows Server 2008 in preparation for the launch.  Today, we're going to look at Terminal Server security in Windows Server 2008 - specifically Network Level Authentication and Encryption. Terminal Server security may be enhanced...

There's only three weeks to go till Launch Day.  Today, we're going to talk about the Dynamic Link Library (DLL) Loader and Address Space Load Randomization.  In Windows Vista and Windows Server 2008, when talking about process and thread creation, it is important to understand the role of...

Day Three of our series of posts in preparation for the Windows Server 2008 Launch and the countdown continues.  If it's a weekend for you, I hope you are enjoying yourself.  Only twenty-four more days to go till Launch Day.  Today's post - Windows Service Hardening. Windows Service Hardening...

Today we're going to wrap up our overview of Browser Helper Objects with a look at BHO's and Security as well as similarities between BHO's and Shell Extensions.  If you recall from our first post on BHO's , a BHO is an extension to Internet Explorer that adds customization and functionality. ...

In our last few posts on Internet Explorer, we've looked at ActiveX Controls.  Today we're going to take a look at the Basics of Browser Helper Objects (BHO's).  We're not going to cover BHO's and Security in this post, that will be covered in our next post on BHO's. First off, what is a BHO...

One of the most common calls that we get relates to the warning dialogs, the "gold bar" message or even the infamous "Red X" image being displayed where the ActiveX control should be loaded.  In some instances, the problem is caused by a failure of the control itself.  However...

Here on the Perf team, we deal with quite a few printing issues. An issue we've had a few calls on since the release of Windows Vista concerns the changes made to the Point & Print functionality. Point & Print is a Windows feature that enables users to connect to a shared printer without the...

In Windows XP, Windows Server 2003, and earlier versions of the Windows operating system, all services run in the same session as the first user who logs on to the console. This session is called Session 0. Running services and user applications together in Session 0 poses a security risk because services...

Before looking at the new Phishing Filter for IE7 and what it does, it is important to understand what Phishing is, and some common Phishing techniques. Phishing is a criminal activity. Using social engineering techniques, phishers attempt to fraudulently acquire sensitive information - such as usernames...