Browse by Tags

Tagged Content List
  • Blog Post: IE7 - Introducing the Phishing Filter

    Before looking at the new Phishing Filter for IE7 and what it does, it is important to understand what Phishing is, and some common Phishing techniques. Phishing is a criminal activity. Using social engineering techniques, phishers attempt to fraudulently acquire sensitive information - such as usernames...
  • Blog Post: The Basics of Browser Helper Objects

    In our last few posts on Internet Explorer, we've looked at ActiveX Controls.  Today we're going to take a look at the Basics of Browser Helper Objects (BHO's).  We're not going to cover BHO's and Security in this post, that will be covered in our next post on BHO's. First off, what is a BHO...
  • Blog Post: WS2008: Windows Service Hardening

    Day Three of our series of posts in preparation for the Windows Server 2008 Launch and the countdown continues.  If it's a weekend for you, I hope you are enjoying yourself.  Only twenty-four more days to go till Launch Day.  Today's post - Windows Service Hardening. Windows Service Hardening...
  • Blog Post: Network Access Protection for the non-Network Admin

    We've talked about security in previous posts.  We've also talked about SMB, Large File Copies and a number of other networking-related issues.  Today we're going to talk about Network Access Protection (NAP) and its role in the enterprise.  Now, I know you're probably asking yourself...
  • Blog Post: Introduction to ActiveX - Part Three: Security and Security Zones

    One of the most common calls that we get relates to the warning dialogs, the "gold bar" message or even the infamous "Red X" image being displayed where the ActiveX control should be loaded.  In some instances, the problem is caused by a failure of the control itself.  However...
  • Blog Post: “Unknown Publisher”??? Part Two

    Hello AskPerf readers, it’s Don Geddes again and I’m back with that post that I promised you about that pesky dialog box that we all know so well. In this post, I’m going to walk through some common client/server scenarios and explain the technical details of what generates the “Unknown Publisher” dialog...
  • Blog Post: Windows 7 – Parental Controls

    Good Morning AskPerf!  Today’s post is a bit of a departure from what we normally discuss, but since this past Sunday was Father’s Day, I thought this might be an interesting topic to share.  Actually, this conversation came up while I was having lunch with my parents.  My daughters are...
  • Blog Post: IE8 and Privacy

    Privacy.  Personally Identifiable Information.  Choice.  Disclosure.  These are all key concepts in the digital age.  We expose more of our personal data electronically than at any time in our history.  IE8 gives users more choice about controlling what information is shared...
  • Blog Post: NAP 101 – The Components of NAP

    Welcome back AskPerf Readers. In my last post we covered the basics of Network Access Protection (NAP) – what it is, and what it can (and can’t!) do for you. Today we’re going to go over the various components of NAP. The diagram below from the NAP Architecture Whitepaper (the link to the Whitepaper...
  • Blog Post: APP: Application Compatibility - User Account Control (Windows Vista +)

    APPLICATION COMPATIBILITY - USER ACCOUNT CONTROL (UAC) Description: User Account Control (UAC) is the functionality within Windows Vista that allows a user to run under a safer, less privileged context, but switch to an Administrator context when needed. Under normal circumstances, every user...
  • Blog Post: WS2008: Frontside Authentication and SSO

    Welcome to Day Twenty-One.  We're three weeks into our series and there are only six days left.  Today's topics for discussion are Frontside Authentication and Single Sign-On (SSO) in the Terminal Services space.  So, let's get started ... Frontside Authentication is a new connection process...
  • Blog Post: WS2008: Dynamic Link Library Loader and Address Space Load Randomization

    There's only three weeks to go till Launch Day.  Today, we're going to talk about the Dynamic Link Library (DLL) Loader and Address Space Load Randomization.  In Windows Vista and Windows Server 2008, when talking about process and thread creation, it is important to understand the role of...
  • Blog Post: Windows Vista - Point & Print

    Here on the Perf team, we deal with quite a few printing issues. An issue we've had a few calls on since the release of Windows Vista concerns the changes made to the Point & Print functionality. Point & Print is a Windows feature that enables users to connect to a shared printer without the...
  • Blog Post: Key Principles of Security

    OK, so today's isn't really something "Performance" related, but nevertheless, I think we can all safely agree that this is something that all administrators should be aware of.  During our Windows Vista and Windows Server 2008 posts we've been talking about "reducing the attack surface"...
  • Blog Post: Two Minute Drill: Five Things to think about regarding Anti-Virus software

    Hello AskPerf readers!  My name is Leena Nair, and I am a Support Engineer on the Performance team.  Over the last couple of months, I’ve had some very interesting discussions with customers regarding anti-virus software selection, and I thought it might be interesting to share some pieces...
  • Blog Post: MS08-067: Worms, Worms, Worms

    Over the last couple of weeks, there has been an uptick in the number of different malware programs aimed at exploiting the vulnerability patched in MS08-067 .  If you’ve been monitoring the various security websites and blogs, then you’ve probably already seen information on malware such as Worm...
  • Blog Post: WS2008: Network Level Authentication and Encryption

    Welcome to Day Sixteen.  We're continuing on with our series on Windows Server 2008 in preparation for the launch.  Today, we're going to look at Terminal Server security in Windows Server 2008 - specifically Network Level Authentication and Encryption. Terminal Server security may be enhanced...
  • Blog Post: Application Compatibility - Session 0 Isolation

    In Windows XP, Windows Server 2003, and earlier versions of the Windows operating system, all services run in the same session as the first user who logs on to the console. This session is called Session 0. Running services and user applications together in Session 0 poses a security risk because services...
  • Blog Post: Terminal Servers and the “Man in the Middle”

    We often get questions on configuring Terminal Server Authentication.  The questions have less to do with configuring a simple logon scenario than they do with preventing attacks, in particular “Man in the Middle” attacks – especially when the Terminal Servers may be publicly accessible.  For...
  • Blog Post: BHO's, Security and Shell Extensions

    Today we're going to wrap up our overview of Browser Helper Objects with a look at BHO's and Security as well as similarities between BHO's and Shell Extensions.  If you recall from our first post on BHO's , a BHO is an extension to Internet Explorer that adds customization and functionality. ...