Blog - Title

June, 2005

  • Buffer Overflows in Regmon Traces

    Last time I talked about buffer overflow errors that you might see in Filemon traces. Now I’ll turn my attention to the same errors, but in Regmon traces. Recall that a buffer overflow error in this context is not a security hole, but a way for the system...
  • Popup Blocker? What Popup Blocker?

    A couple of weeks ago I came across a site in my web wandering and had a popup. This, despite the fact that I’m running either Avant Browser or Maxthon . Avant Browser and Maxthon are applications that wrap Internet Explorer (IE) with all the features...
  • An Explosion of Audit Records

    One of the topics I cover in the security module of the Windows internals seminar that I teach with Dave Solomon is auditing. I demonstrate object access auditing by enabling failure auditing in the Local Security Policy Editor (which you launch by typing...