Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

February, 2007

  • How secure is your router?

    It is interesting to see, how the threats and problems move over time - but basically the core problems remain the same: Standard passwords that have not been changed, poorly configured systems, unpatched computers, and - last but not least - no "Secure...
  • UAC and the discussions around it

    Well, a lot of time when I talk to people about Windows Vista, two things pop up: User Account Control and Digital Rights Management. I will save DRM for an other post but I think that there are two blog posts you could read with regards to UAC: Jeff...
  • Secure the Wireless Network - 101

    You know that feeling, don't you: Your neighbor has set up a wireless network, you switch on your PC and see it. It is completely open and unsecured - as they are out of the box. Now you have two options: Ignore it and leave your neighbor vulnerable or...
  • Securing your Router Part II

    In my last post, I wrote about the risk of not changing the router passwords. Well, if you need one, Bruce Schneier just posted a link to an extensive list of default passwords: http://www.schneier.com/blog/ I think that it would be time that router...
  • Security Technology Labs

    One of the problems I often face is, that in order to play with technology, I need to spend quite some time to set up a basic environment to then, finally, install the software on I want to test. I then started to have a test environment with several...
  • Selling Vulnerabilities?

    Think about it: You found a way of breaking into my house (would not be too hard though but let's just use this as an example) and you are selling this knowledge to intruders. Is this legal? Is this ethical? I mean, my home has vulnerabilities and if...
  • Application Security Issues - The Top Ten

    We are talking a lot of security issues in the infrastructure or with the users. We often overlook the application as a possible source for vulnerabilities. Pretty often, as an example, vulnerabilities in backup software cause major problems. Here...
  • Attacks to root DNS-servers

    Over the last few days, we have seen some DDOS-style attacks to some root DNS. Still a lot of speculations are going on. If you look at the traffic pictures at: http://dnsmon.ripe.net/dns-servmon/domain/plot?domain=root&day=5&month=2&year...