Skype for Business
See all products »
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2014 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
Microsoft Official Courses On-Demand
MCSA: Windows 10
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Steve Riley on Security
Formerly of Microsoft's Trustworthy Computing Group.
conferences and seminars
home and family security
infosec as a profession
the trade press
things that make me angry
things that make me laugh
things that make me worried
Browse by Tags
Steve Riley on Security
Internet Explorer security levels compared
A pretty good question came across the newsgroups the other day. Someone was asking what are the differences between IE's "medium" and "medium-high" security settings. I did some digging, and found only this on MSDN: About URL security zone templates . No wonder it's difficult to...
17 Sep 2008
Windows Vista vs. hotels
At many TechEds this year I've presented information about the new TCP/IP stack in Windows Vista. One of the important advances is its automatic performance tuning . With some of the early pre-release builds of Windows Vista, people were reporting problems with public Internet connections, most notably...
22 Nov 2006
Changing the SSL cipher order in Internet Explorer 7 on Windows Vista
Recently, the question of using AES for SSL has come up in the newsgroups and at some conferences. When IE makes an HTTPS connection to a web server, it offers a list of cipher supported cipher suites. The server then selects the first one from the list that it can match. The default order that IE follows...
7 Nov 2007
Curious about the ways Windows talks to the Internet? Here's your answer.
I was browsing through the Microsoft download pages today -- yeah, even we employees occasionally find little nuggets interspersed among the usual updates and such. I noticed a pair of whitepapers that will answer a common question I hear from many of you in emails and at conferences. You'll want to...
21 Dec 2006
Directly connect to your corpnet with IPsec and IPv6
Contrary to popular belief, the rumors of my demise have been greatly exaggerated. Well, ok, no actual rumors, but hey, one can dream, huh? My spring calendar was full of events in Asia and Australia, then TechEd US seemed to suddenly appear out of nowhere! So I've been kinda swamped. I've missed writing...
26 Jun 2008
Bug in the book: Appendix C, hosts file
Somehow this escaped our notice during the proof phase, but the hosts file that's printed in the book (and burned on the CD-ROM) is completely bogus. It actually blocks a number of very good sites that have anti-spyware software and even blocks MVPS.org, the place where you can get a real spyware/adware...
28 Jun 2005
New column -- Using IPsec for network protection
I'm now writing semi-regular articles for TechNet. These are part of the security management series, and they're also linked from the security newsletter. The first column is a two-parter about IPsec. Part 1 describes the technology: how it operates, its various modes and methods, a bit on IKE...
10 Feb 2005
BitLocker command line interface
Last week at TechEd Europe I showed the BitLocker command-line interface. At other TechEds I've mentioned it but didn't show it. The CLI provides full control over BitLocker, including enabling it on any NTFS volume on the system (the Control Panel UI displays only the volume containing the operating...
26 Nov 2006
When security breaks things
Now that the furor has waned, I want to comment on MS05-051. For those of you who don't memorize bulletin numbers (I am part of that set; Susan Bradley , for example, isn't, hehe), this is the security update that fixed a number of vulnerabilities found in MSDTC and COM+; it replaced five other updates...
8 Nov 2005
Configure your router to block DOS attempts
Some time ago I had a discussion with a friend. He disagreed with my recommendations on how to configure a border router and the firewall behind it. I claimed that in the border router between you and your ISP, configure the six rules to block most denial of service traffic; in the firewall, configure...
11 Jul 2006
Should your ISA Server be in your domain? Film at 11!
So it would seem that a statement I made during TechEd US last week in Boston has mildly stirred a bit of controversy -- no surprise there, I guess, heh. One of my presentations gave an overview of what's new in ISA Server 2006 ( download your copy of the release candidate or try it out in some virtual...
22 Jun 2006
Ethernet and WiFi and Bluetooth, oh my!
Customers have long requested a way to configure a computer to automatically disable its wireless NIC when its Ethernet is in use. Many third-party utilities can do this for you, but neither XP nor Vista have a built-in way to accomplish this, nor will Windows 7. Although having both NICs enabled first...
16 Oct 2008
Microsoft IPsec diagnostic tool
IPsec is a wonderful technology for identifying computers and securing the exchange of data between them. I've written and spoken extensively about in the past. It is, however, a bit of a challenge to configure, especially if you're newly learning about it. Microsoft recently released a diagnostic tool...
1 Feb 2008
Securing Terminal Services over the Internet
In my presentation on remote access at TechEd, I gave three scenarios: web-based access to internal resources, published with ISA Server "desktop over the Internet" using Terminal Services and the remote desktop web connection full IP-based virtual private networks with L2TP+IPsec In the...
28 Jun 2005
Questions about virtualization and security?
Yesterday, Donnie Hamlett, a Microsoft core infrastructure optimization specialist, gave a webcast and played a video of my TechEd presentation on virtualization and security. Some of the viewers had questions, and I offered to Donnie that they could come to my blog to post them. I’ll extend that offer...
9 Jan 2009
© 2016 Microsoft Corporation.
Privacy & Cookies