Steve Lamb's Blog

Security Matters

Browse by Tags

Related Posts
  • Blog Post: Thanks to everyone who joined us at the Technical Roadshow

    Hundreds of you joined the TechNet team at our first roadshow of the year in Edinburgh earlier this week. I thoroughly enjoyed our discussions and look forward to meeting more of you at the next session which takes place in Birmingham on 24th and 25th May. Full details of the Roadshow can be found...
  • Blog Post: How to fix the problem of: Since enabling WPA my wireless client can't connect

    I recently helped a friend of mine to implement Wireless Protected Access (WPA) at his home. I made the classic mistake of telling him that it would only take a couple of minutes to set up. Enabling WPA on his wireless router was really easy - particularly so as he as the same device as I use at home...
  • Blog Post: Teaching Security to Developers

    Thanks to everyone @ VBUG Birmingham last night for making me so welcome. I was greated with lots of Halloooween pumpkins - one of which was carved with a semi-colon in it rather than a face - a C# joke apparently! I delved into how Malware gets onto machines, how it works and how to avoid it....
  • Blog Post: How we at Microsoft Secure our own infrastructure

    Ever wondered how we secure our own infrastructure? The ITShowCase website provides IT Professionals with the low down on how we develop, deploy and manage our enterprise technology solutions. The site contains both business decision maker suitable content and highly technical implementation detail....
  • Blog Post: Don't rely upon 802.1X to secure your wired networks!

    Steve Riley gave a fasinating session @ IT Forum where he commented that 802.1X for wired networks would not solve as many security problems as people perceive. 802.1X does NOT authenticate each packet (unlike IPSEC ESP-null) and hence WITH PHYSICAL ACCESS to the wires it's possible for a hacker to place...
  • Blog Post: How to secure a wireless network: Part 2 of 5 - How to change the SSID

    This post follows on from How to secure a wireless network: Part 1 of 5 - Enabling WPA on a wireless router which includes a detailed description of some key security myths pertaining to wireless security. The first post also goes into detail about why these steps are only appropriate for small networks...
  • Blog Post: Securing Wireless LANs with PEAP and Passwords

    There's a wealth of excellent prescriptive Guidance from Microsoft Consultants which is available for free download at http://www.microsoft.com/technet/security/guidance The wireless guide explains how to secure both large scale Enterprise networks and smaller scale networks. http://www.microsoft.com...
  • Blog Post: Poor wireless signal? - how to improve the range of your wireless network

    I recently set up a new wireless router at home and was disappointed to find that I couldn't connect to the network whilst upstairs. This didn't make a great deal of sense as I live in a house that's only ten years old so it's pretty much made of cardboard - hardly the stuff that's likely to block wireless...
  • Blog Post: Microsoft IT Attack and Penetration Testing Team

    The Microsoft® IT Showcase website includes a new article detailing our approach to assessing the security compliance of our internal systems. Techniques and methodologies are discussed to limit the points of exposure whilst addressing the unique management challenges posed by the Attack and Penetration...
  • Blog Post: The GetSafeOnline tour is coming to a City near you very if you're in the UK

    Tony Blair kicked off the Get Safe Online campaign at a press launch in London this morning. Microsoft in partnership with the UK Government and a many large companies are evangelising the importance of information security to the entire UK population - at least those who watch TV, read the major newspapers...
  • Blog Post: What would you like to know about PKI?

    Like many of you I've heard all the stories about how PKI (Public Key Infrastructure) "will save the day" for all our security concerns - this message was pushed particularly hard four to five years ago. PKI is a component of infrastructure which makes things like secure email (S/MIME), secure browsing...
  • Blog Post: How Microsoft secure our own systems - ITShowCase

    Another resource I've mentioned when presenting @ TechNet events is ITShowCase - the following URL is the home of a wealth of information (including "how to" build guides) written by our internal technical administrators and architects when building and securing our infrastructure: http://www.microsoft...
  • Blog Post: Fill a few more braincells with security knowledge at these events

    Tuesday 29th Nov- Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works - deep technical session taking place in Reading (England) - it's free to join us - just follow the link to register Wednesday 30th Nov - British Computer Society Microsoft Security Day The...
  • Blog Post: Make sure you get your wireless security passphrase right on Windows Vista

    This won't come as a surprise for those of you who've read many of my blog entries or who've discussed security with me directly but I have a somewhat obtuse Wireless Protected Access (WPA) passphrase and I've just mistyped it on my newly built Windows Vista client machine - I want to share with you...
  • Blog Post: Come and join us at the Security Track of the Technical(TechNet & MSDN) Roadshow in Edinburgh, Harrogate, Birmingham and London

    The event is free of charge for you to attend. We'll be touring the UK (well four major cities at least) presenting in depth security session covering ways to mitigate the treats that all of our organisations face every day. The TechNet Security track will dive into practical application of Windows XP...
  • Blog Post: Learn about rootkits malware and network isolation from subject matter experts, testers and editors who create security guidance solutions namely the Microsoft Solutions for Security(MSS) team

    I'm a huge fan of getting the most value from the software I already have - I always talk about this at events and in papers I write. The Microsoft Solutions for Security(MSS) team produce prescriptive guidance to show you exactly HOW to get the most from the security features built into Windows and...
  • Blog Post: How to set up Network Access Protection to measure compliance of CISCO's Network Admission Control clients

    The Step-by-Step Guide: Demonstrate NAP 802.1X Enforcement in a Test Lab explains exactly how to set NAP up in a lab to measure compliance (and optionally restrict network access) of clients accessing the network by network switches capable of port based authentication including many enterprise wireless...
  • Blog Post: Join us on 29th Nov to find out in Plain English AND deep technical HOW PKI works

    Many of you have asked me questions about Public Key Infrastructure with regard to it's use for securing web transactions (SSL), wireless (PEAP & EAL-TLS), email (S/MIME) and Rights Management. Prior to joining Microsoft I was a security consultant for many years during which time I designed and...
  • Blog Post: How to Secure wireless networks?

    A good point of reference is http://www.microsoft.com/wifi as you'll find a wealth of best practise advice there. Another good source is the current TechNet Magazine which can be accessed both online (you can download the entire thing) and in print too in some geographies. The current (November / December...
  • Blog Post: How to secure a wireless network: How to view the advanced wireless interface on Windows Vista

    This post follows on from How to secure a wireless network: Part 1 of 5 - Enabling WPA on a wireless router , How to secure a wireless network: Part 2 of 5 - How to change the SSID , How to secure a wireless network: Part 3 of 5 - Reconfiguring a Vista client to connect to your WPA secured access point...
  • Blog Post: Royal Holloway MSc in Computer Security

    <I've edited this post to add a link to the pictures together with the following image> Thank you to everyone I met at Royal Holloway from the MSc in Computer Security (distance learning) course. I can honestly say I rarely get to meet to many interesting people in a single room. I thoroughly...
  • Blog Post: Thanks to everyone who joined our Blogging Session last night

    Eileen and I thoroughly enjoyed explaining and demonstrating the various aspects of blogging. Eileen posted an entry earlier today containing all of the links to sites and tools used last night. I showed you how to set up a blog and post on MSN Spaces , Blogger , Text America and Community Server...
  • Blog Post: Come and meet us at the Largest Information Security Show in the UK

    Details of InfoSec 2005 can be found @ http://www.infosec.co.uk - it's one of the largest information security shows in Europe. Many of the security vendors will be there together with thousands of your peers. Microsoft are hosting a free seminar programme(in the Pillar room) which will focus on practical...
  • Blog Post: Blogcast showing how to secure a home wireless network via WPA - updated to point to the new blogcasts

    This post has been replaced by a series of five blogcasts as quite a bit has changed since I wrote this post over three years ago - specifically Windows Vista has a different user interface. The replacement blogcasts are as follows: How to secure a wireless network: Part 1 of 5 - Enabling WPA on a...
  • Blog Post: It's a bargain - browse the Internet @ Seattle Internation Airport (SeaTac)

    I was pleasantly surprised to find that wireless Internet access is only $8 (for 24 hours) at Seattle International Airport (seatac). I know it's free at many coffee bars but few airports that I've visited provide good value Internet access. It's nice to be able to stay connected whilst waiting for a...