website statistics
Browse by Tags - Yuri Diogenes's Blog - Site Home - TechNet Blogs

Yuri Diogenes's Blog

Thoughts from a Senior Content Developer @ Microsoft Data Center, Devices & Enterprise Client – CSI (Enterprise Mobility Team)

Browse by Tags

Related Posts
  • Blog Post: Securing your DNS using TMG 2010

    1. Introduction Nowadays information is much easier to find than it was in the past, you can find information about pretty much everything by just searching on the web (try http://www.letmebingthatforyou.com/?q=dns%20atacck for example). For this reason it is even more important to be diligent while...
  • Blog Post: The Microsoft Security Update Guide

    Microsoft just release a guide with 113 pages that covers many aspects of Microsoft Security strategy, terminologies, tools and a guideline to approach in different stages. This guide is not target only for Security Professionals, as matter of fact all IT Professionals should read this to better understand...
  • Blog Post: Cross-site scripting (XSS) Vulnerability in OWA

    Last July 8th Microsoft released the security update MS08-039 for OWA, the following Exchange versions are affected: Software Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by this Update Microsoft Exchange Server 2003 Service Pack...
  • Blog Post: I can’t fix my code now to avoid SQL Injection, what can I do?

    After writing the post SQL Injection, the threat beyond the perimeter I received some emails with this question. If you company also has the same dilemma you need to leverage this to upper management and show the real risk that they are running in to. Neil Carpenter from CSS Security (IR) Team wrote...
  • Blog Post: Using IE8 to mitigate XSS attack

    Yesterday I was playing a little bit with IE8 when I received the following warning message in IE window: Internet Explorer has modified this page to prevent a potential cross-site-scripting attack. Yep, that’s right: IE8 now mitigates XSS attack by using the built in XSS Filter. Do you want...
  • Blog Post: Removing Conficker Worm

    Quick post just to bring awareness about this new KB that explains how to manually remove Conficker. Follow the steps from: http://support.microsoft.com/kb/962007
  • Blog Post: Microsoft Security Compliance Manager

    Microsoft released the Security Compliance Manager version 1.0 beta, this tool provides centralized security baseline management features, baseline portfolio, customization capabilities, and the ability to automate the creation of GPOs and System Center Configuration Manager DCM packs. Here are some...
  • Blog Post: The Firewall Madness

    This week I worked in an issue where ISA Server 2006 was stopping answering request and NLB on ISA Server was constantly appearing with the status for “Unavailable”. The odd thing about this scenario was that every time that the firewall admin changed a rule in one node and forces a synchronization the...
  • Blog Post: SQL Injection, the threat beyond the perimeter

    It is very common to us from CSS Security receive calls about SQL Injection and sometimes customers prefers to apply a bandage in the perimeter rather than work in the real root cause. When I say beyond the perimeter is because as a matter of fact, the internal user will still be able to exploit this...
  • Blog Post: Traffic incorrectly going to ISA Server 2006 instead of going directly to the server

    Introduction This post is about an interesting issue where a third party application that was configured as service was failing to establish a connection with the destination server because ISA Server was denying the traffic. For this brief description it really sounds like a trivial issue where...
  • Blog Post: Detecting SQL Injection on IIS Logs

    Check this out this nice tool that allows you to analyze IIS logs and see if the ASP pages were victim of SQL Injection attack: http://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=WSUS&ReleaseId=13436
  • Blog Post: MVP Security Article of the Month

    About one month ago, a friend of mine from Brazil told me about the idea to write the Security Article of the month and we got together on this. We wrote an overview about Microsoft Security Products and how to use a layered approach to use them. Today Microsoft published this article, to read it click...
  • Blog Post: Beyond the Perimeter Article for ISSA Journal

    Today ISSA released the ISSA Journal – September 2009 issue that contains an article that I wrote about unified threat management. You can view the online version at: https://www.issa.org/Library/Journals/2009/September/ISSA%20Journal%20September%202009.pdf
  • Blog Post: December 2009 Security Bulletin has an IAS Update

    Yesterday Microsoft released six security updates and there is one in particular that is very important for VPN scenarios that uses IAS for RADIUS authentication. MS09-071 describes that Servers using IAS are only affected when configured to use PEAP with MS-CHAP v2 authentication (described in CVE-2009...
  • Blog Post: What can happen when you think that only Windows system needs to be patched

    This post could easily be called “Slow Internet through ISA Server”, but I decided to change the title and the focus. I’m doing that for a simple reason: people still thinking that only Windows system needs to be patched. What an untrue statement this is and how I’m convinced more and more that if you...
  • Blog Post: Centralized Information about Conficker

    Microsoft Malware Protection Center Blog put together the latest update about Conficker worm, the attack vectors, how to prevent and how to clean the system. It is all consolidated in their blog that you can access from here: http://blogs.technet.com/mmpc/archive/2009/01/22/centralized-information-about...
  • Blog Post: Unable to open a link for a MHT file using Internet Explorer 6 through ISA Server 2006

    1. Introduction The process flow is very known by all IT professionals: user can’t access a web site and calls the Help Desk. First contact, initial troubleshooting, can’t fix and it calls the network admin. At that point, after troubleshoot his “piece” of the puzzle, it says: well, it got be our...
  • Blog Post: Trigger an Action using Windows Server 2008 Event Viewer

    The Microsoft Windows Server 2008 Event Viewer is a whole new program inside the Operating System, the changes made to it were completely significant and rich in new features. There are so many things that you can now do with Event Viewer that it is worth to take some time off and play with it. The new...
  • Blog Post: When Security in Mind doesn’t match with the Application’s Security

    1. Introduction This case was originally written in Portuguese back in September 2006, it is about a case where customer was really concern about security. However his application was not that concern about this subject. Here is the scenario: · Customer has an application that uses LDAP to send...
  • Blog Post: ISA Server Firewall Service crashes when enabling cache

    1. Introduction This is another one of those cases where ISA Server Service mysterious crashes once a day, at the same time and nothing changed in the environment. This just make me really fell that the lack of communication between the teams that deals with technology is getting far beyond of...
  • Blog Post: Enhanced Mitigation Evaluation Toolkit

    Developers, developers, developers, developers (I bet you that you know this song). As you build your new application you should start thinking about security from the source (inside out approach). However even when you try to mitigate all scenarios that you can imagine there is always a concern before...
  • Blog Post: Using Netmon 3.2 to Identify an Unexpected Traffic

    1. Understanding the Problem I already worked in many cases where customer wants to know why ISA is alerting that it might be under attack by logging events such as: Figure 1 – Number of TCP Connections. …and also this one: Figure 2 – Denied Connections per Minute. ...
  • Blog Post: CSS Security MPSReports Tool is now Available

    The CSS Security Team released yesterday a very cool tool that combines features from WSUS MPSReports tool and the FCS MPSReports tool. Click it here to see for more details and download the tool.
  • Blog Post: MBSA 2.1.1 for Windows 7 released

    If you are using Windows 7 or Windows Server 2008 R2, make sure to test the new version of the Microsoft Baseline Security Analyzer 2.1.1. Read more about it here http://technet.microsoft.com/en-us/security/cc184923.aspx and download it from MS Download Center .
  • Blog Post: March’s Update

    I’ve being so busy lately that I couldn’t really stop to write some posts that I have on hold, waiting for me to complete it. Me and Tom Shinder are also very busy working on a tight schedule for a new MSPress book (details will be revealed soon) and writing here is getting very challenging, but I will...