Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » spoofing   (RSS)
Tuesday, March 10, 2009 10:05 AM

Assessing the risk of the schannel.dll vulnerability (MS09-007)

MS09-007 resolves an issue in which an attacker may be able to log onto an SSL protected server which is configured to use certificate based client authentication with only the public key component of a certificate, not the associated private key. Only
Posted by swiblog | (Comments Off)
Tuesday, July 08, 2008 10:00 AM

MS08-037 : More entropy for the DNS resolver

We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy. You can read more about the MS08-020 algorithm change in this blog entry . Increasing the entropy makes it more difficult for attackers to spoof DNS replies.
Posted by swiblog | (Comments Off)
Wednesday, April 09, 2008 9:00 AM

MS08-020 : How predictable is the DNS transaction ID?

Today we released MS08-020 to address a weakness in the Transaction ID (TXID) generation algorithm in the DNS client resolver. The TXID is a 16-bit entity that is primarily used as a synchronization mechanism between DNS servers/clients; in fact, you
Posted by swiblog | (Comments Off)
Filed under: ,
 
Page view tracker