Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: email@example.com
Securing Windows 2000 Communications with IP Security Filters, Part 1
This article is the first of a two-part series that will describe the various methods of implementing Windows 2000 IP Security filters that are integrated with IPSEC communications. This installment will offer an overview of IP security policies, including defining, testing, and expanding IP security policies.
Ten Windows Password Myths
With all of our advances in security technology, one aspect remains constant: passwords still play a central role in system security. The difficulty with passwords is that all too often they are the easiest security mechanism to defeat. Selecting good passwords requires education. System administrators need to be educated and that education needs to be passed on to end users. This article will debunk some common myths surrounding passwords Windows 2000 and XP.
The Microsoft UPnP (Universal Plug and Play) Vulnerability
On December 20, 2001, major security vulnerabilities were discovered in Microsoft's Universal Plug and Play (UPnP) feature, which ships by default with XP. This article will examine UPnP as well as the Microsoft UPnP vulnerability, how it can be exploited, what the impact it may have on a network, and what users should do to protect themselves.
An Audit of Active Directory Security, Part 5
This is the fifth and final installment in a five-part series on auditing Active Directory security. This article will examine some issues surrounding the multi-master replication scheme. The basis for this article begins with the following question: if two separate nodes on a directory-enabled network commit actions on the same object in the directory at (approximately) the same time, which nodes actions will be considered final, and how will the details be replicated accurately?
Using IPSec in Windows 2000 and XP, Part 3
This is the third and final installment in a series devoted to exploring IPSec in Win2K and XP. This article will look at the integration of IPSec policies into Active Directory, attacks on IPSec and other security concerns, as well as a few properties of IPSec.
Using IPSec in Windows 2000 and XP, Part 2
This is the second part of a three-part series devoted to discussing the technical details of using Internet Protocol Security (IPSec) in a Windows 2000 and XP environment. This article will discuss Security Associations, main mode authentication and IKE, Quick Mode Authentication Headers and ESP. We will also discuss some of the tools available in 2000 and XP.
Using IPSec in Windows 2000 and XP, Part 1
This article is the first of a three-part series that will describe the technical details of using Internet Protocol Security (IPSec) in a Windows 2000 and XP environment. IPSec is an architecture consisting of several protocol standards aimed at protecting IP traffic. This article will offer a brief overview of IPSec, as well as a look at the structure and interface for IPSec in Windows and a look at the two different modes of IPSec authentication methods for IKE in Windows.
An Audit of Active Directory Security, Part 4
This is the fourth in a five-part series on auditing Active Directory security. The first article in the series offered a brief introductory overview of Active Directory. The second installment we examined some of the security implications of the AD's default settings. The third article we looked at LDAP, SASL and Kerberos in the context of AD security. This installment will look at some potential security concerns related to the Configuration Naming Context in AD.
Preventing and Detecting Malware Installations on NT/2K
The purpose of this article is to address actions that NT/2K administrators can take to prevent and detect malware installations on their systems. These actions go a step beyond configuring application settings (such as disabling script mappings in IIS) and installing patches. By taking advantage of the inherent capabilities of the operating system itself, administrators can prevent or significantly hamper malware installations, and detect when such installations occur.
Kerberos and Windows 2000
Kerberos, as implemented in Microsoft, does an excellent job of authentication, authorization and auditing. As such, it can be a valuable security tool. Yet, the technology is far from bulletproof. This article will offer a brief overview of Kerberos in the Windows 2000 environment and will examine some of its potential shortcomings.