Microsoft provides two useful resources for MOSS security: Security for Office SharePoint Server 2007 (downloadable book) Office SharePoint Server Security Account Requirements (worksheet) Link: John Westworth’s blog on Technet
You have to ask: is there malware on my system? You can be 100 per cent certain there is no malware that you can detect, but less than 100 per cent certain that there is no malware at all. Now, ladies and gentlemen, isn’t this true of every computer we already have? There is […]
Microsoft has released their own white paper containing guidance on configuring Exchange 2007 for Address List separation. This is something that was pretty easy in Exchange 2003, but suddenly made a lot more complicated and less obvious in Exchange 2007. A bunch of home brew solutions came about some time after Exchange 2007 was released […]
Here is the anti-spam configuration on an Exchange Server 2007 RTM server: [PS] C:\>Get-AntispamUpdates UpdateMode : Automatic LatestContentFilterVersion : 3.3.4604.600 SpamSignatureUpdatesEnabled : True LatestSpamSignatureVersion : 3.3.4604.600 IPReputationUpdatesEnabled : True LatestIPReputationVersion : 3.3.4604.001 MicrosoftUpdate : NotConfigured And here is the same Exchange Server 2007 server immediately after upgrading to Service Pack 1: [PS] C:\>Get-AntispamUpdates UpdateMode : […]
In prior versions of Exchange an organisation that wished to restrict who could send outbound internet emails could apply the restriction on an SMTP connector. In this example emails sent to the * address space are rejected by default unless sent by a group listed in the “Accept messages from:” list, for example a group […]
Jeff Jones posted a blog entry to celebrate Red Hat fixing their 1000th unique security vulnerability. He also draws attention to a Red Hat post on their “Truth Happens” blog back in August, which itself quotes a post on Lxer.com. Jeff posts quarterly statistics on his blog that show how many vulnerabilities have been patched for various […]
Tom Shinder of ISAServer.org takes an amusing shot at the myth in some circles that a “hardware” firewall or “firewall appliance” offers more security than a Microsoft ISA Server firewall. I was drawn to a particular quote in his article about the relative security of ISA Server to other popular firewalls in the context of […]
This morning I sat the Microsoft certification exam 70-350 for ISA Server 2004. I’d been putting this one off for a while, having already worked through the Microsoft Press training guide, a lot of whitepapers, and worked with the product for a lot of different customers over the last couple of years. I passed the […]
I logged onto my laptop this evening to check something for work and noticed that Vista was showing a security alert in my system tray. I double-clicked the icon to open Security Center and find out what was wrong, and it informs me that my Windows Defender (the anti-spyware/malware built in to Windows Vista) is […]
Secrets and Lies: Digital Security in a Networked World is written by the internationally renowned security expert Bruce Schneier. Bruce has authored several books on security and this one is a fascinating read that is sure to open your mind up to new ways of thinking about security in everyday business matters. This book has […]
A second security hole in the OpenBSD kernel…. in the last 10 years. Talk about a solid OS. read more | digg story
Austin Wilson of the Windows Vista Security Team reported back from the recent Black Hat conference about a demonstration in which a security researcher inserted unsigned code into the kernel of an x64 version of Windows Vista. This demonstration has led many to declare the security of the upcoming Microsoft product to be poor. Of […]
