Pay It Forward: Unorthodox patching techniques

Yes, ‘pay it forward’ was originally a week-long deal, but it is a lot of fun and turned out to be pretty successful so I’ve made it a permanent fixture of the site.

This month’s security bulletins from Microsoft include a bulletin and patch regarding a vulnerability in the Server service. The server service is enabled by default and on file and print servers, is a critical service that can neither be firewalled nor disabled. (more…)

posted by Michael on 08.09.06 @ 9:26 am | 2 Comments

MS06-040 (updated)

Patch for this one now and troubleshoot the problems later. It’s nasty and in a week or less a million cable/DSL users will be spewing scans all over the Internet.

http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx (more…)

posted by Michael on 08.08.06 @ 2:35 pm | 0 Comments

Pay it forward: Success!

The whole point of ‘pay it forward’ was exactly what Johannes Ullrich sought in his diary post here. That is to get the security community sharing information and that’s exactly what some of us did.

We got the following sites sharing tips:

An Information Security Place
Still Secure After All These Years
Anton Chuvakin Personal Blog
Limited Exposure

There have been a lot of great tips between the sites and I know its given me some more blogs to hit on a daily basis.

« Read the whole series: 1,2,3,4,5,6 »

posted by Michael on 08.07.06 @ 7:37 pm | 2 Comments

Pay it forward: Wrap Up

Picture 1 15-16-58.pngSo today is the last day of the ‘Pay It Forward’ experiment. I’m not sure what the other guys saw on their sites but I did see a fair amount of interest in the tips, so I hope they were helpful to some.

Anton Chuvakin at Chuvakin.blogspot.com joined in the fun and posted a tip today about turning up logging on your machines. He had a great point that a majority of the time you’ll benefit by being able to troubleshoot the common annoyances like spyware, crashes, etc. He has some good posts, check him out.

My last tip of the week is about basic security. To illustrate I’m going to use this awesome security tool I found called “Storm The House 2” by IvoryDrive. (more…)

« Read the whole series: 1,2,3,4,5,6 »

posted by Michael on 08.04.06 @ 7:12 am | 5 Comments

Pay it forward: Know Your Network

Alan over at Still Secure, After All These Years posted a tip today about using a secure OS on your network, utilizing a host-based firewall, and automating OS patching.

Michael Farnum at An Information Security Place posted a tip today about due diligence (my post today ties into ‘due diligence’ nicely).

The ISC posted a tip today about securing SSHD. They have a number of great suggestions and I’d like to add these:

  1. Utilize the Denyhosts application to protect SSHD by automatically blacklisting attackers. I wrote instructions about how to configure it earlier this year.
  2. Use These settings in SSHD_config to further secure SSH

And now for my security tip: Know Your Network (more…)

« Read the whole series: 1,2,3,4,5,6 »

posted by Michael on 08.03.06 @ 10:56 am | 0 Comments

previous »
« newer