My First Webcast 
Wednesday, December 19, 2007, 11:37 PM - Security Pings
On November 20th I did my first webcast as part of the Microsoft Ignite Your Code Webcast series (ya I know that is a suckie picture of me, just there are not many photos of me in existence) . I did the presentation on Windows Security Essentials . You can download my demo code from here

The Demo Code includes examples on how to code DACLs/SACLs, Impersonation, Implicit/Declarative Code Security, Code Access Security and Asymmetric/Symmetric encryption.

The webcast includes an introduction into how Windows implements security and then how to include security into your code. I hope you enjoy and learn something helpful.

Blake

8 comments ( 192 views )   |  permalink   |  related link

Closed vs Stealthed Ports 
Tuesday, October 31, 2006, 01:53 AM - Security Pings
One of the things that I love about computers is you can always try things and see what happens. This ability to experiment can be rather handy as a BS filter and so I thought I would try a little experiment for the closed vs stealthed port debate which can be found here Place your bets - Closed vs Stealthed.

The results are simply that closed ports are not of interest to hackers or worms, as they can't break into either. While I always recommend the use of a firewall which typically results in stealthed ports, closed ports as just as secure with the exception that they could be used in a DOS attack on someone else (read the thread as I don't believe that reflection attacks are very common anymore give the huge bot armies which are available).

Blake
6 comments ( 45 views )   |  permalink   |  related link

How do spammers get your email address? 
Thursday, December 29, 2005, 07:36 PM - Security Pings
A common question I hear is how did all these spammers get my email address? If you are an old timer on the internet you remember the days when email addresses were harvested from newsgroups and web pages and so you used some sort of bogus email address when posting such as nospam@yourISP.com or whatever but now you do that and you still get a ton of spam. So you figured that someone sold you out and your beloved email address was sold by some less then honorable web admin somewhere. These methods are possible causes of why you get spam, but more likely its something else and no matter how careful you are, or what you do to hide, spammers will likely find you and send you their endless flood of junk (well over half of all emails sent on the internet are spam).

I have a couple of domains which I registered on the internet, but setup the accounts such that I receive all emails, no matter to whom they are addressed to at that domain. Each of these domains has a couple of active and real user accounts, but yet I receive tons of spam for accounts which have never existed, how is that? Many years ago when I was much more involved in internet security I was invited to participate in the teaching of internet security and the running of security labs and 'contests' and two of the 'contests' where dumpster diving and shredded paper reassembly (yes there were a lot of feds involved). So one thing I had to prepare was a list of user ids which I then created and gave to the organizers who then had a small fit as they thought the list I had given them was a list of actual users names within their 'organization', which then brought about the usual game of 20 questions as to how I obtained such confidential information being an outsider and all. Having to create these user lists meant a lot of typing and thinking of a lot of names etc, and being a coder I thought I'd much rather write a program and let it do the work for me, but where to get the names? A lot of governments post census information on their websites and in some countries part of the census information is statistics as to how common first and last names are. So I downloaded that information and fed it to a program I wrote which then used common user id naming conventions (for example last name appended with the first letter of the first name like mcneillb), so take those user ids and appended them with common ISPs/domains/etc and you have a ton of email addresses (ie mcneillb@aol.com or bmcneill@hotmail.com etc). This is what we see in our test spam domains, tons and tons of made up email addresses that look credible. Spammers now create email addresses to spam and if there is no actual account with a generated name then no, big deal the compromised system or otherwise spoofed source they used to send the spam, gets a notification message, they don't care as it isn't their bandwidth that is being used or anything.

So want to reduce your inbound spam, get yourself a truly unique user id like 2235sdf463dfgjy89ox4344sJHiw23@hotmail.com and the amount of spam you receive will be greatly reduced, however your desired email volumes will also likely be diminished as no one is going to remember your email address.

Blake
5 comments ( 160 views )   |  permalink   |  related link