Wednesday, September 28, 2005
« 5 tips for SQL Server table design | Main | SQL Server system tables for better scri... »
Security: Links, and one significant problem.

Firstly, the credits.  This post would not have been possible without Jesper Johansson.  Look at his notes no Anatomy Of A Hack.  He's an authority on securing Windows networks, and has given me a lot to think about.

Prime among them is the problem that while running secure web applications on secure Windows servers has never been more possible, it's still too much of a black art.  I'm just scared that too many apps will be bumped up to run as administrative accounts because it's just too much hard work to get them to run.

Even following good quality (but slightly dated) patterns and practices guides like Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication (2002, extra comma theirs) aren't the full story.  You can still be forced to resort to tools like Filemon and Regmon to work out why your least-priv account cannot be started as an application pool.

This isn't meant to be a Windows is insecure rant, because they are 10-a-penny.  This is just meant to be a heads-up and link-fest.

Final link for the bandwidth-endowed.  You can watch a couple of sessions presented by Jesper at the Tech.Ed 2005 Australia site.

 

After Blog Mint [?]:

I thought I'd post some more links to resources I can personally recommend:

Secutity
Wednesday, September 28, 2005 9:16:10 AM (AUS Eastern Standard Time, UTC+10:00)  #    Disclaimer  |  Comments [2]  |  Related posts:
Sign your way to better quality with a x509 Certificate
Free Security Guidance Training for Developers
Password Strength, again!
The uneasy case of Linchpin Labs and Vista x64 driver signing
Supporting OpenSearch in your site, seriously... 10 minutes
Group Policy for web developers, part 2
 Tracked by:
"jhonny depp" (jhonny depp) [Trackback]
"mediale affari" (mediale affari) [Trackback]
"midi colonna sonore" (midi colonna sonore) [Trackback]
"MUSIC - Bethlehem Morning" (MUSIC - Bethlehem Morning) [Trackback]
"albergo bournemouth" (albergo bournemouth) [Trackback]
"memory card" (memory card) [Trackback]
"PRODUCTS" (PRODUCTS) [Trackback]
"calendario 2003" (calendario 2003) [Trackback]
"londra big ben" (londra big ben) [Trackback]
"Steve Brock Ministries" (Steve Brock Ministries) [Trackback]
"new york four seasons hotel" (new york four seasons hotel) [Trackback]
"MUSIC - Mary Did You Know/What Child Is This?" (MUSIC - Mary Did You Know/What ... [Trackback]
"Steve Brock Ministries" (Steve Brock Ministries) [Trackback]
"gioco scaricare gratis pc" (gioco scaricare gratis pc) [Trackback]
"immagini disney" (immagini disney) [Trackback]
"amministratore condominiale" (amministratore condominiale) [Trackback]
"MUSIC - Gloria" (MUSIC - Gloria) [Trackback]
"freddissimo gradito papa" (freddissimo gradito papa) [Trackback]
"vacanza ad ischia" (vacanza ad ischia) [Trackback]
"val d aosta" (val d aosta) [Trackback]
"l attimo fuggente" (l attimo fuggente) [Trackback]
"HOME" (HOME) [Trackback]
"bionde masturbandosi" (bionde masturbandosi) [Trackback]
"gioco adulto gratis" (gioco adulto gratis) [Trackback]
"Steve Brock Ministries" (Steve Brock Ministries) [Trackback]
"giochi carta regolamento" (giochi carta regolamento) [Trackback]
"Steve Brock Ministries" (Steve Brock Ministries) [Trackback]
"MUSIC" (MUSIC) [Trackback]
"PHOTOS" (PHOTOS) [Trackback]
"PARTNERS" (PARTNERS) [Trackback]
"SCHEDULE" (SCHEDULE) [Trackback]
"perline gioiello" (perline gioiello) [Trackback]
"Steve Brock Ministries" (Steve Brock Ministries) [Trackback]
"CONTACT" (CONTACT) [Trackback]
"OUTREACH" (OUTREACH) [Trackback]
"scuola superiore" (scuola superiore) [Trackback]
"pulcino fottilo nella residenza" (pulcino fottilo nella residenza) [Trackback]
"torte bindi" (torte bindi) [Trackback]
"medio apparecchio" (medio apparecchio) [Trackback]
"albergo firenze hotel" (albergo firenze hotel) [Trackback]
"electric tool accessories" (electric tool accessories) [Trackback]
"foto ose" (foto ose) [Trackback]
"posing stool" (posing stool) [Trackback]
"second income ideas" (second income ideas) [Trackback]
"good looking idraulico" (good looking idraulico) [Trackback]
"hilo hawaii real estate" (hilo hawaii real estate) [Trackback]
"alternative school programs" (alternative school programs) [Trackback]
"aol and vpn connections" (aol and vpn connections) [Trackback]
"snowmobile helmets" (snowmobile helmets) [Trackback]
"Force Outboard Motor Parts" (Force Outboard Motor Parts) [Trackback]
"custom plaque drop ship" (custom plaque drop ship) [Trackback]
"enoteche" (enoteche) [Trackback]
"legal aid society" (legal aid society) [Trackback]
"panasonic plasma tv" (panasonic plasma tv) [Trackback]
"bakersfeild ca" (bakersfeild ca) [Trackback]
"Santa Barbara Collection" (Santa Barbara Collection) [Trackback]
"fictional detectives" (fictional detectives) [Trackback]
"bitch island" (bitch island) [Trackback]
"ridiculous infermiera azione" (ridiculous infermiera azione) [Trackback]
"Kawasaki Ninja 250 Performance" (Kawasaki Ninja 250 Performance) [Trackback]
"chicago bbw escort" (chicago bbw escort) [Trackback]
"print manager software" (print manager software) [Trackback]
"bangkok train schedule" (bangkok train schedule) [Trackback]
"building developers IN USA" (building developers IN USA) [Trackback]
"aspirin vs plavix" (aspirin vs plavix) [Trackback]
"Luggage Repair Parts %2B wheels" (Luggage Repair Parts %2B wheels) [Trackback]
"Ford 56 F100 for Sale" (Ford 56 F100 for Sale) [Trackback]
"real estate woodstock georgia" (real estate woodstock georgia) [Trackback]
"handbags and gladrags stereophonics" (handbags and gladrags stereophonics) [Trackback]
"ford warranty" (ford warranty) [Trackback]
"challenger gate garage door openers" (challenger gate garage door openers) [Trackback]
"sea turtle pictures" (sea turtle pictures) [Trackback]
"converse high top sneakers chuck taylor" (converse high top sneakers chuck tayl... [Trackback]
"office furniture installations" (office furniture installations) [Trackback]
"family leave act" (family leave act) [Trackback]
"Wireless Providers" (Wireless Providers) [Trackback]
"antique civil war swords" (antique civil war swords) [Trackback]
"Infiniti qx 56" (Infiniti qx 56) [Trackback]
"acidophilus" (acidophilus) [Trackback]
"uLTRACET" (uLTRACET) [Trackback]
"ingoiogallery" (ingoiogallery) [Trackback]
"model figures" (model figures) [Trackback]
"grand theft treatment program" (grand theft treatment program) [Trackback]
"flexeril and Skilaxin" (flexeril and Skilaxin) [Trackback]
"bondage harness" (bondage harness) [Trackback]
"washington nc" (washington nc) [Trackback]
"14k vintage charms" (14k vintage charms) [Trackback]
"torque wrench repair service" (torque wrench repair service) [Trackback]
"hennepin county minnesota" (hennepin county minnesota) [Trackback]
"marketing research tool" (marketing research tool) [Trackback]
"telephone answering service" (telephone answering service) [Trackback]
"Factitious Disorder" (Factitious Disorder) [Trackback]
"lucas county real estate" (lucas county real estate) [Trackback]
"walk in refrigerator" (walk in refrigerator) [Trackback]
"amabileamantedoppiopenetrazione" (amabileamantedoppiopenetrazione) [Trackback]
"window 2000 server sp4" (window 2000 server sp4) [Trackback]
"search engine optimization specialist singapore" (search engine optimization sp... [Trackback]
"spaventososegretariaanalefotti" (spaventososegretariaanalefotti) [Trackback]
"lucianalittizzetto" (lucianalittizzetto) [Trackback]
"laser cancer treatment" (laser cancer treatment) [Trackback]
"A List of Indian Casinos in Arizona" (A List of Indian Casinos in Arizona) [Trackback]
"artclubdisco" (artclubdisco) [Trackback]
"tesineinterdisciplinarimaturita" (tesineinterdisciplinarimaturita) [Trackback]
"skateboard ramps for under a %24100" (skateboard ramps for under a %24100) [Trackback]
"jack black song" (jack black song) [Trackback]
"intellectual property find lawyer online" (intellectual property find lawyer on... [Trackback]
"insensatoamatorialidoppiopenetrazione" (insensatoamatorialidoppiopenetrazione) [Trackback]
"gaeta" (gaeta) [Trackback]
"revolver black and white jack party" (revolver black and white jack party) [Trackback]
"autotransport" (autotransport) [Trackback]
"caldissimosentimentobisessuale" (caldissimosentimentobisessuale) [Trackback]
"laughablebiondeoralefotti" (laughablebiondeoralefotti) [Trackback]
"british currency english money paper" (british currency english money paper) [Trackback]
"anzianichescopanodonnegiovani" (anzianichescopanodonnegiovani) [Trackback]
"roulette dares" (roulette dares) [Trackback]
"school house of rock" (school house of rock) [Trackback]
"daily disposables" (daily disposables) [Trackback]
"dafne fernandez" (dafne fernandez) [Trackback]
"daikin ftxs71" (daikin ftxs71) [Trackback]
"vidna dwells into the heart" (vidna dwells into the heart) [Trackback]
"dagwood sandwich" (dagwood sandwich) [Trackback]
"dakin animal shelter leverett ma" (dakin animal shelter leverett ma) [Trackback]
"hp psc 1315v software" (hp psc 1315v software) [Trackback]
"daga mrozek" (daga mrozek) [Trackback]
"panasonic vdr-m30 dvd-r digital camcorder" (panasonic vdr-m30 dvd-r digital cam... [Trackback]
"haskel dyer" (haskel dyer) [Trackback]
"kodak easy share dx7630 camera soft" (kodak easy share dx7630 camera soft) [Trackback]
"pat dailey 60's,70's ,80's" (pat dailey 60's,70's ,80's) [Trackback]
"dwight schrute" (dwight schrute) [Trackback]
"ritz av and bob dvorak" (ritz av and bob dvorak) [Trackback]
"game cheats for ps2" (game cheats for ps2) [Trackback]
"san diego dwi attorney" (san diego dwi attorney) [Trackback]
"cell chaos coop ps2 splinter theory through walk" (cell chaos coop ps2 splinter... [Trackback]
"sony dvpns330sm multi region dvd player" (sony dvpns330sm multi region dvd play... [Trackback]
"snore guard" (snore guard) [Trackback]
"headrest dvd players headrest dvd players" (headrest dvd players headrest dvd p... [Trackback]
"moody wadley toyota in dyersburg" (moody wadley toyota in dyersburg) [Trackback]
"daimoku relationship karma" (daimoku relationship karma) [Trackback]
"okashina dai bouken" (okashina dai bouken) [Trackback]
"toshiba dvd-ram drive sd-w2002 support" (toshiba dvd-ram drive sd-w2002 support... [Trackback]
"cal spa ps4 manual" (cal spa ps4 manual) [Trackback]
"daiwa 130x" (daiwa 130x) [Trackback]
"dwarf korean lilac" (dwarf korean lilac) [Trackback]
"dairy heifer raising" (dairy heifer raising) [Trackback]
"celluloid heroes ray davies" (celluloid heroes ray davies) [Trackback]
"jan hendriks kollen giethoorn" (jan hendriks kollen giethoorn) [Trackback]
"daintree" (daintree) [Trackback]
"lenox daffodil vase" (lenox daffodil vase) [Trackback]
"daigunder" (daigunder) [Trackback]
"kahrs wood floor doussie dakar" (kahrs wood floor doussie dakar) [Trackback]
"multi region dvd players" (multi region dvd players) [Trackback]
"hippo eats dwarf" (hippo eats dwarf) [Trackback]
"brooksgenerationsinvestment.com" (brooksgenerationsinvestment.com) [Trackback]
"chhabrahomes.com" (chhabrahomes.com) [Trackback]
"chhabrafinancialservices.com" (chhabrafinancialservices.com) [Trackback]
"arizonagreathomes.com" (arizonagreathomes.com) [Trackback]
"coberesourcecenter.com" (coberesourcecenter.com) [Trackback]
"artisticwebdesigners.com" (artisticwebdesigners.com) [Trackback]
"comicbookstrader.com" (comicbookstrader.com) [Trackback]
"coffeebeenery.com" (coffeebeenery.com) [Trackback]
"avantidesigngroup.com" (avantidesigngroup.com) [Trackback]
"twincircles.com" (twincircles.com) [Trackback]
"btobmatrix.com" (btobmatrix.com) [Trackback]
"click4stars.com" (click4stars.com) [Trackback]
"chhabraracing.com" (chhabraracing.com) [Trackback]
"biocroc.com" (biocroc.com) [Trackback]
"chhabragroup.net" (chhabragroup.net) [Trackback]
"monstarstudios.com" (monstarstudios.com) [Trackback]
"phytolink.net" (phytolink.net) [Trackback]
"areasii.com" (areasii.com) [Trackback]
"tabak-meier.com" (tabak-meier.com) [Trackback]
"cobetravel.com" (cobetravel.com) [Trackback]
"chhabracorporation.com" (chhabracorporation.com) [Trackback]
"artisticwebdesigners.com" (artisticwebdesigners.com) [Trackback]
"tabak-meier.com" (tabak-meier.com) [Trackback]
"chhabrafoundation.com" (chhabrafoundation.com) [Trackback]
"chhabrafoundation.com" (chhabrafoundation.com) [Trackback]
"chhabragroup.net" (chhabragroup.net) [Trackback]
"chhabrafamilyfoundation.com" (chhabrafamilyfoundation.com) [Trackback]
"chhabraconsulting.com" (chhabraconsulting.com) [Trackback]
"chhabraconsulting.com" (chhabraconsulting.com) [Trackback]
"collegepridepixels.com" (collegepridepixels.com) [Trackback]
"attashay.com" (attashay.com) [Trackback]
"prontostudios.com" (prontostudios.com) [Trackback]
"whartongcc.com" (whartongcc.com) [Trackback]
"namicmarketing.com" (namicmarketing.com) [Trackback]
"gregpayneoffenses.com" (gregpayneoffenses.com) [Trackback]
"our-specialties.com" (our-specialties.com) [Trackback]
"writewithapro.com" (writewithapro.com) [Trackback]
"leomoctezuma.com" (leomoctezuma.com) [Trackback]
"internet-marketingpro.com" (internet-marketingpro.com) [Trackback]
"hornypics.net" (hornypics.net) [Trackback]
"spaceless.net" (spaceless.net) [Trackback]
"fetishe6.com" (fetishe6.com) [Trackback]
"whartongcc.com" (whartongcc.com) [Trackback]
"auctionsection.com" (auctionsection.com) [Trackback]
"our-specialties.com" (our-specialties.com) [Trackback]
"internet-marketingpro.com" (internet-marketingpro.com) [Trackback]
"whartongcc.com" (whartongcc.com) [Trackback]
"leomoctezuma.com" (leomoctezuma.com) [Trackback]
"whartongcc.com" (whartongcc.com) [Trackback]
"spaceless.net" (spaceless.net) [Trackback]
"gregpayneoffenses.com" (gregpayneoffenses.com) [Trackback]
"caramigo.com" (caramigo.com) [Trackback]
"spaceless.net" (spaceless.net) [Trackback]
"hornypics.net" (hornypics.net) [Trackback]
"whartongcc.com" (whartongcc.com) [Trackback]
"writewithapro.com" (writewithapro.com) [Trackback]
"ladyboy6.com" (ladyboy6.com) [Trackback]
"elite-stfu.com" (elite-stfu.com) [Trackback]
"internet-marketingpro.com" (internet-marketingpro.com) [Trackback]
"internet-marketingpro.com" (internet-marketingpro.com) [Trackback]
"caramigo.com" (caramigo.com) [Trackback]
"ladyboy6.com" (ladyboy6.com) [Trackback]
"gregpayneoffenses.com" (gregpayneoffenses.com) [Trackback]
"finials" (finials) [Trackback]
"taxwebguide" (taxwebguide) [Trackback]
"westcoastcnc" (westcoastcnc) [Trackback]
"anderoge" (anderoge) [Trackback]
"hotloszconsulting" (hotloszconsulting) [Trackback]
"winwin-double" (winwin-double) [Trackback]
"usacorreo" (usacorreo) [Trackback]
"mtbpromotions" (mtbpromotions) [Trackback]
"congaisp" (congaisp) [Trackback]
"chalmerist" (chalmerist) [Trackback]
"carstereoalarms" (carstereoalarms) [Trackback]
"teamtiny" (teamtiny) [Trackback]
"announceyourblog" (announceyourblog) [Trackback]
"ca-forex" (ca-forex) [Trackback]
"unixquestionbank" (unixquestionbank) [Trackback]
"drtydawgspound" (drtydawgspound) [Trackback]
"daydream-hosting" (daydream-hosting) [Trackback]
"e-creativitat" (e-creativitat) [Trackback]
"alphastudio" (alphastudio) [Trackback]
"mrgoodbytes" (mrgoodbytes) [Trackback]
"careerrelatedstuff" (careerrelatedstuff) [Trackback]
"alfaeng" (alfaeng) [Trackback]
"caymantreasures" (caymantreasures) [Trackback]
"securediary" (securediary) [Trackback]
"bostonkidswalk" (bostonkidswalk) [Trackback]
"dominionjet" (dominionjet) [Trackback]
"mbeyond" (mbeyond) [Trackback]
"noadesigns" (noadesigns) [Trackback]
"247-notary" (247-notary) [Trackback]
"opticalsystemstech" (opticalsystemstech) [Trackback]
"myjointprotectiononline" (myjointprotectiononline) [Trackback]
"rememberthealibi" (rememberthealibi) [Trackback]
"grandcaymanguide" (grandcaymanguide) [Trackback]
"forumbackups" (forumbackups) [Trackback]
"metahyip2.com" (metahyip2.com) [Trackback]
"domainrhino.com" (domainrhino.com) [Trackback]
"stuffed-animals-sources.com" (stuffed-animals-sources.com) [Trackback]
"imagineuniversal.com" (imagineuniversal.com) [Trackback]
"theskysurf.com" (theskysurf.com) [Trackback]
"crystals-sources.com" (crystals-sources.com) [Trackback]
"snowboarding-sources.com" (snowboarding-sources.com) [Trackback]
"eckohost.net" (eckohost.net) [Trackback]
"lachiqa.com" (lachiqa.com) [Trackback]
"dishnetworkminnesota.com" (dishnetworkminnesota.com) [Trackback]
"realworldsportsbetting.com" (realworldsportsbetting.com) [Trackback]
"omnitecproducts.com" (omnitecproducts.com) [Trackback]
"joanneswedding.com" (joanneswedding.com) [Trackback]
"revengeofthefreaks.com" (revengeofthefreaks.com) [Trackback]
"youareherenow.com" (youareherenow.com) [Trackback]
"webrhinouk.com" (webrhinouk.com) [Trackback]
"bookstorm.net" (bookstorm.net) [Trackback]
"rhinogamestudios.com" (rhinogamestudios.com) [Trackback]
"swansingles.com" (swansingles.com) [Trackback]
"interiorrobotics.com" (interiorrobotics.com) [Trackback]
"kargear.com" (kargear.com) [Trackback]
"aboutlos.com" (aboutlos.com) [Trackback]
"digitalannex.com" (digitalannex.com) [Trackback]
"newclearproductions.com" (newclearproductions.com) [Trackback]
"imagineitministries.com" (imagineitministries.com) [Trackback]
"thepchelp.com" (thepchelp.com) [Trackback]
"xchangesystems.net" (xchangesystems.net) [Trackback]
"esuite7.com" (esuite7.com) [Trackback]
"brainwavesllc.com" (brainwavesllc.com) [Trackback]
"gilesclan.com" (gilesclan.com) [Trackback]
"dults.com" (dults.com) [Trackback]
"myegins.com" (myegins.com) [Trackback]
"medicall.com" (medicall.com) [Trackback]