home instructor-led training on-demand screencasts blogs

January 2005 - Security Briefs

Security Briefs

Home
Contact

Pluralsight Blogs

Syndication

Keith's books

Misc

Archives

Sort By: Most Recent | Most Viewed | Most Commented

CryptGenRandom without CAPI

Michael Howard posts a trick to get good software-generated random numbers without having to load CAPI. If this is all you're using CAPI for, you will find this may reduce your working set!

Published Mon, Jan 31 2005 10:54 AM by keith-brown

Filed under: Security, Geek talk
Hall of shame moved to wiki

http://pluralsight.com/wiki/default.aspx/Keith.HallOfShame Have at it folks. You no longer have to wait for me to post your most egregious stories of apps that fail to run without admin privileges. Enjoy!

Published Thu, Jan 27 2005 6:12 PM by keith-brown

Filed under: Security, Geek talk
A day in the life of a incident response expert

Robert Hensing details the procedure he and his team used to track down an attack on WINLOGON.EXE. This is particularly interesting to me given that I'm just now wrapping up a little project that involved writing a custom GINA. Incident response must...

Published Thu, Jan 27 2005 5:17 PM by keith-brown

Filed under: Security, Geek talk
LsaLogonUser - the function from hell

I always forget that this function requires special care when passing its main argument (the fifth argument, AuthenticationInformation), which is the logon request data structure. The documentation doesn't tell you that this data structure needs to be...

Published Thu, Jan 27 2005 2:35 PM by keith-brown

Filed under: Security, Geek talk
Article on constrained delegation and protocol transition

I just ran across a great article by Fredrick Chong, who works on this stuff at Microsoft.

Published Thu, Jan 27 2005 1:32 PM by keith-brown

Filed under: Security, Geek talk
SAFER

Michael Howard recently published a couple of articles ( first , second ) that talk about running selected software with lower permission, such as email readers or browsers. A lot of people who normally run as an admin but feel bad about it got really...

Published Tue, Jan 25 2005 5:18 PM by keith-brown

Filed under: Security, Geek talk
SetWindowLongPtr and /Wp64

Help, readers. #include <windows.h> void main() { LONG_PTR x = 0; SetWindowLongPtr(0, 0, x); } Ok, forget the fact that the above code doesn't do anything useful. But you'd expect it to compile without a warning, right? Well, compile it with the...

Published Thu, Jan 13 2005 3:21 PM by keith-brown

Filed under: Geek talk
Deleting system DLLs

I spent part of the day today working on some system deployment tools, and I came across a case where I needed to delete a system DLL that's always in use. Since it seems that every year or so I find myself needing to know this, here's a good algorithm...

Published Tue, Jan 11 2005 1:07 PM by keith-brown

Filed under: Security, Geek talk
What's Keith up to?

November was pretty crazy getting ready for Campsight (which was a spectacular success ), and I spent most of December either consulting for Microsoft or spending time with the family, who have been neglected way too much during the startup phase of this...

Published Thu, Jan 06 2005 8:51 AM by keith-brown

Filed under: Security, Geek talk

home instructor-led training online training blogs

781.749.9238 (East Coast) | 310.251.9901 (West Coast) | Pluralsight, LLC , 185 Lincoln St., Suite 305, Hingham, MA 02043-1741

Copyright © 2008 Pluralsight LLC. All rights reserved.

designed by nukeation

January 2005 - Security Briefs

Pluralsight Blogs

Syndication

Recent Posts

Tags

Keith's books

Misc

Recent Articles

Archives

CryptGenRandom without CAPI

Hall of shame moved to wiki

A day in the life of a incident response expert

LsaLogonUser - the function from hell

Article on constrained delegation and protocol transition

SAFER

SetWindowLongPtr and /Wp64

Deleting system DLLs

What's Keith up to?