Geeks With Blogs

News This blog allows me to continue the work I was doing on MSDN when I worked for Microsoft.
MSMQ from the plumber's mate MSMQ is part of your business' IT plumbing which makes you the plumber and I'm your mate.

I’m currently writing a large piece on MSMQ security and wanted to check I was covering the right areas. I have some doubts as I’ve seen the occasional MSMQ forum question where a poster has used the word “security” in different contexts to what I was expecting.

So here are the areas I plan to cover:

  • Message security
    • encryption on the wire (SSL and IPSEC)
    • encryption of the message (MSMQ encryption)
    • encryption of the payload (data encryption)
    • signing and authentication
  • Queue security
    • SIDs and ACLs
    • Discoverability
    • Cross-forest issues
  • Storage security
    • NTFS permissions
    • unencrypted data
  • Service security
    • Ports and Firewalls
    • DOS attacks
    • Hardened mode (HTTP only)
  • RPC
    • secure channel requirement
    • authenticated RPC requirement
  • Active Directory
    • object permissions
  • Setup
    • Administrator requirements

What else would you want to see?

Posted on Friday, February 11, 2011 8:48 PM | Back to top

Comments on this post: Need suggestions on what you regard as “security”

# re: Need suggestions on what you regard as “security”
Requesting Gravatar...
You are on the right track.
ACLs and AD object permission will be the next tuning i will work on and your suggestion will be helpful as usual.
Left by Stefano on Feb 18, 2011 5:22 PM

Your comment:
 (will show your gravatar)

Copyright © John Breakwell | Powered by: