Blog Stats
  • Posts - 85
  • Articles - 0
  • Comments - 23
    •
  • Trackbacks - 0

 

<< Service pack 1 on the way for Windows 7 and Windows Server 2008 R2 | Home | Ever helpful Windows… >>

Need suggestions on what you regard as “security”

I’m currently writing a large piece on MSMQ security and wanted to check I was covering the right areas. I have some doubts as I’ve seen the occasional MSMQ forum question where a poster has used the word “security” in different contexts to what I was expecting.

So here are the areas I plan to cover:

  • Message security
    • encryption on the wire (SSL and IPSEC)
    • encryption of the message (MSMQ encryption)
    • encryption of the payload (data encryption)
    • signing and authentication
  • Queue security
    • SIDs and ACLs
    • Discoverability
    • Cross-forest issues
  • Storage security
    • NTFS permissions
    • unencrypted data
  • Service security
    • Ports and Firewalls
    • DOS attacks
    • Hardened mode (HTTP only)
  • RPC
    • secure channel requirement
    • authenticated RPC requirement
  • Active Directory
    • object permissions
  • Setup
    • Administrator requirements

What else would you want to see?

Print posted @ Friday, February 11, 2011 8:48 PM

Feedback

# re: Need suggestions on what you regard as “security”

Gravatar You are on the right track.
ACLs and AD object permission will be the next tuning i will work on and your suggestion will be helpful as usual.
2/18/2011 5:22 PM | Stefano
Post A Comment
Title:
Name:
Email:
Comment:
Verification:
 
 

 

 

Copyright © John Breakwell