April 2004 Entries
Junfeng Zhang posted interesting summary of 'image file execution options' in Windows
Microsoft posted a paper discussing implementation of the IETF's Internet Protocol security (IPSec) in Windows 2003 to the download center [via Brian Johnson]: The Microsoft Windows Server 2003 operating system includes an implementation of the Internet Engineering Task Force’s Internet Protocol security (IPSec). IPSec, which is also included in Windows 2000 and Windows XP, provides network managers with a key line of defense in protecting their networks. IPSec exists below the Transport layer,...
Bruce Sterling [rss] (my other favourite writer) posted his new book “The Zenith Angle” promotion tour map. It is a pity that Russia in not in list ;-)...
Dana Epp posted his interesting review of Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw: Gary and Greg did a great job in this book. It is well thought out and meticulous in the detail on showing just how to break code. If you design secure systems YOU MUST READ THIS BOOK. Hell, even if you don't you should read this book ... [more] I'm still waiting for this book (sometimes it takes a whole month to receive book in Russia :-( )...
During Route 64 site review I found abridged version of Michael Howard's presentation: Security Coding Issues (very suitable for introduction in topic)
>" src="http://www.infosecurit... width=88 border=0>INFOSECURITY MOSCOW exhibition will be held in the Gostiniy Dvor (near Red Square) 21-23 September 2004. Exhibition program is not available right now, but list of participants is broad (may be we'll be there at AZI stend) [Update] Russian bugtraq also posted link to exhibition site...
Keith Brown write interesting article for Longhorn Developer Center at MSDN: Security in Longhorn: Focus on Least Privilege A least privileged environment is going to significantly increase the security of the "Longhorn" Windows platform. Get started today by writing managed code, first of all, and when building desktop applications, make them LUA (Logical Unit Application programming interface) compliant [via Dana Epp's blog] Power Users Group (or 'Admin Lite') finally would be deprecated and deployment...
Basically the attack pattern is resetting an established TCP connection by sending suitable TCP packets with the RST (Reset) or SYN (Synchronise) flags set. The packets need to have source and destination IP addresses that match the established connection as well as the same source and destination TCP ports [from Dana Epp blog] Explanation in Russian also available at bugtraq.ru [Updated 23.04] Eric Rescorla [rss] posted his thoughts about this issue. Paul Watson's research paper, slides and code...
TechNet now has a Security Bulletin RSS feed [from Brian Johnson blog]
64-bit porting issues for server and application code will be covered in Route 64 tour that I'm going to attend. Local event in Moscow will be May 18 and will cover following topics: Microsoft Product Roadmap and Market Opportunities Including 64-bit versions of Windows XP, Windows Server, .NET Framework, and Microsoft SQL Server Architecture Review Including AMD Athlon64, AMD Opteron, Intel Itanium Processor Family, and Intel Xeon With Intel® Extended Memory 64 Technology Application Compatibility...
Vivek Sharma (of Exchange Team) posted “Spammer hunting for fun and profit” article. I'm currently using SpamBayes free antispam plug-in for Outlook 2003, but sometimes we really need to give a lesson to spammers
Raymon Chen posted note about choosing of seed for random number generation. Random number generation is hard. That's why you should leave it to the experts
A new company, Fortify Software, has recently launched its products into the marketplace. Fortify's solutions help developers secure their program code both during development and during runtime. The company's source code analysis software uses 540+ program coding rules to seek out security-related coding errors in code written in C, C++, and Java. Fortify's runtime analysis looks for security problems in active application. The products support Windows, Linux, and Solaris platforms, and will become...
I like Gibson's books. Here's a map of his works
Complex certificate requests (with SubjAltName and UPN attributes) generation article is posted at MSDN: Use the Certificate Enrollment control and CryptoAPI to create certificate requests, and then use them to enroll with a Microsoft Certificate Server in Windows 2000, Windows Server 2003, or even a third-party certificate authority [more...]...
Windows Installer XML (WiX) toolset has released as Open Source on SourceForge.net [from Rob Mensching blog] I'll play with it tomorrow morning and try to incorporate in our automatic build system ;-) Update: Rob invented invited a number of the people who helped the toolset for small Windows Installer XML Ship Party . Thank you all for releasing this great toolset =)! Update (21/04): Mike Gunderloy posted Introducing WiX article for ONDotnet. Update (31/05): Jeff Callahan posted that soon wix tasks...
CryptoPro posted updated drafts at IETF: Using the GOST R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 algorithms with the Internet X.509 Public Key Infrastructure Certificate and CRL Profile and Additional cryptographic algorithms for use with GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms. Both of our PKI systems: VCERT PKI (with SKZI Verba-OW) and CCERT PKI (with Crypto-Pro CSP) are already support it ;-) GOST for TLS is also updated: Addition of GOST Ciphersuites...
MSDN recently posted article with preliminary information about security changes in C and C++ run-time libraries in Whidbey (VS2005). From Michael Howard blog. Update: Shawn Fakcas also posted article about changes in CRT: As we get closer to an official Whidbey release, the C++ team will be producing more documentation on these changes, and I'll post links in this blog [Update 07/06/2004] Preliminary version of formal documentation is posted at MSDN Labs site (full list of changes in CRT is here)...