MikeShaw's WebLog

Developer Security and other stuff

Browse by Tags

All Tags » Security (RSS)
Visual Studio .NET and .NET Framework 1.0 need patching
Hopefully this is old news to everyone, but just in case it isn't... The JPEG GDI+ buffer overrun vulnerability affects multiple software applications which need to be patch individually. Visual Studio .NET 2002 and 2003 as well as the .NET Framework...
Posted: Sep 22 2004, 10:32 AM by mikeshaw | with no comments
Filed under: ,
XML Firewall and more
On 27 th July, I was invited to a meeting at the Microsoft Thames Valley Park Campus with Vic Morris, CEO, Mark O’Neill, CTO and Stephen Byrne, SE of Vordel . I was impressed by what they had to say, not only in the capabilities of their existing products...
Posted: Aug 16 2004, 04:16 PM by mikeshaw | with 3 comment(s)
Filed under: , ,
Myth # 2: The Internet is full of nice people
When Windows for Workgroups 3.11 shipped I don’t think anyone believed that over the coming 10 years the number of computers in use would increase more than 10 fold and that almost all of them would, at one time or another, connect to the internet...
Posted: Jul 20 2004, 12:44 PM by mikeshaw | with 3 comment(s)
Filed under: ,
Steps for client certificate mapping to AD accounts using IIS 6.0
Just a really quick entry because this had been bugging me on the back burner for a while now. How do you set up IIS 6.0 to do the certificate to user mapping for Authentication again Active Directory in Windows Server 2003. All of these sorts of infrastructure...
Posted: Jul 14 2004, 03:16 PM by mikeshaw | with 5 comment(s)
Filed under: ,
A Threat Modelling book, tool, demo and links
Threat modelling should be a part of the design of any system, software or otherwise – hey, it’s just part of the design. A post on Friday on the Channel 9 site by Frank Swiderski talks about the Threat Modelling tool he has written and mentions...
Posted: Jul 13 2004, 05:18 PM by mikeshaw | with 1 comment(s)
Filed under: ,
More Posts