Deep Fried Bytes: Talking Security with Misfit Geek Joe Stagner

deepfriedbytes.com — Joe Stagner discusses security best practices for software developers. Along the way many different ideas and topics came up like comparing a security development expert to a professional prize fighter. Listen as Joe relates how his IT law enforcement background helped him build his vision of keeping the Bad Hackers out of applications and systems. read more...

add a comment | category: Security | Views: 2

Building an ASP.NET MVC sitemap provider with security trimming

blog.maartenballiauw.be — If you have been using the ASP.NET MVC framework, you possibly have been searching for something like the classic ASP.NET sitemap. After you've played with it, you even found it useful! But not really flexible and easy to map to routes and controllers. In this post, Maarten describes how to build a custom sitemap provider which uses ASP.NET MVC route data and AuthorizeAttribute to render MCS sitemap data with security trimming enabled! read more...

add a comment | category: ASP.NET | Views: 130

How to change RDP listening port in Windows 2003 server?

aspadvice.com — This article will brief you on the way to change the default Remote Desktop Connection port to other port. This feature is important to protect your server from unwanted attempt access. Please also note that the firewall should be configured to allow such connections... read more...

1 comment | category: Security | Views: 76

How to Search And Replace values in SQL across All Tables

submitted by korayem 17 days, 21 hours ago

korayem.net — My website got hacked. I got several html code injections inside the database. Here is how i fixed the issue very quickly. read more...

add a comment | category: Database | Views: 9

.NET Framework 3.5 SP1 Allows managed code to be launched from network

submitted by wisemx 25 days, 17 hours ago

blogs.msdn.com — Hurray, its finally fixed! manage code 'just works' from network file share! Now I know that some of you are probably just saying 'who cares' or 'huh?' but for those of us who have hit this problem, this has been a major deployment headache, and I am happy to say that the end of this particular problem is in sight. The problem scenario is this. If you have a managed applications like 'MyApp.exe' it works great if you run it locally (eg C:\bin\MyApp.exe), but fails when you try to run it from a network location (eg \\Myhost\bin\MyApp.exe). The problem is that the security system for the runtime treats network locations as less trustworthy than local locations, and thus throws an security exception. The problem is that failing to run managed code WHILE STILL ALLOWING UNMANAGED EXE's to run, does not provide any security (because hackers will simply use unmanaged code) but does cause nontrivial deployment headaches (manage apps can't be run from network locations). read more...

1 comment | category: Security | Views: 4

Authorization policies in WCF: from tokens to claim sets

pfelix.wordpress.com — This post describes the process that begins with the authentication of a token and ends with a collection of claim sets, available at the AuthorizationContext. read more...

add a comment | category: Security | Views: 6

Kaminsky DNS Exploit Exposes Bigger Core Challenge for Internet

gregness.wordpress.com — Most DNS servers are still unpatched and Kaminsky has acknowledged that the patch is not a long term fix. Then what are network admins to do? read more...

add a comment | category: Security | Views: 3

More than 60% of Recursive Name Servers Unpatched According to CERT

gregness.wordpress.com — This report published today features data from Austria, with findings consistent with another report with global implications. These unpatched servers can be exploited in minutes with exploits that are now published. read more...

add a comment | category: Security | Views: 2