DavidOverton.com
This site is my way to share my views and general business and IT information with you about Microsoft, IT solutions for ISVs, technologists and businesses, large and small.  
David Overton's Blog » All Tags » Windows Server 2003 » Security » Support and Tools (RSS)

Browse by Tags

  • How to get DNS and DHCP working on a Windows Server from behind the Windows Firewall

    I have a Windows Home Server at home and I decided I wanted it to be responsible for handing out DHCP and DNS addresses in the house. All very good, but when I set up the services none of it worked because of the built in Windows Firewall. While I could have just turned off the Firewall I decided to learn how to put the holes into the firewall to make it work with the firewall, thus maintaining better security. A quick search of the web showed me many settings, but it did not seem to cover the whole picture – then I came across the MS site Windows Firewall Settings which has things broken down into these four handy sections that shall for ever more be my guides to ports and firewalls in the Microsoft world. What is more, as you will see later, the tips in here as to how to get things working, getting over common hurdles is quite stunning too: Windows Firewall Settings: Optional Components Windows Firewall Settings: Remote Administration Tools Windows Firewall Settings: Server Roles Windows Firewall Settings: Services...

  • Latest news, events and downloads in the Security world from Microsoft - Windows Server 2008, Mobile, employee habits, Antigen, IPSEC, ForeFront, NAP, XP Firewall, System Center

    Each month the TRM blog product this great summary of the Microsoft world in various product areas. The blog can be found here http://blogs.technet.com/trm/ News Help your customers securely deploy Windows Server 2008 with the Windows Server 2008 Security Guide! http://go.microsoft.com/fwlink/?LinkId=92550 Every day, adversaries attempt to invade your customers’ networks and access their servers—to bring them down, infect them with viruses, or steal information about customers or employees. Your customers are looking to Microsoft and Windows Server® 2008 to help them address these threats. To assist customers in taking full advantage of the rich security features in Windows Server 2008, Microsoft has developed the Windows Server 2008 Security Guide. The Windows Server 2008 Security Guide provides IT professionals with best practices, predefined security templates, and an automated deployment tool to help strengthen the security of servers running Windows Server 2008. Supporting Your Family, Friends, and Neighbours...

  • Security for Windows Vista (understanding more about UAC), Networks, plus advice and guidance

    Security is always a big subject area. Over the last two months Technet have published the following items that will help understanding and delivery of secure systems base do Microsoft technology. Windows Vista TechNet Magazine: Inside Windows Vista User Account Control Mark Russinovich explains that User Account Control (UAC) is one of the most misunderstood new features in Windows Vista. But its goal -- to enable users to run with standard user rights -- can solve many security issues. Get an inside look at the problems UAC addresses and see exactly how this new feature works. http://go.microsoft.com/?linkid=6803653 Network Security Internet Protocol Security Enforcement in the Network Access Protection Platform This white paper describes the Network Access Protection (NAP) platform, how IPsec protects traffic, and how IPsec Enforcement in NAP provides system health policy enforcement for IPsec-secured communication. http://www.microsoft.com/downloads/details.aspx?FamilyID=144cc69f-790f-4f52-8846-3f3b8584d7cd&DisplayLang...

  • Vlad Mazek - "What is service management" and "how to avoid being hit by a truck when it is most inconvenient"

    I love Vlad's straight talking. If you get a chance read the whole of the blog entry Vlad Mazek - Vladville Blog » Blog Archive » Windows Server 2003 SP2 EEULA & CYA because as far as I am concerned he is preaching to the converted. I will stand by my view that Service Packs are tested as much as possible, but you need to do your own validation (see Who should test software and service packs - I think vendors,customers and partners - others thi ) to ensure that your application vendor is also happy to support their products on that service pack. If you only have MS products, check the release notes AND SUPPORT.MICROSOFT.COM as both may well have important information. I've extracted part of Vlads process to avoid a bloody head - read his post for more as people like Susan Bradley wishes she had :-) However, a part of me wonders just how heavy the rock was. You know, the one that he was under since Microsoft started releasing service packs. As painful as the above is to read, and as painful as this...

  • May security updates for Server DNS and Office 2003/2007 and IE7. Also Quicktime needs an update

    I did a quick scan and it seems that this month Office is the main target of updates, along with one critical one for Windows Server (for DNS RPC attack) and one for IE7. Worth a quick download and install :-) I also got this in the mail today: Apple QuickTime 7.x must be upgraded to 7.1.5 or higher. On the security updates: Microsoft is releasing the following new security bulletins for newly discovered vulnerabilities: Bulletin Number Maximum Severity Affected Products Impact MS07-023 Critical Microsoft Excel (all currently supported versions) Remote Code Execution MS07-024 Critical Microsoft Word 2000, 2002, 2003, 2004 (Mac) Remote Code Execution MS07-025 Critical Microsoft Office (all currently supported versions) Remote Code Execution MS07-026 Critical Microsoft Exchange (all current versions) Remote Code Execution MS07-027 Critical Internet Explorer - all current versions on all currently supported versions of Microsoft Windows Remote Code Execution MS07-028 Critical CAPICOM, BizTalk Server Remote Code Execution...

  • Need a machine to practice or simulate Windows Server, Exchange 2007, SQL 2005 or ISA 2006? Download the pre-configured VHDs for these virtual machines

    I am sure you have seen these already, but if not, these are great tools to help when you quickly need a machine to test something on, or spend longer learning about a product. I know you can get the disks in the action pack, but then you have to load it up on a PC or VPC - this saves you all the trouble. Windows Server 2003 R2 Windows Server 2003 R2 helps to simplify branch server management, can improve identity and access management, helps to reduce storage management costs, provides a rich Web platform, and offers cost-effective server virtualization. In this VHD, you'll have the opportunity to road-test new and improved features and functionality of Windows Server 2003, including management and usability enhancements to Active Directory. Exchange Server 2007 Learn how to take advantage of key features of Exchange Server 2007. This VHD provides an exploration of Active Directory and the new features in Exchange Server 2007, new features in Outlook Web Access 2007, enforcing compliance and retention policies...

  • How patching should be done for all servers and clients - by Susan Bradley (super Jedi)

    I still fear Susan and what she would do if I ever made a serious security blunder. Luckily for me, I haven't yet. I also love the way she tells you the way it should be and makes it easy. I went through the process of evaluating my patches and then installing those I thought were needed (I do have some Office components on my test server, but I am hoping she will let me off for that). I was thinking on how to write this up when I say Susan's entry The risk evaluation of patching and saw she put it exactly how I would have done. What is my message - use her process and your customers will be as safe as can be expected. In fact, I applied the IMF patch immediately, which resulted in Exchange being offline for a few minutes, which when using Outlook 2003 or 2007 is no biggie at all. ttfn David

  • Microsoft acquired Win Internals (SysInternals.com)

    http://www.microsoft.com/presspass/press/2006/jul06/07-18WinternalsPR.mspx This is a bit of old news, but I have not reported it. There has always been a set of amazing tools that were usable to diagnose inside Windows, they were sold from a company called WinInternals, who then produced a set of free tools on the web site http://www.sysinternals.com . These tools I normally use are below. I use them for those questions like "what file is failing to load", or "where is it looking in the registry" or "what process is using all the CPU". Filemon This monitoring tool lets you see all file system activity in real-time. MoveFile Schedule file rename and delete commands for the next reboot. This can be useful for cleaning stubborn or in-use malware files. PageDefrag Defragment your paging files and Registry hives! PendMove See what files are scheduled for delete or rename the next time the system boots. Autoruns See what programs are configured to startup automatically when your system...

  • Do you use Business Critical Support - did you know you need to re-register each year now?

    This one was a bit of a surprise to me, but my Dad, who is an IT Consultant phoned me up to explain that when he range business critical support for a customer down situation he was told that his registration had lapsed. He then had to go through a process to re-register before his call could be processed - and this all took valuable time. I put this down to my Dad's unique way of finding problems with systems, however the very next day I got a mail from another partner who hit exactly the same thing, so think of this as a warning, go give yourself the ability to call MS Support without them charging you when your customers are "down". To get more information and registration information (it is not a long process honest), go to Register for free- Business Critical Telephone Support for registration and http://www.microsoft.com/uk/partner/tech_support/b... for information. Once you are set up, you MUST note your Support ID - this is the magic that will make it work when you need it. ttfn David

  • UK Partner Technical Specialists... Who are they, who were they?

    So I WAS a PTS and now there is a different team, but Susanne has blogged on it, so go read her blog on who they are now and learn what I used to do :-) I am obviously above being part of that elite group, but I am still here for the community. They do cover a wide range of technologies and solutions from Microsoft, so they are a great place to get information, visit blogs and see what is what. If the PTS do not cover the technology you want, then as a member of SBSC you get access to managed newsgroups (which means you get prompt answers from MS people and the community). Now, the photo on the left is a bit old, but we were having a nice time out on the town - so much so that we had a drink or two - and I studiously took the photo, so I am not in it. My head was so muddled that when they found Keira Knightley in the bar, they got her autograph on someone's hand and rather than going downstairs with a camera and taking a snap, I snapped the autographed hand !! ttfn David

(c)David Overton 2006-23