Sure, you could use an enterprise grade application layer inspection firewall like an ISA or TMG firewall, but if you just want to protect your computer, or a couple of computers, then check out the power of the HOSTS file and how it can protect you from nasty things out there on the Internet.

http://www.mvps.org/winhelp2002/hosts.htm

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“How would your code stand up to an attack? If you are not sure, join us for the Digital Blackbelt webcast series as developer community champions and other experts discuss security risks, vulnerabilities, and solutions from the software developer’s perspective. We provide real-life examples and security tips and tricks that can help you gain the knowledge and techniques to become an experienced “blackbelt” in writing secure code.”

http://www.microsoft.com/events/series/digitalblac...t.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Getting things done in the IIS 7.0 interface isn’t quite as easy as it was with previous versions, but for the most part, you can get almost everything you could in previous versions done in the IIS 7.0 console. In this article, they show you how to use various methods to configure SSL in the IIS 7.0 — just make sure to avert your eyes when you see all the high-overhead code samples :)

http://learn.iis.net/page.aspx/144/how-to-setup-ss...iis-7/

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

The EFS Assistant is a tool that helps organizations centrally manage EFS in order to protect the data on their client PCs. The EFS Assistant is a small tool that installs on a Windows Vista or Windows XP SP2 machine and enforces the company’s EFS encryption policy. The policy is configured using Group Policy.

Learn about and download the MS EFS Assistant at:

http://www.codeplex.com/EFSAssistant

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“The Data Encryption Toolkit for Mobile PCs describes how to effectively use both EFS and BitLocker to help address your organization’s requirements to protect data on mobile PCs. The Toolkit also provides you with software tools and scripts to help you centrally configure, deploy, and manage encryption settings on all your mobile PCs.”

Download the kit at:

http://www.microsoft.com/downloads/details.aspx?Fa...ang=en

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“The IT Compliance Management Guide is designed to help IT managers, business managers, Microsoft customers, and the ecosystem of Microsoft partners plan for and address specific IT compliance requirements that relate to applicable GRC authority documents. Such documents include regulations, publications from standards bodies and industry organizations, organizational policies, and agreements.

The goal is to shift the effort of GRC requirements enforcement and management to Microsoft products through the configuration of existing Microsoft product features and functions.”

Download the IT Compliance Management Guide at:

http://technet.microsoft.com/en-us/library/dd20673...081112

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“The Microsoft Security Assessment Tool 4.0 is the revised version of the original Microsoft Security Risk Self-Assessment Tool (MSRSAT), released in 2004 and the Microsoft Security Assessment Tool 2.0 released in 2006. Security issues have evolved since 2004 so additional questions and answers were needed to ensure you had a comprehensive toolset to become more aware of the evolving security threat landscape that could impact your organization.

The tool employs a holistic approach to measuring your security posture by covering topics across people, process, and technology. Findings are coupled with prescriptive guidance and recommended mitigation efforts, including links to more information for additional industry guidance. These resources may assist you in keeping you aware of specific tools and methods that can help change the security posture of your IT environment.

There are two assessments that define the Microsoft Security Assessment Tool:

• Business Risk Profile Assessment
• Defense in Depth Assessment (UPDATED)

The questions identified in the survey portion of the tool and the associated answers are derived from commonly accepted best practices around security, both general and specific. The questions and the recommendations that the tool offers are based on standards such as ISO 17799 and NIST-800.x, as well as recommendations and prescriptive guidance from Microsoft’s Trustworthy Computing Group and additional security resources valued in the industry.”

Download this useful security tool at:

http://www.microsoft.com/downloads/details.aspx?Fa...ang=en

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“In recent years malware has transcended its ‘not so humble’ beginnings to evolve in complexity to rival many decent sized software projects. This reflects the increased sophistication of the producers of the malicious content and is reflected in their methods of attack.

This indicates an improvement in development methodologies that enables malware producers to improve their output, adding functionality and capabilities to achieve maximum gain.

In this paper we track the evolution of certain families of malware as they have grown and diversified, adapting and improving to effectively accomplish their required results.

Starting with the early variants we show how the malware has changed to meet the requirements of its producers, how the code is implemented to best fulfil those requirements, how the malware producers test their creations and finally how they deliver the final release to their involuntary users.

From this we draw conclusions regarding the various stages of the malware development life cycle and ascertain how their development reflects the strategies employed to produce the malware and what could be expected in future.”

Download this paper at:

http://www.microsoft.com/downloads/details.aspx?Fa...ang=en

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

I’m a big fan of security by obscurity. In fact, in the “real world” you couldn’t live without it. So why is security by obscurity scorned at by some people in the computer and network security world? In their article The Great Debate, Security by Obscurity, Jesper Johansson and Roger Grimes discuss the issue, providing you both sides.

Check out this unusually useful article over at:

http://technet.microsoft.com/en-us/magazine/cc5103...9.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

London, UK, 20 November 2008 – Winner of the Best of TechEd award in 2007 and highly recommended by the judges at the SC Magazine Europe awards in 2008, GFI LANguard allows administrators to scan, detect, assess and rectify vulnerabilities on their network and to secure it with minimal administrative effort. The latest version builds on an extensive feature set to make it easier for users to manage network scans, install patches and get a complete picture of the security set-up on their network.

“Our philosophy is to provide our customers with products that are easy to download, install, configure and run. The new features in GFI LANguard are aimed at making it easier for administrators to use our software and to gain maximum benefit from the extensive functionality that the software provides,” GFI’s Vice-President of Product Engineering, Phil Bousfield said.

Network auditing
GFI LANguard’s auditing function tells administrators what they need to know about their network by retrieving hardware information on memory, processors, display adapters, storage devices, motherboard details, printers, and so on. Using baseline comparisons they can now check whether any hardware was added / removed since last scan. In version 9, executive reports are now available directly from within GFI LANguard.

Vulnerability management
The new version of GFI LANguard extends the products-scanning capabilities and now it is possible to identify and report on unauthorized software installations, e.g. peer-to-peer programs. The administrator can now also configure GFI LANguard to uninstall these applications whenever they are detected on the network.

With version 9, administrators can also identify whether a scanned machine is a physical or virtual machine, with support currently for VMware or Virtual PC. A new feature in GFI LANguard allows administrators to open a Remote Desktop connection with any target computer when browsing through the scan results. Thus issues not rectified automatically can be addressed manually using a remote desktop connection.

Automatic remediation of Microsoft patches has been included in the new version. Apart from automatically downloading missing Microsoft security patches, administrators can configure GFI LANguard to automatically deploy the missing patches or service packs at the end of scheduled scans. Administrators can still choose to deploy missing patches after they have been tested and approved.

User experience
The user interface has been redesigned to make it easier to access the main functions of vulnerability management, and in version 9 the administrator is guided through the remediation process when a problem has been identified. A new dashboard not only provides a summary of the work flow during scans but also gives an estimate of the time required to complete the scan.

For more information on GFI LANguard™ visit: http://www.gfi.com/lannetscan/.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)