Security, Windows Security

Jesper's Blog

Obligatory file photo:

Welcome to Jesper Johansson's blog. This is my home for pontification on the web. In case this is your first time here, I have been working on information security for about 20 years, and have been writing and speaking on the topic for about 10.
My most recent book is the Windows Server 2008 Security Resource Kit . Because I am also a scuba instructor you may find some posts related to that topic as well. Just because it took me so long to get it, I also like to say that I have a Ph.D. in Management Information Systems from the University of Minnesota.

Browse by Tags

Don't fire people until after you wipe their phones: A very commonly required feature for mobile access to email is remote wipe - the ability to reach out and wipe all corporate data off a mobile device. Exchange ActiveSync supports this feature and has for several versions now. You, as the Exchange or...
Posted Thu, Apr 8 2010 by jesper | 5 comment(s)
Filed under: Windows Security, Security Pontification, Security

Mitigate the Image Uploader Vulnerabilities: The big security news this week is the six vulnerabilities found in various image uploader ActiveX controls. In case you haven't seen the news , there are exploits available publicly for remote vulnerabilities in five different ActiveX controls. US...
Posted Wed, Feb 6 2008 by jesper | 4 comment(s)
Filed under: Windows Security, Security, Mitigations

Is Firefox More Secure than Internet Explorer?: Well, sure it is. According to the Firefox web site, which must of course be untainted by marketing claims since it is Mozilla, " Firefox continues to lead the way in online security". OK, marketing hyperbole aside, I'm a data guy. I care...
Posted Fri, Nov 30 2007 by jesper | 6 comment(s)
Filed under: Windows Security, Software Development, Security

Hey, Mozilla: Quotes Are Not Legal in a URL: When I was a child, I learned a saying that I still find important to keep in mind: Those who are sitting in a glass house shall not throw stones The good folks at Mozilla may want to look up what that really means. Two days ago, Mozilla published Firefox...
Posted Fri, Jul 20 2007 by jesper | 36 comment(s)
Filed under: Windows Security, Security Pontification, Security, Windows Vista

Blocking the Firefox -> IE 0-day: Thor Larholm, unhelpfully, published details on what he claims is a 0-day exploit for Internet Explorer (IE) yesterday. This exploit is actually for Firefox, but Thor exploited it by making IE launch Firefox. Firefox creates three protocol handlers. A...
Posted Tue, Jul 10 2007 by jesper | 28 comment(s)
Filed under: Windows Security, Security Pontification, Security

Wiping a drive, the easy way: While poking around for a blog post on Susan's blog, I found this one , asking how to wipe a drive. Teacher, Teacher, I know the answer, I know: cipher /w:<drive letter> This command, built into Windows XP and higher, does a three-write pass...
Posted Thu, Aug 24 2006 by jesper | 4 comment(s)
Filed under: Windows Security, Security, Running Windows

Search

This Blog

Home

Community

Syndication

News

The Windows Server 2008 Security Resource Kit is available!
. You can also order it as part of the whole Windows Server 2008 Resource Kit and save some money.
Or, if you need to know about Vista instead, there is:

If you need a more general approach to help you Protect Your Windows Network, there is a book for that too

There is now a mobile version of the blog.

All postings are copyright Jesper M. Johansson or Steve Riley, in the year they were made. These postings are provided "AS IS" with no warranties, and confer no rights. All postings are the sole opinions of Jesper M. Johansson or Steve Riley and do not reflect any official opinion of anyone else with whom the poster(s) are affiliated or has been affiliated in the past. Use of included code samples is permitted for non-commercial use, with no warranties of fitness express or implied. All use of any information or code snippets posted in this blog at the user's sole risk. The blog site would like to thank www.ownwebnow.com and www.exchangedefender.com for their support.

Powered by Community Server (Commercial Edition), by Telligent Systems