Why you’d ever want to do this is probably a discussion best left to the political arena. But for the purpose of that thing I call my “day job”, I was required to do just this. External website, authenticates against … Continue reading
Category Archives: Security
July 16, 2011
by Ashley Knowles
0 comments
IIS, PHP, and LDAPS with Active Directory.
December 2, 2010
by Ashley Knowles
0 comments
WPAD & Proxy Timeout Issue
If you’ve been following, I’ve recently been playing with Forefront Threat Management Gateway 2010, the “new” ISA Server. Now, for all intensive purposes, everything is configured correctly. There’s a virtual IP for the proxy array (let’s say, 192.168.0.10), and the … Continue reading
November 24, 2010
by Ashley Knowles
0 comments
My iptables “base” ruleset
I’m not 100% sure if this is correct in a security sense, but thought I’d post this. For my web/database servers, it’s a pretty basic setup really. Drop all inbound packets not specifically allowed, and allow all outbound unless specifically … Continue reading
November 2, 2010
by Ashley Knowles
0 comments
Makeshift Anonymous (aka always encrypted) Browsing
In light of all the “omg, people can hack into my Facebook/Twitter account now” rubbish that’s been headlining around the world in the last week, I faced a similar situation, in constantly being prompted to allow access through a firewall, … Continue reading
October 26, 2010
by Ashley Knowles
0 comments
iPhone Lock Screen Security Flaw
wired.com posted an article moments ago with a funny little flaw, allowing you to bypass the “lock code” configured on an iPhone. The discovery by some Brazilian dude (read the article here – www.wired.com/threatlevel/2010/10/iphone-snoop/), notes the following procedure: 1. Press … Continue reading
October 13, 2010
by Ashley Knowles
0 comments
Better TCPViewer
I needed to show all the connections on a virus infected machine a while ago, and being a Microsoft tech, I normally used the Sysinternals TCPViewer tool to do this… However, TCPViewer is a bit limited. I mean, I’m trying … Continue reading
October 8, 2010
by Ashley Knowles
0 comments
Forefront TMG Stuff
www.isascripts.org/ – a bunch of handy scripts by a security consultant named Jason Fossen Microsoft tools for TMG 2010 - www.microsoft.com/downloads/en/details.aspx?FamilyID=8809cfda-2ee1-4e67-b993-6f9a20e08607&displaylang=en Technet Doco for TMG 2010 – technet.microsoft.com/en-us/library/ff355324.aspx Jim Harrison’s list of tools for TMG2010 - www.isatools.org/tools.asp?Context=TMG2010 Microsoft ISA Blog – blogs.technet.com/b/isablog/
October 8, 2010
by Ashley Knowles
0 comments
TODO: Webmin Virtual Host Configuration
I’m using Webmin for “basic” administration of a few webservers I run. Admittedly, most of the configuration I do with Webmin is simple zone file edits and editing virtual host directives, by editing the configuration files directly, using the web … Continue reading
July 1, 2010
by Ashley Knowles
0 comments
HTTP Referrer Spam
My web stats for one of my larger websites is full of referrers which look to be spam… Today’s brief stats below shows the highest referral counts coming from a page titled “how to open an offshore company”… Cause I … Continue reading