Microsoft: July 2006 Archives

That Just Hurts

Reviewing my RSS feeds this morning, I see that Jesper Johansson has announced his resignation from Microsoft. He is going to a security position at Amazon.

Jesper has been a primary source for me in determining the best way to secure my Windows network. The book "Protect Your Windows Network From Perimeter to Data" by Jesper and Steve Riley is the first thing I turn to, followed by Microsoft's Windows 2003 Security Guide (which he had a hand in), and then I look at Steve Fossen's SANS course material.

Microsoft is losing a great resource. Although I've never even met Jesper, I feel like i"m losing a valued colleague.

By Roger on July 29, 2006 12:35 PM | | Comments (0) | TrackBacks (0)

Disabling the LAN Manager Hash Value

We finally got around to disabling the LAN Man Hash value on our domain controller.

As Jesper Johansson and Steve Riley say in Protect your Windows Network,

Ideally this setting will never have any direct impact on security because if it does it means your domain controller has been hacked; but just in case, we recommend disabling storage of LM hashes. In most cases, the primary benefit of this setting is that it breaks compatibility with Windows 9x

We've had it disabled in the test domain since I posted in March. I'm still nervous about whether or not this will break anything. Anything that does break, wont be discovered until the next time the user changes their password. That is because the LM hashes aren't dropped from the table when this setting is enabled. It is only dropped at next password change.

By Roger on July 21, 2006 11:40 AM | | Comments (0) | TrackBacks (0)

Microsoft Purchases Wininternals/Sysinternals

I see in Mark's Sysinternals blog that they've been bought by Microsoft.

Congratulations to Mark and thanks for the great tools. Best of luck at Microsoft.

By Roger on July 18, 2006 12:59 PM | | Comments (0) | TrackBacks (0)
« Microsoft: June 2006 | Main Index | Archives | Microsoft: August 2006 »

Search