Monthly Archives: December 2004

EvenMonitor2 logs Windows Event Logs in realtime and can forward the Event entries to the following destinations: Console File SOAP Endpoint File output is XML. There are several sample XSLT stylesheets included to transform the output to HTML. New in … Continue reading →

That’s what i love about blogging – everybody finds his niche. A blog dedicated to Windows Auditing. Only 3 posts so far – hey eric, keep ’em coming, we love this topic!  

UPDATEthanks for the comments. i bug fixed and added the suggestions to the code. Weeks ago i promised to post my ASP.NET frontend for the LogParser tool, but I haven’t had the time to hunt down some bugs and finalize it. … Continue reading →

Another injection attack. As querying XML with XPath gets more widely adopted (e.g. the XML DataSource in .NET 2.0) this could become a serious problem. Just follow the best practices to mitigate all the other injection attacks (that is sanitize user … Continue reading →

A very detailed paper about configuring and troubleshooting kerberos delegation is available on Technet. recommended. UPDATEThis page is part of the ‘Kerberos Authentication Technology Center’ which in turn is part of the ‘Security Services in Windows 2003’. Wow. Lots of good … Continue reading →

UPDATEI double checked that with my favourite database guru bob beauchemin – looks good ;) Everybody knows SQL Injection. What still amazes most of the people at demos is a technique called “Blind Folded SQL Injection” (read more). With BFSI you start … Continue reading →

I recently did some work with WSE2 XML Messaging and KerberosToken. There were times where i just quickly needed the auto-generated WSDL of my SoapService (same as WSE2WSDL but without creating the proxy class)…this code was my friend: using System;using Microsoft.Web.Services2;using … Continue reading →

fredrik normen wrote a good summary of the new protected configuration feature in whidbey (plus some other interesting posts around asp.net 2.0)  

what bugged me since the first version of VS2005 i installed on my laptop (i think it’s plain beta 1 and i did not follow all this CTP madness), is the removal of the “hit any key to close window” … Continue reading →

Information Disclosure is the ‘I’ threat in the STRIDE Threat Model. Info Disclosure basically means that you give a user (and an attacker) more information about your system and infrastructure than needed. One of the oldest anti Info Disclosure measures … Continue reading →