Windows Administration

Blog Web Applications Web Technologies Windows Administration
SQL Injection Help .. Microsoft to the rescue with URLScan 3.0.
June 26, 2008
The number of SQL Injection attacks across the Internet continue to rise. I'm seeing regular posting on the SANS RSS feed related to SQL Injection and XSS these days and clients are finding that applications they thought were not vulnerable turn out to be vulnerable because of patches and custom mods they've had made to them.  For most site owners this meant going back to the developers and getting updates and this is generally costly and time consuming. Fortunately, Microsoft has stepped up Read more [...]
Blog Web Technologies Windows Administration
SQL Injection attacks continue, Is it Microsoft’s Fault?
April 28, 2008
My previous blog post attempted to explain SQL injection and why it's a problem.   It's started to get media coverage now and the media is looking for a target (scapegoat). So as is often the case, someone gets wrongly blamed and right now it's of course Microsoft. It's NOT Microsoft's fault. Here's what's happening, recently Microsoft announced a couple new vulnerabilities and one of these was for IIS.  At the same time there's a barrage of SQL Injection attacks being carried out Read more [...]
Blog Web Applications Web Technologies Windows Administration Windows Webhosting
SQL Injection attacks and what you can do
April 24, 2008
It's a shame but not many website owners or for that matter, web developers are familiar with what SQL Injection is and just why it's something they need to worry about.  I'm noticing through various forums, friends, etc an increased number of sites being exploited for Cross Site Scripting through SQL Injection.  Most blog readers are going to say "HUH? Cross Eyed Scripting? What Injection?" Here's what I'm talking about, a hacker will come to your website and use SQL injection to gain Read more [...]
Blog Windows Administration
Quick Tip: Running Windows Update to Detect New Updates from the CLI
April 23, 2008
If you want Windows Update to check for updates without firing up a browser you can do this via CLI: wuauclt.exe /detectnow If there are updates available after a couple minutes you'll see the little update notification in the system tray: Read more [...]
Blog Windows Administration Windows Webhosting
Tips on Configuring and Using Windows Firewall in your VPS and Dedicated Server
April 22, 2008
A question that's been coming up rather often lately is: "How do I configure the Windows Firewall on my Dedicated Server / VPS Server?" Not many people realize that in SP1 Windows 2003 got a software firewall feature added and even fewer are familiar with how to configure it correctly.  Because of this I wanted to provide a few tips on how to configure your Windows Firewall.  Please note that this is NOT the all encompassing tutorial on how to secure your server or how to use Windows Firewall Read more [...]