Larry Seltzer

With all the concern over Microsofts track at Black Hat youd think it was being held in Redmond, not Las Vegas. I wont be at Black Hat, although I wish I could. Its the most interesting and useful security show of the year, but I have other obligations. If I were there I would probably […]

Imagine your incoming e-mail volume suddenly leaping 360 times above normal. Its not spam, not strictly speaking. Its a misdirected bounce attack. Bounces used to be a good and useful thing. When you send an e-mail to an invalid address or make some other sort of error, you want to know that it didnt go […]

For several years, until the end of June, I self-hosted my e-mail. My ISP, atypically, offers static IP addresses, and I ran my own mail server and had several domains registered here. Its no surprise I got a lot of spam delivered here, especially through e-mail addresses published for years in articles Ive written. But […]

One of the most popular subjects readers contact me on is domain theft and abuse, and more messages came in after my recent story on “domain tasting.” If you thought that practice was distasteful, you havent seen what I found next. It involves a domain-testing firm. But thats not whats most interesting. It all started […]

Microsoft on July 18 announced that it has acquired Winternals Software, which provides security, recovery and management tools for enterprises as well as a respected collection of free Windows tools on the Sysinternals site. The privately held, Austin-based company makes tools that assist in the recovery of damaged systems and lost data. Its new Protection […]

There was a time, just a few years ago, when Internet Information Server was held in the same high esteem for security as, for example, Internet Explorer. Why did things change? This month Microsoft released a security advisory for a vulnerability in IIS. It caught my attention for two reasons: Its pretty minor, all things […]

I get e-mail every now and then from victims of domain theft. Ive written on the topic, and I suppose that when people find their domains gone they go Googling on the subject and find my articles. Unfortunately, theres no real good advice I can provide. Even when domain owners are relatively careful, they can […]

A good friend of mine used to be a business networking consultant in Philadelphia. One of the standard practices she defined for all of her clients was for backup, and especially for off-site backup. She would define the procedures and tell them what to do, not that they would necessarily do it. One day, it […]

The network perimeter at the typical enterprise is getting to be a crowded place. Youve got firewalls and VPN concentrators at the very outside. Youve got intrusion detection and prevention, virus scanners, e-mail security devices, and boxes to do network access control and content filtering. Of course you might have outsourced some services, such as […]

If youre going to run Windows on your computer, then at some level you have to trust Microsoft. This would seem to me to be a pretty basic and obvious point, but its lost on the folks who are suing Microsoft over the behavior of the Windows Genuine Advantage program. Theyre willing to run massive […]