David LeBlanc

David
LeBlanc

David LeBlanc is a senior technologist for Microsoft's network security group and is a member of Mitre's Common Vulnerabilities and Exposures editorial board. He has more than five years of Windows NT experience.

Articles
Network Security Auditing - 02 Jul 2001
The most important factor in your overall network security is how well you manage the network. Even well-built, well-managed systems, however, are vulnerable to ever-new security risks, so running one or more network security auditing tools is essential.
Restricting Processes
David LeBlanc shares some code to help you control the access levels that a process uses in Windows 2000.
Detecting Alternate Data Streams
Alternate data streams occasionally crop up as security concerns because an attacker might use these streams to hide files. Find out how you can track down these data streams so that you can protect your systems.
Understanding Process Tokens
Learn how process tokens work, and find out about a piece of code that can expose the information within these tokens to help you debug your code.
Defeating Denial of Service – CPU Starvation Attacks
This week, David tells you how to protect yourself from CPU starvation attacks, where an attacker leverages your mistakes to cause your system to consume all available processing resources.
Defeating Denial of Service Attacks
Learn how attackers attempt to starve the resources associated with your application and how to protect yourself from these types of Denial of Service attacks.
Structured Exception Handling and Security 2
Learn how to use the structured exception handling (SEH) function that comes with the Win32 API to let C code handle errors in your application in much the same way that C++ handles exceptions.
Setting Security, Part 2
In Part 2 of his series on Setting Security, David LeBlanc presents an application you can use to initialize the discretionary access control list on a Registry key to give Administrators full control, making your applications more secure.
Setting Security
If your information is the least bit sensitive, inherited security permissions typically won’t be appropriate for your needs. Learn how to create and apply an ACL to protect your sensitive data.
Controlling Socket Connections 2
When you're dealing with sockets and other network connections, you want to be selective about which hosts you accept connections from.
Secure Services
Securing services is important to overall network security. Programmers need to be aware of the user context that a service will use and be careful when deciding which choice is right for each service.
Bind Basics 1

In Windows NT, the system typically assigns network-based TCP/IP services to a well-known port, in accordance with Request for Comments (RFC) 1700. POP3 servers, the topic of this continuing series of articles, run on TCP port 110. The first step in getting your mail server to answer requests on that port is to bind the socket.

Parsing POP

In my last column, "Writing a Secure POP3 Server," I talked about protecting your POP3 mail server from attacks, and I identified some of the potential threats that you need to guard against. As I explained, the two main areas of concern when handling user input to your POP3 server are improperly formed commands and handling general network errors.

Writing a Secure POP3 Server 5

By now, most users are probably familiar with POP3, a simple post office protocol for retrieving email from a mail server, often over the Internet. But how do you protect your POP3 server against attacks? For starters, you need to consider the various security issues involved in creating a POP3 server. Part of writing secure code is designing secure code and considering security issues before you start. I can't reiterate enough the importance of proper design.

Overflowing Buffers

We’ve all heard of exploitable buffer overruns—programming errors that let people write programs full of strange strings that cause your application to suddenly do anything an attacker wants. This simple vulnerability accounts for most exploitable security issues, and even though security experts have known about this problem for a long time, new instances crop up all the time. Errors in handling strings account for most of the problem, though not all of the time. (For more information about string handling, see my previous article, "Avoiding Buffer Overruns with String Safety

NEW: John Savill's Microsoft Azure Master Class

A new Master Class with John Savill! Get 12 hours of detailed instruction covering that will make you the Master of Microsoft's Public Cloud!

During this training attendees will learn:

* How and when to use Azure
* How to integrate Azure with existing infrastructure including networking and Active Directory
* How to Implement single pane of glass management for a complete hybrid environment

Thursdays, July 24th through August 14th
 

Upcoming Conferences

Register now to get the best rates available!

Windows Forums

The Windows IT Pro forums are moving to myITforum.com! Get answers to questions, share tips, and engage with the IT professional community.

Sponsored Introduction Continue on to (or wait seconds) ×