David LeBlanc


David LeBlanc is a senior technologist for Microsoft's network security group and is a member of Mitre's Common Vulnerabilities and Exposures editorial board. He has more than five years of Windows NT experience.

Network Security Auditing - 02 Jul 2001
The most important factor in your overall network security is how well you manage the network. Even well-built, well-managed systems, however, are vulnerable to ever-new security risks, so running one or more network security auditing tools is essential.
Restricting Processes
David LeBlanc shares some code to help you control the access levels that a process uses in Windows 2000.
Detecting Alternate Data Streams
Alternate data streams occasionally crop up as security concerns because an attacker might use these streams to hide files. Find out how you can track down these data streams so that you can protect your systems.
Understanding Process Tokens
Learn how process tokens work, and find out about a piece of code that can expose the information within these tokens to help you debug your code.
Defeating Denial of Service – CPU Starvation Attacks
This week, David tells you how to protect yourself from CPU starvation attacks, where an attacker leverages your mistakes to cause your system to consume all available processing resources.
Defeating Denial of Service Attacks
Learn how attackers attempt to starve the resources associated with your application and how to protect yourself from these types of Denial of Service attacks.
Structured Exception Handling and Security 2
Learn how to use the structured exception handling (SEH) function that comes with the Win32 API to let C code handle errors in your application in much the same way that C++ handles exceptions.
Setting Security, Part 2
In Part 2 of his series on Setting Security, David LeBlanc presents an application you can use to initialize the discretionary access control list on a Registry key to give Administrators full control, making your applications more secure.
Setting Security
If your information is the least bit sensitive, inherited security permissions typically won’t be appropriate for your needs. Learn how to create and apply an ACL to protect your sensitive data.
Controlling Socket Connections 2
When you're dealing with sockets and other network connections, you want to be selective about which hosts you accept connections from.
Secure Services
Securing services is important to overall network security. Programmers need to be aware of the user context that a service will use and be careful when deciding which choice is right for each service.
Bind Basics 1

In Windows NT, the system typically assigns network-based TCP/IP services to a well-known port, in accordance with Request for Comments (RFC) 1700. POP3 servers, the topic of this continuing series of articles, run on TCP port 110. The first step in getting your mail server to answer requests on that port is to bind the socket.

Parsing POP

In my last column, "Writing a Secure POP3 Server," I talked about protecting your POP3 mail server from attacks, and I identified some of the potential threats that you need to guard against. As I explained, the two main areas of concern when handling user input to your POP3 server are improperly formed commands and handling general network errors.

Writing a Secure POP3 Server 5

By now, most users are probably familiar with POP3, a simple post office protocol for retrieving email from a mail server, often over the Internet. But how do you protect your POP3 server against attacks? For starters, you need to consider the various security issues involved in creating a POP3 server. Part of writing secure code is designing secure code and considering security issues before you start. I can't reiterate enough the importance of proper design.

Overflowing Buffers

We’ve all heard of exploitable buffer overruns—programming errors that let people write programs full of strange strings that cause your application to suddenly do anything an attacker wants. This simple vulnerability accounts for most exploitable security issues, and even though security experts have known about this problem for a long time, new instances crop up all the time. Errors in handling strings account for most of the problem, though not all of the time. (For more information about string handling, see my previous article, "Avoiding Buffer Overruns with String Safety

Microsoft Stack Master Class

Master-Level Microsoft Stack Class with John Savill
Online Class: Thursdays Oct. 12th-Dec. 21st
30 Hours of Training for $995!

Understand the complete Microsoft solution stack, how the products work together, and how to implement and maintain for a total datacenter and desktop solution. This course covers the latest technology updates including Windows Server 2016 and Windows 10 and will enable the new capabilities to be leveraged in your organization.


Join the Conversation

Sponsored Introduction Continue on to (or wait seconds) ×