David LeBlanc

David LeBlanc is a senior technologist for Microsoft's network security group and is a member of Mitre's Common Vulnerabilities and Exposures editorial board. He has more than five years of Windows NT experience.

Articles by David LeBlanc
Network Security Auditing - 02 Jul 2001
The most important factor in your overall network security is how well you manage the network. Even well-built, well-managed systems, however, are vulnerable to ever-new security risks, so running one or more network security auditing tools is essential.
Restricting Processes
David LeBlanc shares some code to help you control the access levels that a process uses in Windows 2000.
Detecting Alternate Data Streams
Alternate data streams occasionally crop up as security concerns because an attacker might use these streams to hide files. Find out how you can track down these data streams so that you can protect your systems.
Understanding Process Tokens
Learn how process tokens work, and find out about a piece of code that can expose the information within these tokens to help you debug your code.
Defeating Denial of Service – CPU Starvation Attacks
This week, David tells you how to protect yourself from CPU starvation attacks, where an attacker leverages your mistakes to cause your system to consume all available processing resources.
Defeating Denial of Service Attacks
Learn how attackers attempt to starve the resources associated with your application and how to protect yourself from these types of Denial of Service attacks.
Structured Exception Handling and Security 2
Learn how to use the structured exception handling (SEH) function that comes with the Win32 API to let C code handle errors in your application in much the same way that C++ handles exceptions.
Setting Security, Part 2
In Part 2 of his series on Setting Security, David LeBlanc presents an application you can use to initialize the discretionary access control list on a Registry key to give Administrators full control, making your applications more secure.
Setting Security
If your information is the least bit sensitive, inherited security permissions typically won’t be appropriate for your needs. Learn how to create and apply an ACL to protect your sensitive data.
Controlling Socket Connections 2
When you're dealing with sockets and other network connections, you want to be selective about which hosts you accept connections from.
Secure Services
Securing services is important to overall network security. Programmers need to be aware of the user context that a service will use and be careful when deciding which choice is right for each service.
Bind Basics 1

In Windows NT, the system typically assigns network-based TCP/IP services to a well-known port, in accordance with Request for Comments (RFC) 1700. POP3 servers, the topic of this continuing series of articles, run on TCP port 110. The first step in getting your mail server to answer requests on that port is to bind the socket.

Parsing POP

In my last column, "Writing a Secure POP3 Server," I talked about protecting your POP3 mail server from attacks, and I identified some of the potential threats that you need to guard against. As I explained, the two main areas of concern when handling user input to your POP3 server are improperly formed commands and handling general network errors.

Writing a Secure POP3 Server 5

By now, most users are probably familiar with POP3, a simple post office protocol for retrieving email from a mail server, often over the Internet. But how do you protect your POP3 server against attacks? For starters, you need to consider the various security issues involved in creating a POP3 server. Part of writing secure code is designing secure code and considering security issues before you start. I can't reiterate enough the importance of proper design.

Overflowing Buffers

We’ve all heard of exploitable buffer overruns—programming errors that let people write programs full of strange strings that cause your application to suddenly do anything an attacker wants. This simple vulnerability accounts for most exploitable security issues, and even though security experts have known about this problem for a long time, new instances crop up all the time. Errors in handling strings account for most of the problem, though not all of the time. (For more information about string handling, see my previous article, "Avoiding Buffer Overruns with String Safety

NEW: Microsoft Hyper-V Master Class with John Savill

A new Master Class with John Savill! Get 12 hours of detailed instruction covering all the key aspects of a Hyper-V based virtualization environment.

During this training attendees will learn how to:

-- Architect a Hyper-V based virtualization solution.
-- Migrate from physical and other virtualization environments.
-- Implement a private cloud solution.

Thursdays, April 17th through May 8th
 

Upcoming Training

Deploying Windows 7 and Windows 8.1 with System Center Configuration Manager 2012 R2

Tuesday, May 6th @ 11am, 1pm, 3pm ET

In a single day you will learn to deploy Windows 7 and Windows 8.1 using System Center Configuration Manager 2012 R2 and MDT 2013. Johan Arwidmark guides you through the entire build process. You will learn about reference images, deployment of images, drivers injection, adding updates and applications and a great deal of real-world tips and tricks.

Enroll by April 29th and SAVE 15%
View All Online Training

IT/Dev Connections

Register now to get the best rates available!

Current Issue

April 2014 - The architectural components related to Hyper-V networking in System Center Virtual Machine Manager 2012 R2 can be confusing. Walk through all the VMM networking architectural components and how to use them.

CURRENT ISSUE / ARCHIVE / SUBSCRIBE

Windows Forums

The Windows IT Pro forums are moving to myITforum.com! Get answers to questions, share tips, and engage with the IT professional community.

Sponsored Introduction Continue on to (or wait seconds) ×