Roger Grimes


Roger A. Grimes is a security consultant. He is a CPA, a CISSP, a CEH, a CHFI, a TICSA, and an MCSE: Security.

Laying a Malware Trap
If you want to catch that latest virus that's going around (to learn more about it), here are four methods you can use: port listeners, tarpits, honeypots, and virtual machines.
Taking It to the Worm
: A counterattack script was used by some administrators to try to stop the onslaught of the MSBlaster worm.
Keeping Your Business Safe from Attack: Passwords and Permissions
Keeping Your Business Safe From Attack: Passwords and Permissions is a prescriptive guide on implementing security best practices in a Windows network environment. The eBook details password and permission security at the host level.
Prevent Password Cracking
Attackers are out to get your passwords using the latest password cracking technology and tools. Here are 10 things you can do to prevent password cracking.
Types of Password Attacks 1
Learn how to protect your Windows logon passwords from password cracking. Check out the commonly used types of password attacks and use them to audit your password security.
Navigating the File System Permission Jungle 4
Windows' object-access control mechanism is so granular that it can be hard to work with. Here's a guide for cutting through the complexity and properly securing folders and files.
10 Steps to Lock Down Desktops 3
Contrary to popular opinion, Windows is a secure OS. The rub? You have to make it secure, rather than rely on the default settings.
Using EFS with Offline Files 1
Microsoft has merged the Encrypting Files System and Offline Files features to secure your offline files.
Take a Closer Look at EFS 2
Contrary to popular opinion, EFS is a reliable, easy-to-use, and secure encryption solution. Here are the basics of this oft-maligned solution.
Hardening IIS 6.0 5
Follow Microsoft guidelines to establish a secure Web server on a Windows 2003 and IIS 6.0 platform.
Per-User Auditing - 28 Jun 2005
New in Windows Server 2003 SP1 and Windows XP SP2, you can fine-tune event logging by including or excluding a particular security principal from audit categories.
Scrutinizing Windows Authentication 2
Do you give much thought to how Windows authentication works? You should. Here's a look at the basics, including an examination of the related protocols.
Scourge of the Spambots
Learn what spambots are, how they pose a threat to your environment, and how you can combat them.
Port-Enumeration Tools
In your efforts to track spambots, you need to use port enumeration. Here are some resources for further learning.
6 Network Protocol Analyzers 8
If you manage a network, you need a protocol analyzer to tell you what protocols and data are traveling over your network connections. We review 6 strong contenders among software-based network protocol analyzers.
Microsoft Stack Master Class

Master-Level Microsoft Stack Class with John Savill
Online Class: Thursdays Oct. 12th-Dec. 21st
30 Hours of Training for $995!

Understand the complete Microsoft solution stack, how the products work together, and how to implement and maintain for a total datacenter and desktop solution. This course covers the latest technology updates including Windows Server 2016 and Windows 10 and will enable the new capabilities to be leveraged in your organization.


Join the Conversation

Sponsored Introduction Continue on to (or wait seconds) ×