Alexander's Blog
 ISA Server
 Tech News

 Training is a resource for technical training, including information related to Microsoft products, courses, certifications, links to technical articles, books, downloads, Q&As, how-to articles, tutorials, FAQs, tips & tricks, security, technical blogs, and more.

 in other languages.



Exchange/Messaging Security
Forefront Threat Management Gateway (formerly ISA Server)
Internet Explorer Security
ISA Server Security
Network Access Protection
Security Certifications
Security Holes
Security Tools
SQL Server Security
Whitepapers and Articles
Windows 2000
Windows 2003
Windows 2008
Windows Security Updates

Windows Vista
Windows XP


Anti-Spyware for Macs
MacScan (currently in beta) is the world's first remote administration software detection title for the Macintosh. Using advanced detection methods MacScan can detect, isolate and remove the program which could allow remote administration and violate security.

AntiVirus information for Macs
Information about Macintosh AntiVirus, Virus, Hoaxes, Trojan, Pranks and malicious programs.

Apple Mac OS X v10.3.x "Panther" Security Configuration Guide from NSA (PDF)
A security guide recommended by National Security Agency for the Mac OS X client operating system.

Apple Mac OS X Server v10.3.x "Panther" Security Configuration Guide from NSA (PDF)
A security guide recommended by National Security Agency for the Mac OS X Server operating system.

Go back to top

Exchange/Messaging Security

Configuration and security update recommendations for Exchange 2000
Find the information you need to maximize the performance of Exchange 2000 and keep your Exchange information secure.

Exchange Server 2003 security hardening guide
This guide is designed to provide you with essential information about how to harden your Exchange Server 2003 environment. In addition to practical, hands-on configuration recommendations, this guide includes strategies for combating spam, viruses, and other external threats to your Exchange 2003 messaging system.

Outlook 2000 and later is not compatible with Exchange 2000 Server
Find out why Microsoft recommends that you do not install Outlook 2000 or later on the same computer that runs Exchange 2000.

Security operations guide for Exchange 2000 Server
This guide delivers procedures and best practices for system administrators to create and maintain a secure environment on servers running Exchange 2000 with a focus on two specific server roles: OWA front-end servers and back-end servers.

Go back to top

Forefront Threat Management Gateway (formerly ISA Server 2006)

Download the software here.

Internet Information Service (IIS) Security

IIS lockdown tool
IIS Lockdown Wizard works by turning off unnecessary features thereby reducing attack surface available to attackers.

URLScan security tool
Microsoft has released an updated version of the URLScan tool version 2.0 which has a few additional features over the previous version. The URLScan tool has now been integrated with the IIS Lockdown Wizard to provide a one stop solution and defense in depth, or multiple layers of security.

Go back to top

Internet Explorer Security

Increase your browsing and e-mail safety
Malicious hackers and virus writers can take advantage of low security settings in your e-mail and Web browsing software to infect your computer. By increasing your security settings in Microsoft Internet Explorer, Microsoft Outlook, and Microsoft Outlook Express, you can help limit your chances of being attacked.

Internet Explorer security zones registry entries
This document describes how and where Internet Explorer security zones and privacy settings are stored and managed in the registry. You can use Group Policy or the Internet Explorer Administration Kit (IEAK) to set security zones and privacy settings.

ISA Server Security

ISA Server security, tools, and downloads
Information on security, third-party tools, the latest service packs, and downloads for the ISA Server.

Go back to top


Knowledge Base Articles on EFS
Dozens of Microsoft Knowledge Base articles on Encrypting File System.

Microsoft Online Crash Analysis
Microsoft Error Reporting asks users to send error report data to Microsoft via the Internet. This Web page explains the nature of the data, why it is collected, and what is done with it.

Microsoft's Security Guidance Center
Get the technical guidance, tools, training, and updates you need to assist you in planning and managing a security strategy that's just right for your organization.

Hotfix and security bulletin service
Monitor on a daily basis security bulletins issued by the Microsoft Security Response Center.

SANS/FBI top 20 security vulnerabilities
SANS/FBI Top Twenty is actually two Top Ten lists: the ten most commonly exploited vulnerable services in Windows, and the ten most commonly exploited vulnerable services in Unix.

The Ten Immutable Laws of Security
These are rules you should keep in mind about network security in general.

Go back to top

Network Access Protection

Introduction to Network Access Protection
Network Access Protection (NAP) provides a new architecture to isolate connecting computers until their health can be verified. Network Access Protection includes a client and server architecture. Administrators can configure DHCP Quarantine, VPN Quarantine, or both, depending on their network needs.

Network Access Protection Platform
NAP for Windows Server 2003 is a new set of operating system components that provides a platform for protected access to private networks. The NAP platform provides an integrated way of detecting the state of a network client that is attempting to connect to a network and isolating that network client until the health requirements for connecting to the network have been met.

Network Access Protection FAQs
Find quick answers to frequently asked questions about Network Access Protection.

Security Certifications

CompTIA Security+ certification
The CompTIA Security+ vendor-neutral certification exam is the worldwide standard of competency for foundation-level security practitioners. The exam is available as of December 26, 2002.

MCSA: Security on Microsoft Windows 2000
This certification identifies systems administrators who specialize in implementing and administering security on the Microsoft platform and as part of a secure computing environment.

MCSE: Security on Microsoft Windows 2000
This certification identifies systems engineers who specialize in designing, planning, and implementing security on the Microsoft platform and as part of a secure computing environment.

MCSA: Security on Microsoft Windows 2003
MCSA: Security candidates on the Microsoft Windows Server 2003 track are required to pass three core exams and two security specialization exams.

MCSE: Security on Microsoft Windows 2003
MCSE: Security candidates on the Microsoft Windows Server 2003 track are required to pass five core exams and three security specialization exams.

Go back to top

Security Holes

Delete arbitrary files in Windows XP
By using the "hcp:" protocol, it's possible to launch an attack that can delete files on your hard drive. The patch should be available in Windows XP SP1.

Phishing Expedition
A flaw in Internet Explorer makes it easy for scammers to create fake Web sites that look like real ones. They can steal information from Web users by using this phishing technique.

Internet Explorer back button exploit
This exploit allows Web site operators to execute code on your computer without your permission. Computers running Windows XP SP1 and Windows Server 2003 are protected. Microsoft was first informed of this bug in November 2001 by Andreas Sandblad. After 27 months Microsoft finally fixed this exploit on February 9, 2004. Click here for a patch.

Internet Explorer stench
By coaxing IE users to view a Web page containing the special code, an attacker can silently force Windows 98, Windows 2000, or Windows XP users to run a malicious program of the attacker's choice. The security group has created a harmless demonstration of the flaw which downloads and runs an executable program that fills the victim's computer screen with flames. Check out the link below.

Wanna see your computer on flames?
The security group,, has created a harmless demonstration of the flaw (
Internet Explorer stench) which downloads and runs an executable program that fills the victim's computer screen with flames. Depending on your operating system, try one of these harmless demos. For details, click here.

1. Windows 2000:
2. Windows XP:
3. Windows 98:

Microsoft Passport

Microsoft Passport to trouble
Microsoft is attempting to position their Passport single sign on authentication service as the one single identity that an Internet user should need to perform all their online activities. This article discusses some of the security risks related to Passport technology.

Stealing MS Passport's wallet
The bug in Passport discovered by a software developer in Redmond, Washington.

Passport flaw threatens users' account
A serious security flaw in Microsoft's Passport service put users' accounts, including their personal information and credit card numbers, at risk of being hijacked.

Go back to top

Security Tools

Warning! Due to a large number of rogue anti-spyware products, we have removed the links to free anti-spyware auditing tools from our Web site. We recommend you use products from only reputable companies, such as Microsoft Security Essentials. For a massive list of "rogue/suspect" anti-spyware products, click here.

Free auditing of spyware software

See the above warning.

Free security checks

Gibson Research Corporation
Shields Up checks the security of your computer's connection to the Internet and it's free. You can also have your computer ports examined for security holes.

Pop-Up Blocker Tests
These popup blocker tests include a variety of checks that use uncommon methods to open popup windows. You an even check your popup blocker capacity score.

Secunia Online Software Inspector
The FREE tool will inspect your operating system and software for insecure versions and missing security updates. A default inspection normally lasts 5-40 seconds, while a thorough inspection may take several minutes.

Security Assessment Tool by NIST
The eScan Security Assessment Tool was developed by National Institute of Standards and Technology for use by small businesses.

Symantec Security Check is a free service designed to help you understand your computer's exposure to online security intrusions and virus threats. Scan for security risks, viruses, or trace a potential attack.

Free virus removal tools

AntiVir PersonalEdition Classic
This free anti-virus works on 32-bit Windows Vista. It also works on Windows XP/2000, Linux, FeeBSD, and Solaris. It includes an ad from the vendor that pops up once a day (24 hours from the time of installation) that requires you to click OK.

avast! Free Anti-Virus for Home Use
This free anti-virus home edition works on Windows 95/98/XP/2000/Vista.

Free online virus scan
Latest BitDefender virus detection technology - free and accessible from anywhere in the world through an Internet browser.

Free virus removal tools from Symantec
Symantec Security Response has developed these free tools to automatically conduct what would often amount to extensive and tedious manual removal tasks. If your system has become infected with a virus, these tools should aid you in repairing the damage.

Free virus removal tools from BitDefender
Remove viruses from your computer using these free tools from BitDefender. You can even scan for viruses online.

Microsoft Security Essentials
The is a free download from Microsoft that provides real-time protection for your home PC against viruses, spyware, and other malicious software.

Free anti-spyware tools

Pull the plug on "spyware" with this small, free tool. The utility scans your system, including removable drives, for the most common advertising spyware and safely removes the offenders.

AVG Anti-Spyware
AVG Anti-Spyware Free is a free anti-spyware protection tool for home use.

Microsoft Security Essentials
The is a free download from Microsoft that provides real-time protection for your home PC against viruses, spyware, and other malicious software.

Spyware, adware, browser hijackers, and dialers are some of the fastest-growing threats on the Internet today. By simply browsing to a Web page, you could find your computer to be the brand-new host of one of these unwanted fiends.

A real-time protection solution against spyware - detect browser hijacking attempts and more as they are happening.

Spybot - Search & Destroy
A free tool that protects your PC from spyware. This utility received PC Magazine's Editors' Choice Award. Click here for tips on configuring Spybot and learn how to remove the 5 DSO Exploits that Spybot keeps on reporting.

Spy Sweeper
Spyware programs can record your every move - gathering personal information about you; which Web sites you visit, which ads you click on, the duration of your visits, your name, age, gender, credit card numbers, passwords, email addresses, online buying habits and more. Use this free software to get rid of adware and spyware.

Windows Defender
Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.

Free anti-Trojan tools

Trojan horses are a huge security threat. A Trojan is a program that enters your computer undetected, giving the attacker who planted the Trojan unrestricted access to the data stored on your computer. Trojans can transmit credit card information and other confidential data in the background. Trojans are often not caught by virus scanning engines, because these are focused on viruses, not Trojans.

Go back to top

This free tool developed by Errata Security helps control some of the ActiveX controls used by third-party applications, such as Adobe Reader, Flash, Java, iTunes, QuickTime, etc.

BitLocker Drive Preparation Tool
BitLocker Drive Preparation Tool configures the hard disk drives in your computer properly to support enabling BitLocker.

BitLocker Recovery Password Viewer for ADUC Tool
This tool helps to locate BitLocker Drive Encryption recovery passwords for Windows Vista- or Windows Server 2008- based computers in Active Directory Domain Services (AD DS).

BitLocker Repair Tool
The BitLocker Repair Tool can assist administrators in recovering data from a corrupted or damaged disk volume that was encrypted with BitLocker.

Run this tool to find and reset your CMOS password. This edition works with the following BIOS sets: AMI, Award 4.5x, Compaq, DELL, IBM, Packard Bell, and Phoenix. This utility works on DOS, Windows 3.x, and Windows 95.

Deleted File Analysis Utility
Deleted an important file? Find out what accidentally deleted files you can get back. This freeware can directly view your hard drive partition and list all deleted files that have not yet been completely overwritten. Runs on Windows NT/2000/Windows XP.

Forefront Security for SharePoint
Forefront Security for SharePoint with Service Pack 2 helps business protect their Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 collaboration environments by eliminating documents containing malicious code, confidential information, and inappropriate content.

Hacme Bankô
Hacme Bankô is a free tool from Foundstone, Inc. and is designed to teach application developers, programmers, architects and security professionals how to create secure software. Hacme Bank simulates a "real-world" online banking application, which was built with a number of known and common vulnerabilities such as SQL injection and cross-site scripting. This allows users to attempt real exploits against a web application and thus learn the specifics of the issue and how best to fix it. Also check out Hacme Bank user and solution guide in PDF format.

Honeywall CDROM
This free version of the Honeywall CDROM is a beta release. This version is designed primarily for standalone honeynets. The Honeywall CDROM combines all the tools and requirements of a GenII honeynet gateway on a (hopefully) easy to use, secure, bootable CDROM. The intent is to make honeynets easier to deploy and customize. You simply boot off the CDROM, configure it based on your environment, and you should have a Honeywall gateway ready to go.

Free virus scanner that works on Windows 9x/NT/2000/XP with Internet Explorer 4.0 or later. Macintosh and Netscape browsers are not supported.

Malware Removal Starter Kit
The Malware Removal Starter Kit provides tested guidance to help IT Generalists combat malware attacks against small- and medium-sized organizations. Using the Windows Pre-installation Environment (Windows PE) in combination with free anti-malware scanning programs, the kit provides a low-cost, effective strategy that you can use to vanquish malware attacks.

Microsoft Baseline Security Analyzer (MBSA)
MBSA is a standalone application that scans Windows NT/2000/XP systems for common security misconfigurations. MBSA can scan local and remote machines, as well as both Windows servers and workstations.

Microsoft Security Assessment Tool
This application is designed to help organizations with fewer than 1,000 employees assess weaknesses in their current IT security environment.

Network security hotfix checker
HFNetChk is a command-line tool that enables an administrator to check the patch status of all the machines in a network from a central location. The tool does this by referring to an XML database that's constantly updated by Microsoft.

Open SSH for Windows
A free package that installs a minimal OpenSSH server and client utilities in the Cygwin package without needing the full Cygwin installation. This package provides full SSH/SCP/SFTP support. SSH terminal support provides a familiar Windows Command prompt, while retaining Unix/Cygwin-style paths for SCP and SFTP.

MyCrypto application (1.69MB)
Curious as to what the encryption and hashing algorithms will yield? Check out this simple application that will demonstrate the results on the fly.

PREDATOR is a free utility that can lock your laptop (or desktop), while you are running your Window session. It uses a USB flash drive as an access control device. It even works on Windows Server 2003/2008. You can read a review of this product here.

Go back to top

QChain - install multiple hotfixes with 1 reboot
A command-line tool that gives system administrators the ability to safely chain hotfixes together.

Qwik-Fix provides another layer of essential security by closing off the pathways that worms and viruses use to penetrate your PC.. It does not affect any of your virus programs, firewall or other programs.

Retina Wireless Scanner
The Retina WiFi Scanner (Windows) is a comprehensive wireless detection tool that incorporates Retina Network Security Scanner technology to discover all active wireless devices and connections on a company network. Installed on a Windows laptop or desktop PC, Retina WiFi enables security and IT professionals to detect wireless access devices, scan for service and generate detailed reports on their wireless security.

Scan your event logs
Check for high security events happening on your machine, such as users logging on to your machine, accesses to important files on your machine, failed logon attempts, security policy changes to your machine, and more!

The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. Secure delete applications overwrite a deleted file's on-disk data using techniques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. SDelete works on Windows 95, 98, NT 4.0 and Win2K.

Security patch scanner
Here's an updated version (1.00.0257) of the KB 824146 scanning tool (KB824146scan.exe) from Microsoft. This tool can be used to identify computers on your networks that do not have the 823980 (MS03-026) and the 824146 (MS03-039) security patches installed. This tool replaces the KB 823980 scanning tool (KB823980scan.exe).

Windows Security Update CD
The Windows Security Update CD can be ordered from Microsoft free of charge. The CD includes Microsoft critical updates and information to help you protect your PC. The CD is only available for Windows XP/Me/2000/98/98SE.

ZoneAlarm Firewall
Every Internet user needs Internet access security. Security that can protect always-on DSL and cable modem connections. That's the kind of security you get with ZoneAlarm and ZoneAlarm Pro, the award-winning security products from Zone Labs.

Go back to top

SQL Server Security

SQL Server security checklist
A checklist of 30 security items that SQL administrators should know.

SQL Server 2000 security white paper
This document introduces SQL Server administrators and developers to the new security features of SQL Server 2000. In addition to outlining the new features, there is a detailed discussion about how to best implement security in a Win2K domain environment as well as source code examples.

SQL Server security model and security best practices
This article discusses the security model of Microsoft SQL Server 7.0/2000 and security best practices to help you secure your data.

Go back to top

Whitepapers and Articles

How secure is your password?
Don't torture your users by forcing them to use complex passwords (mixture of uppercase, lowercase, numbers and special characters). Learn how you can properly secure your passwords by disabling LAN Manager hash and use techniques that will allow you to configure your Windows Server 2003 for better password security.

Security Configuration Guides from NSA
National Security Agency has developed and distributed configuration guidance for a wide variety of software from open source to proprietary software. The objective of the configuration guidance program is to provide NSA's customers with the best possible security options in the most widely used products.

Security Risks and Locking Down Windows Endpoints
The Arellia solutions addresses some of the security concerns of open systems and the limitations in the
Windows platform. In addition, it can also help businesses meet certain corporation and industry
regulatory requirements.

Go back to top

Windows 2000

Best practice guide for securing A.D. installations
This guide will address the need of establishing a set of security recommendations for Active Directory, which can be applied to both new and existing Active Directory implementations.

How to use SysKey utility to secure Win2K SAM database
The Windows 2000 Security Accounts Management (SAM) database stores hashed copies of user passwords. This database is encrypted with a locally stored system key. To keep the SAM database secure, Windows 2000 requires that the password hashes are encrypted. You can use the SysKey utility to additionally secure the SAM database by moving the SAM database encryption key off the Windows 2000-based computer. Click here to learn how the SysKey encryption works so you can properly protect your systems.

Security Administration Operations Guide
This Security Administration guide is part of Windows 2000 Operations Guide. The Windows 2000 Operations Guide Series provides operational guidance for organizations that have deployed, or are considering deploying, Microsoft technologies in a data center or in other types of enterprise computing environments.

Security Operations Guide for Windows 2000 Server
This guide delivers procedures and best practices for system administrators to lock down their Windows 2000-based servers and maintain secure operations once they're up and running.

Windows 2000 recommended updates
Get the latest updates that Microsoft recommends for Windows 2000.

Windows 2000 tools and utilities
Download tools and utilities that help you manage and support Windows 2000.

Go back to top

Windows 2003

Account lockout and management tools download
Common security log event IDs
Implementing certificate templates in Win2003
Key archival and management in Win2003
Microsoft solutions for security glossary
PKI enhancements in WinXP Pro and Win2003
PKI operations guide
Security settings in Win2003 and WinXP Pro
Windows Server 2003 Security Guide

Go back to top

Windows 2008

TechNet Virtual Lab: Network Access Protection (NAP) with IPsec Enforcement

Go back to top

Windows Security Updates

Windows security bulletins
The security bulletins address newly discovered issues in Microsoft Windows each month. These updates are available for Windows NT/2000/XP/2003 operating systems.

Go back to top

Windows Vista

BitLocker Drive Encryption
How to Use BitLocker Recovery Password Viewer
Security features and improvements
Security in Windows Vista: setting a new standard
User Account Control
Windows Defender
Windows Vista security blog
Windows Vista Security Guide
Windows Vista security overview (video)

Go back to top

Windows XP

Best practices for EFS
Data protection and recovery in Windows XP
How to create a password reset disk in Windows XP
Windows XP Security Guide

Go back to top


Microsoft Solution for Securing Wireless LANs

Securing wireless LANs with certificate services

Using Wi-Fi safely: Encryption and other tips

WiFi security checklist

          Go back to top



About Us | Terms of Use | Privacy

Copyright ©2002-2015 All rights reserved. is a resource for technical training, including information related to Microsoft products, courses, certifications, links to technical articles, books, downloads, Q&As, how-to articles, tutorials, FAQs, tips & tricks, security, technical blogs, and more.


SeattlePro Enterprises! On-site IT training, mentored consulting, and authoring services.

SharePoint 2013 Best Practices by Zubair Alexander

SharePoint 2010 Best Practices by Zubair Alexander

Seattle IT Pro User Group