Neil Carpenter's Blog
Forefront products, WSUS, Security Incident Response, and whatever else comes up.
Heading home from the CSS Security Global Summit on Friday, I got stuck in Cincinnati’s airport....
Date: 11/23/2009
or Why I Keep Harping On Blacklisting Summary: An incident reveals attempts to get around...
Date: 10/31/2008
Occasionally, I see a security incident where one of the things that went wrong was that all of the...
Date: 10/22/2008
I might be the last person to know this but one of my favorite internal Microsoft tools is now...
Date: 08/12/2008
I just sent a piece of e-mail to my team about input validation and SQL injection and it occurred to...
Date: 08/07/2008
Sometimes, working in support, you come across a best practice or a bit of knowledge that is...
Date: 07/11/2008
I upgraded my iPhone to the 2.0 firmware today and I've been playing with the app store all day....
Date: 07/10/2008
While investigating an issue where mail was queuing in the Exchange Information Store, we discovered...
Date: 07/09/2008
I’ve had an unconfirmed report that the SQL Storm attacks are now also affecting ASP.Net...
Date: 06/04/2008
I've been working with the SWI team to write a comprehensive overview of the SQL Storm attacks with...
Date: 05/30/2008
My colleague Greg, who has forgotten more about command line scripting than I will ever know, put...
Date: 05/27/2008
(Part 1 is here) Previously, I provided a simple example of using parameterized queries in classic...
Date: 05/23/2008
Michael Howard wrote an excellent article yesterday on how the SDL addresses SQL injection. He walks...
Date: 05/21/2008
Kumar comments here and I think he has some questions/concerns that are worth addressing. I'm...
Date: 04/07/2008
It looks like another wave of the mass SQL injection I talked about last month is going on. ...
Date: 04/04/2008
The good news is that, whatever else might happen, these guys won't get pwned by SQL injection....
Date: 03/20/2008
Intro It would appear that the incident I wrote about yesterday is still ongoing. I've been using a...
Date: 03/15/2008
A number of people are reporting that 10K+ websites have been hacked via a SQL injection attack that...
Date: 03/14/2008
LogParser is one of my absolute favorite tools, particularly for doing incident response. I use it a...
Date: 08/15/2007
I have a large collection of music, all of which is (finally) in iTunes. I'd like to rate all of it...
Date: 08/15/2007
After investigating an ARP spoofing incident recently, I started thinking of how we could easily...
Date: 07/05/2007
I commute about 90 minutes a day, total, on an average day. I spend most of the commute listening to...
Date: 07/05/2007
I recently worked on an interesting incident response with several of my colleagues. The problem, as...
Date: 06/28/2007
I started blogging on MSDN back in 2004 with the best of intentions. I was working with the...
Date: 06/27/2007
I finally lost my patience with my old mobile provider last week & decided it was time for a...
Date: 10/28/2004
I've been working a lot with file sharing performance, and I'm trying to write a few essays on those...
Date: 10/26/2004
I often have customers who ask me to wrestle with the performance of SMB (otherwise known as CIFS)...
Date: 10/26/2004
There generally isn't a single correct way to figure out the optimal TCP window for an interface...
Date: 10/26/2004
My favorite cartoonist wrote something that started me thinking... “All products are...
Date: 06/02/2004
With the full version of Netmon, it's relatively easy to find retransmitted packets with the expert;...
Date: 06/02/2004
These postings are provided "AS IS" with no warranties, and confers no rights. The content of this...
Date: 06/02/2004
Posted on my favorite network sniffing tools.
Date: 06/01/2004
Intro Network sniffing is a major part of my life -- I've probably pored over, on average, a trace a...
Date: 06/01/2004
I've quite frequently run into situations where I've been asked to diagnose packet loss based only...
Date: 06/01/2004
I recently realized that I spend a lot of time writing about things that I know only a little about...
Date: 06/01/2004