Mitigation Experience Toolkit (EMET) from Microsoft

The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system.

Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the latest updates have been applied or who get attacked before an update is even available, the results can be devastating: malware, loss of PII, etc.

Security mitigation technologies are designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. EMET allows users to manage these technologies on their system and provides several unique benefits:

1. No source code needed: Until now, several of the available mitigations (such as Data Execution Prevention) have required for an application to be manually opted in and recompiled. EMET changes this by allowing a user to opt in applications without recompilation. This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.

2. Highly configurable: EMET provides a higher degree of granularity by allowing mitigations to be individually applied on a per process basis. There is no need to enable an entire product or suite of applications. This is helpful in situations where a process is not compatible with a particular mitigation technology. When that happens, a user can simply turn that mitigation off for that process.

3. Helps harden legacy applications: It’s not uncommon to have a hard dependency on old legacy software that cannot easily be rewritten and needs to be phased out slowly. Unfortunately, this can easily pose a security risk as legacy software is notorious for having security vulnerabilities. While the real solution to this is migrating away from the legacy software, EMET can help manage the risk while this is occurring by making it harder to hackers to exploit vulnerabilities in the legacy software.

4. Ease of use: The policy for system wide mitigations can be seen and configured with EMET's graphical user interface. There is no need to locate up and decipher registry keys or run platform dependent utilities. With EMET you can adjust setting with a single consistent interface regardless of the underlying platform.

5. Ongoing improvement: EMET is a living tool designed to be updated as new mitigation technologies become available. This provides a chance for users to try out and benefit from cutting edge mitigations. The release cycle for EMET is also not tied to any product. EMET updates can be made dynamically as soon as new mitigations are ready

The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use. The mitigations are also designed so that they can be easily updated as attackers start using new exploit techniques. Get EMET from MS

Google infrastructure is old and not up to the mark - Edge for MS and Yahoo?

A former Google engineer who worked on a library at the heart of "nearly every Java server at Google" has dubbed the company's much-ballyhooed backend software "well and truly obsolete".
In a blog post published earlier this week, Dhanji R. Prasanna announced that he had resigned from the company, and though he praised Google in many ways, he made a point of saying that the company's famously distributed back-end is behind the times.

"Here is something you may have heard but never quite believed before: Google's vaunted scalable software infrastructure is obsolete," he wrote. "Don't get me wrong, their hardware and datacenters are the best in the world, and as far as I know, nobody is close to matching it. But the software stack on top of it is 10 years old, aging and designed for building search engines and crawlers. And it is well and truly obsolete."

As a member of the Google Wave team, Prasanna helped build the search and indexing pipelines for the ill-fated effort to reinvent communication on the web, but he also worked on Guice, a library "at the heart of nearly every single Java server at Google".
Prasanna did not immediately respond to a request to discuss his post. But he goes on to describe Google's Protocol Buffers, BigTable distributed database, and MapReduce distributed number-crunching platform as "ancient, creaking dinosaurs", compared with outside open source projects like MessagePack, JSON, and Hadoop, which is based on the ideas behind Google's MapReduce and distributed file system.
Google has previously acknowledged some short comings with the likes of MapReduce. But Prasanna went so far that newer Google infrastructure projects such as Megastore as well as developer tools such as Google Web Toolkit and Closure were "sluggish, overengineered Leviathans" compared to projects like MongoDB and jQuery. He complained that Google's new projects are "designed by engineers in a vacuum, rather than by developers who have need of tools."
Google is secretive about its back-end software infrastructure. It has published research papers on platforms such as the Google File System, Google MapReduce, and BigTable, but it otherwise says very little about how these platforms are used within the company. And, yes, the platforms are closed source.
On the public mailing list for Google App Engine – an online service that lets you run your own applications atop Google's infrastructure – Google developer programs engineer Ikai Lan took issue with at least some of Prasanna's post.
"The bit about Hadoop, for instance, raised a lot of eyebrows amongst Googlers who have extensive use of both (new hires with a few years Hadoop experience)," he said. "I'd also disagree that we are not rebuilding things. In fact, Google has the opposite problem of other technology companies: instead of 'don't touch it, it works!', we err on the side of 'it can be better, we should improve it - mid flight!'"
Prasanna did not actually say that Google has failed to rebuild its platforms. At one point, he specifically mentioned Megastore, a real-time, high-replication layer built atop BigTable. But he did imply that efforts to rebuild at Google are slow.
"In the short time I've been outside Google I've created entire apps in Java in the space of a single workday," he said. "I've gotten prototypes off the ground, shown it to people, or deployed them with hardly any barriers." This, however, would seem to describe a switch from any large corporation.


Last year, in an interview with the Association for Computer Machinery (ACM), a Google engineer acknowledged that GFS was unsuited for low-latency, real-time applications like YouTube and Gmail, and he said that Google was working to build a new version of the file system.

Googler Matt Cutts later told The Register that this "GFS 2" was part of the company's new search infrastructure codenamed Caffeine.

Several months later, at the launch of Google's Instant search interface, Eisar Lipkovitz, a senior director of engineering at the company, told us that within the company, GFS 2 is known as Colossus and that it moves the company's search indexing system off of MapReduce and onto BigTable.
A few weeks later, Google published a paper on Colossus and a new distributed data processing system known as Percolator. But according to Lipkovitz, these platforms were built specifically for search and may or may not be applied to other Google services.
For year, database guru Mike Stonebraker has criticized MapReduce and GFS, and Lipkovitz told us that Google has made "similar observations". MapReduce, he told us, is not suited to calculations that need to occur in near realtime.
Google has also said that the single-master design of GFS is a major limitation. "A single point of failure may not have been a disaster for batch-oriented applications, but it was certainly unacceptable for latency-sensitive applications, such as video serving," said Google's Sean Quinlan in his interview with the ACM. Colossus does not have this limitation.
At the moment, the open source version of Hadoop is burdened with single points of failure. But Facebook is running a version that eliminates these limitations.
In a recent conversation with The Register, Dwight Merriman, the CEO of 10gen, the company that founded the open source MongoDB distributed database, argued that MongoDB is superior to BigTable because it uses a document-oriented data model rather than tabular model.
"Today, 95 per cent of the code we're writing is in an object-oriented language," he said. "We're to the point where object-oriented programming is ubiquitous enough, having a database that works well with that sort of thing is important."
He said that Megastore is an improvement on BigTable, but that it doesn't change the database's fundamental tabular setup, and he added that most of the improvements provided by Megastore are already a part of MongoDB.

MSE 2.0 Microsoft antivirus - The Best Free AV - Download NOW

Microsoft's next version of Security Essentials is actually a pretty great update from its already-great predecessor. Microsoft's option has always been adequate at finding new malware without definitions, but the addition of an heuristic engine bumps its power up quite a bit. It may be subject to a few more false positives, but you're much less likely to get hit with malware than ever before.

It also includes some Windows Firewall integration that lets you tweak the Firewall from inside Security Essentials, as well as a network inspection feature that can inspect traffic as you browse, which is pretty neat. All in all, if you're using Microsoft Security Essentials (and why wouldn't you be?), you'll want to grab this update. Hit the link below to manually download and install the update.

http://www.microsoft.com/security_essentials/default.aspx

http://erictric.com/2010/09/27/microsoft-to-move-30-million-windows-live-spaces-bloggers-to-wordpress-com/

Redmond, Washington-based Microsoft announced today at the TechCrunch Disrupt Conference in San Francisco, California that its 30 million Windows Live Spaces bloggers will be moved to WordPress.com over the next six months as part of a partnership with San Francisco, California-based Automattic — creator of the WordPress and WordPress.com blogging platforms.
Microsoft Director of Product Management for Windows Live Dharmesh Mehta indicated that instead of building or revamping its own blogging platform, the company has decided to embrace WordPress, which already offers several tools and features to its 26 million existing users.
Both Microsoft and Automattic have created a new migration tool that will make it easy for existing Windows Live Spaces users to transfer their content such as posts, comments, photos, and more to WordPress.com. In addition, new Windows Live Spaces registrants will be redirected to WordPress.com. Users also have the option to delete their existing Windows Live Spaces blog.
The two companies are making everything possible to make the transition as easy as possible.
To learn more about process, visit The Windows Blog or the official WordPress Weblog. Be sure to let us know how this will affect or inconvenience you.

Ballmer: “Linux is a cancer”

Microsoft CEO and incontinent over-stater of facts Steve Ballmer said that "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches," during a commercial spot masquerading as a media interview with the Chicago Sun-Times Friday.
Ballmer was trying to articulate his concern, whether real or imagined, that limited recourse to the GNU GPL requires that all software be made open source.

"The way the license is written, if you use any open-source software, you have to make the rest of your software open source," Ballmer explained to an excessively credulous, un-named Sun-Times reporter who, predictably, neglected to question this bold assertion.

Perhaps Ballmer was thinking of this: "If identifiable sections of [a companion] work are not derived from the [open-source] Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it."
The passage is hopelessly ill written. What on earth, we must wonder, can the authors mean by a companion work which can be 'reasonably considered' to be separate? Do they mean it should have been developed independently? Do they mean it should function independently? Do they mean both?
What if a secondary work were developed separately, and function separately, but remain inextricably integrated with the first, the way Internet Explorer is with Windows? Is that 'reasonably considered' to be a separate work?
What's 'reasonable' here, anyway? And 'considered' by whom? The average adult? The average programmer? It's vague, all right; we'll give old Steve that much.
But one thing we can depend on is that it definitely doesn't mean what Ballmer slickly tries to imply: that once you issue anything under the GPL, every other piece of software you have for sale is suddenly affected by it.
And yet this is the shaky basis on which Ballmer dismisses open source as anathema to all commercial software companies. It can't be used at all, he reasons, because even a tiny germ of it, like a metastasizing cancer, contaminates the entire body. Thus Microsoft 'has a problem' with government funding of open-source.
"Government funding should be for work that is available to everybody," he says patriotically. But "open source is not available to commercial companies," and should therefore be regarded as a violation of the public trust.
Ballmer touches on a few other items, including Microsoft's new product activation and licensing schemes, which, it is hoped, will pave the way for a thriving software rental business and its subsequent endless revenue stream.
"Our goal is to try to educate people on what it means to protect intellectual property and pay for it properly" (read 'eternally'), Ballmer says.
If by 'educate' he means punish with higher costs those who fail to appreciate the wisdom of volume software leases, and inconvenience Win-XP users who like to re-format on a regular basis with a limit of two clean installs, then perhaps he might have chosen different wording.

Top new features in IE 9

Internet Explorer 9, currently in development, will have complete or nearly complete support for all CSS 3 selectors, border-radius CSS 3 property, faster JavaScript, embedded ICC v2 or v4 color profiles, and hardware accelerated rendering using Direct2D and DirectWrite. Microsoft has confirmed that Web Open Font Format (WOFF) will also be supported.

Design and User Interface:

Microsoft claims with the new design more of a web page can be seen than in Firefox even if it’s only by a few centimeters. It appears that Chrome actually allows you to see a bit more of a page, but honestly the difference in space really seems insignificant to us.

Most of the layout changes should be pretty obvious: the menu bar has been removed and the navigation controls / address bar are now at the forefront. We don’t need to tell you that it looks a lot like Chrome, our guess is that Google’s not exactly flattered by that since we’re actually feeling the look of IE9 more than the cartoony aesthetic of Chrome, but we realize that’s a personal preference. The compatibility view, refresh and stop buttons have been just latched on to the address bar and there are dedicated favorite and tools buttons on the far right side.

Performance:

IE9 Beta owes much of its speed boost to the new hardware acceleration features inside the browser. It passes off the most complex rendering tasks animations, video and heavily-styled text to the graphics processor, and its new JavaScript engine (which Microsoft calls Chakra) is capable of using your PC’s extra processing cores to execute scripts on pages.

The enhancements to the JavaScript engine were evident when I ran some of Microsoft’s official demos on its test drive site, as well as in the SunSpider benchmark suite. In real-world applications, like Gmail and Facebook, the browser’s speed and behavior was very close to what I normally see in Chrome and Firefox. There were a few things that didn’t work as advertised, like the chat windows in Gmail. They failed to minimize properly, preferring to dumbly blink when I clicked on them. Developer’s tools are built in (just hit F12) if you want to dig into the DOM or measure performance.

Pinned Sites:

This isn’t one of the most obvious new features of IE9, but it may just be our favorite. If you keep the some web applications open all day like Gmail, Pandora, Twitter, and Facebook, but mistakenly close them when they are lumped together with a bunch of other sites. IE9 lets you separate out those sites and lock them right to the Windows Taskbar. You drag a site to the bar, and when pinned it pulls the favicon so it looks like it’s actually a separate program. Some sites will also support jump lists, which is the list of shortcuts that appears when you right click the icons

One Box:The address bar in IE9 still doubles as a search field, but it now has more capabilities. The default search engine is obviously Bing, but you can install Google, Wikipedia, Amazon, Facebook and lots of others through the Add-On page. You are actually becoming bigger fan of Bing by the day, and keeping it as the default search engine has its advantages: typing in terms like “Weather NYC” brought up the temperature and conditions inline, the bar also displays history results.

Tab functionality:

Tabs aren’t new to Internet Explorer, but Microsoft’s added a few new tricks. They’re really easy to snap out of place now, and even if you’re doing something like playing a video in YouTube, detaching it doesn’t lose your place as content is continuously rendered. Like Chrome, there’s now the ability to just shut down one tab when a website starts to hang. Instead of having to shut down the entire browser, you can go into the task manager and just kill that particular tab. The new tab page shows frequently visited sites along with a meter of how actively you visit them.

Download manager:

IE9 adds a real download manager that lets you see what you’ve recently downloaded as well as see the progress of a current download. Our program downloads appeared in the manager, but oddly a picture download didn’t. It also has a SmartScreen Filter, as it’s been dubbed, that alerts you to security issues. Alerts appear within the browser window now rather than as a pop-up.

Security eBook From Microsoft - Own Your Space

"Own Your Space--Keep Yourself and Your Stuff Safe Online"

Microsoft has released a free ebook covering a wide range of security topics. Although intended for teenagers, the book offers a solid enough look at using the internet safely, and it's suitable for anyone looking for a primer on internet security.

It's difficult to write books for teenagers that don't fall into the "trying too hard to be cool" trap, but Microsoft has done an admirable job. The text is a comprehensive guide for teenagers (and new computer users) that covers everything from how to spot phishing tactics to setting up your browser to protect against browser-based exploits to dealing with cyber-stalking and bullying. It also provides interesting history and real world examples of the harm that can come from security vulnerabilities.

Download the ebook @ Microsoft's Site

Finally Microsoft into Cloud Computing With AZURE

http://msdn.microsoft.com/hi-in/windowsazure/default%28en-us%29.aspx

Microsoft Gives Rival Browsers a Lift

PARIS — Rivals of Microsoft’s market-leading Web browser have attracted a flurry of interest since the company, fulfilling a regulatory requirement, started making it easier for European users of its Windows operating system to switch.

Mozilla, whose Firefox browser is the strongest competitor to Microsoft’s Internet Explorer worldwide, said that more than 50,000 people had downloaded Firefox via a “choice screen” that has been popping up on Windows-equipped computers in Europe since the end of last month. The screen displays links to a dozen browsers, including Explorer, Firefox, Google’s Chrome, Apple’s Safari and Opera.

Opera Software, based in Oslo, said downloads of its browser in Belgium, France, Britain, Poland and Spain had tripled since the screen began to appear.

“It’s definitely being taken up, so consumers are paying attention and taking advantage of the choice being offered to them,” said Thomas Vinje, legal counsel to the European Committee for Interoperable Systems, a lobbying group based in Brussels whose members include Opera.

It was Opera’s complaint to the European Commission that gave rise to an antitrust case against Microsoft that resulted in the company’s agreement last year to promote greater browser choice.

Microsoft said it was too early to tell whether the choice screen might prompt significant numbers of users to change. The digital ballot is being delivered over the Internet with software updates, and it is expected to take until mid-May to complete the process. The browser choice will also be presented to buyers of new Windows computers across the European Union for five years.

The commission has not publicly set targets for browser downloads or market shares. It said Friday that it had not yet received any results, though Microsoft has pledged to keep it informed.

The initiative is intended to address the commission’s finding that Microsoft unfairly packaged Explorer with Windows, the operating system used on a large majority of PCs worldwide, giving it an unfair control over most people’s main gateway to the Internet. The appearance of the screen has refocused attention on the battle for browser supremacy at a time when regulatory attention is increasingly focusing elsewhere, including the search-engine market.

Explorer remains the leading browser in Europe, as it is worldwide, though its market share is lower in Europe than in the United States and some other countries, and it has lost ground in recent years.

According to StatCounter, a Web analytics service, the three versions of Explorer currently in use had a combined 46 percent market share in Europe over the past year, compared with 58 percent worldwide. Firefox placed second in Europe, at 39 percent, and globally, at 31 percent. Trailing them in Europe were Opera, at 6 percent; Chrome, at 4 percent; and Safari, at 3 percent. No other browser reached more than 1 percent.

In advance of the introduction of the choice screen, Microsoft’s browser rivals stepped up marketing activity, seeing a chance to further dent Explorer’s former dominance.

Google decked out European subway systems with billboards promoting Chrome and has plugs for the browser on its search-engine home page.

While Chrome got off to a slow start, it appears to have gained several points of market share in recent months, both in Europe and elsewhere.

Mozilla, which has a particularly strong presence in European countries like Germany and Poland, recently introduced a Web site called “Open to Choice,” among other marketing initiatives. “Getting people to make choices is extremely significant for us,” said John Lilly, chief executive of Mozilla Corp., which oversees development and distribution of Firefox on behalf of the nonprofit Mozilla Foundation. “This is only the first stage in a long campaign of informing people about browser choice.”

Microsoft Fix-IT for your Windows Computer Problem needs

Microsoft has released "Fix It Center" software designed to act as a personal computer technician that troubleshoots problems with machines.

A test version of the free program available online at fixitcenter.support.microsoft.com promised "tools that help solve the issues you have now and prevent new ones."

Fix It Center scans computers to diagnose and repair problems, letting users decide whether to have it tend to fixes and even report the troubles to Microsoft.

Center software, which must be installed on individual computers, makes note of what programs machines are using and tracks updates "to find and fix issues before they become real problems," according to Microsoft.
Read more...

Microsoft Outlook PST Format is open for all

Good news for forensics folks, Microsoft has published Outlook Personal folders file Format specification over the web. So we can now expect much better recovery rates with PST but still the new trend to keep emails over the cloud is still on. However, PST is not here to away any soon and even if emails be in cloud, we can recover data from the browser cache and even seize the cloud providers servers if needed :D

Microsoft Web Application

http://www.microsoft.com/web/downloads/platform.aspx

Microsoft report says more worms, vista better, file formats security

Microsoft has released their latest Security Intelligence Report (SIR).

Some of the Top Highlights of the report are :

1. Large increase in Worm Infection.
2. Vista was less compromised than Windows XP machines.
3. Phishing and Automated SQL Injection Attempts are on rise.
4. Browser Based Exploits are increasing.

You can get the report @ MS Threat Center

Microsoft COFEE Leaked Download Toolkit

had earlier written about Microsoft's COFEE. COFEE utilities are a set of computer forensics and auditing tools that Microsoft had put on a USB drive and provides it to law enforcement for use in trying to extract info from a computer. There was some fear that it was a "back door," but people insisted it was no such thing, but just a collection of basic tools. Still, the fact that the system was promoted as being useful for decrypting passwords and analyzing a computer's data and internet activity seemed troubling. We noted that if Microsoft was giving it out to law enforcement, it seemed likely that others would have access to it as well.

This is one of the best thing that has happened for Forensics Community, To be frank we all wanted it. We wanted to see whats up with this tool from Microsoft. Now I am happy that we have access to it. To see what MS has done in this Incident Response and Data Collection toolkit. I have downloaded and currently reviewing the toolkit. Things look good as for now. Well incase you guys too wanna download Microsoft's COFEE Forensics Toolkit

One thing, I would like to say thanks to Microsoft for making and thanks to the folks leaking it online..

Cheers to All of you

Speed up your Internet Explorer aka IE8 to load webpages faster

If you are using a fast internet connection and your internet explorer is loading pages slow so you are surely on this webpage to speed up your Internet explorer and make the most of your internet connection.


IE by default has connection limited to 2 per server which is quite slow as we know, since the release of IE8 microsoft has increased the limit of max connections to 6. But still if you want faster connections you can change Max Connection settings in your windows registry to make the most of your internet connection.


You can use the following steps to create more connections to the server which will inturn load your pages faster normally, but beware there are some hosts who still dont allow more than 2-3 connections per IP/session so in such cases the pages will load slow but you should see a difference on most of the websites.


The following steps are to be added to your windows registry.


1. Open Registry Editor by typing REGEDIT into the Run dialog in the start menu
2. Browse to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings.
3. Right click and create a new DWORD key and name it "MaxConnectionsPer1_0Server"
4. Double click the key to set a value. The number 12 should be good.
5. Right click and create a another new DWORD key and name it "MaxConnectionsPerServer"
6. Double click on the key and set the value. The number 12 should be good.
7. Close the Registry Editor
8. Restart your IE, infact restarting the computer is still a good idea.

FYI, I even tried to use 32 and 64 but it does not make things blazing super fast and I think max number of connections 12-16 should work just fine for you.

Another tip, You can use Adblock tool for Internet explorer to block all the unwanted gif's, flash and ads to speed up your browsing experience. Adblock addons are now availiable for Firefox, IE and Safari. The filthy javascript ads do really slow down your browser. so you might consider blocking those ads but by blocking your ads you are not contributing to the website your love by the way of clicking ads on their webpages. Think about it. ;)

Windows Vista / 7 SMB Protocol Reboot Vulnerability

A vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems. The root of the problem is an error in how the srv2.sys driver handles client requests when the header of the "Process Id High" field contains an ampersand. The attack does not require authentication; port 445 of the target system merely has to be accessible, which in the default Windows local network configuration, it usually is. SMB2 is an extension of the conventional server message block protocol.

Exploit code is already available online and The code is getting integrated in MetaSploit and its gona be cool, point, click and reboot Windows Vista / 7 machines.

The vulnerability exists in SRV2.SYS which fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.

The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it's used to identify the SMB dialect that will be used for futher communication.

Microsoft IIS5 and IIS6 FTP Exploit 0day

Microsoft on Monday said it is looking into a report of a flaw in some versions of its Internet Information Services product that could allow an attacker to gain control of a system.

In a statement, a Microsoft representative said the company "is investigating new public claims of a possible vulnerability in IIS 5 and IIS 6 File Transfer Protocol (FTP)."

Microsoft said it is not aware of any attacks using the vulnerability. "We will take steps to determine how customers can protect themselves, should we confirm the vulnerability."

This exploit triggers a large SITE command and can easily be detected.

If you want to detect the attack with Snort you can download the rule from ET.

The IIS FTPD Exploit can be found here

-Abhishek

Microsoft admits it tested SQL Server as store for Exchange 2010

Microsoft Corp. today acknowledged that it had "absolutely" considered replacing the maligned storage engine in its Exchange e-mail server software with its SQL Server database.

But "after much debate," the company decided to stick with the existing Extensible Storage Engine (ESE) in Exchange and issued a promise of a significant ESE performance boost in Exchange 2010, the next version of the software, Microsoft said in a blog post today.

"Yes! Some very smart engineers did amazing work and we had mailboxes up and running using SQL Server," wrote Microsoft. "It was ultimately determined that the best way to ensure we could drive compelling innovation into Exchange for 2010 and beyond was to remain committed to ESE."

Microsoft said it has been considering swapping out ESE, better known as Jet, on and off for at least seven years.

Jet is often blamed by users critical of Exchange's scalability or performance. It has historically forced e-mail administrators to restrict user in-box sizes or engage in complicated archiving schemes.

The rise of cloud-based e-mail services that offer unlimited in-box sizes at low cost and with minimal management requirements, such as Google Inc.'s Gmail, has put pressure on market-leading Exchange to address its technical shortcomings.

At its TechEd conference this spring, Microsoft said that using an upgraded Jet database, Exchange 2010 will be able to read and write e-mails to disk 70% faster than Exchange 2007. It will also be able to store five times as many items per folder than Exchange 2007 and handle 10 times more active connections.

Some analysts are still predicting that Microsoft will switch to SQL Server in a future Exchange version, perhaps in the subsequent version slated to ship in 2013. Microsoft said that it's keeping its options open beyond Exchange 2010 and that the company is only committed "to stay on ESE at this time."

-Abhishek

Configuring Report Services in SQL Server 2005

1 System Requirements


1. Windows Server 2003 / Windows 2000 Server/ Windows vista / Windows XP/ Windows Server 2008
2. IIS 5.0 or later is required for Microsoft SQL Server 2005 Reporting Services (SSRS) installations.
3. ASP.NET 2.0 is required for Reporting Services. When installing Reporting Services, SQL Server Setup will enable ASP.NET if it is not already enabled.
4. SQL server 2005 with SP1(In case you need to reinstall reporting services its advised to reinstall full SQL server rather then just reporting services).
5. SQL Server Setup requires Microsoft Windows Installer 3.1 or later and Microsoft Data Access Components (MDAC) 2.8 SP1 or later. You can download MDAC 2.8 SP1 from this Microsoft Web site.

For detailed requirements see: Hardware and Software Requirements for Installing SQL Server 2005 -

http://msdn.microsoft.com/en-us/library/ms143506.aspx

2 Install the SQL server reporting services

http://msdn.microsoft.com/en-us/library/aa545330.aspx

3 Post Installation Configuration

On the report server computer, follow these steps after setup is finished to complete the deployment:

1. Open port 80 in Microsoft Windows Firewall to enable incoming requests over port 80. If you installed Reporting Services on Microsoft Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack, HTTP requests over port 80 are blocked by default. To open port 80, do the following:
1. Click Start, point to Control Panel, click Windows Firewall, click Exceptions, and then click Add Port.
2. In Name, type Web Server (TCP 80).
3. In Port number, type 80.
4. For the protocol, select TCP.
5. Click OK.
2. Modify Windows Firewall settings to enable remote administration.

a. Log on as a local administrator to the computer for which you want to enable remote administration.b. Open a command line window, and then run the following command: netsh.exe firewall set service type=REMOTEADMIN mode=ENABLE scope=ALL c. Verify that remote administration is enabled. You can run the following command to show the status: netsh.exe firewall show state

3. Add InetInfo.exe to the Windows Firewall Exception List
1. Click Start, point to Control Panel, and click Windows Firewall.
2. Click Exceptions.
3. Click Add Program.
4. Click Browse.
5. Select %windir%\system32\inetsrv\inetinfo.exe
6. Click Change Scope to set the scope.
7. Click OK.
8. Reboot the computer.
4. Enable remote connections to the SQL Server instance that hosts the report server database
1. Click Start, point to Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and click SQL Server Surface Area Configuration Tool.
2. Click Surface Area Configuration for Services and Connections.
3. Open the folder for the SQL Server instance that hosts the report server databases.
4. Click Remote Connections.
5. Click Local and Remote Connections.
6. Click Using both TCP/IP and named pipes.
7. Click OK, and then restart the service.
5. Run the Reporting Services Configuration tool, connect to the report server instance you just installed, and review the status indicator for each setting to verify that it is configured. Make sure that it’s all green ticks.

6. Assign write permissions to the temporary ASP.NET folder to reporting service account (\reportingsvc).

4 Verify Reporting Services Installation
4.1 Verify that the report server is installed and running

1. Run the Reporting Services Configuration tool, connect to the report server instance you just installed, and review the status indicator for each setting to verify that it is configured.
2. Open the Services window and verify that the Report Server Windows service is running. To view the status of the Report Server Windows service, click Start, point to Control Panel, double-click Administrative Tools, and then double-click Services. When the list of services appears, scroll to Report Server (MSSQLSERVER). The status should be Started.
3. On the instance of SQL Server that is hosting the report server database, verify that the SQL Server Agent service is running. SQL Server Agent must be running before users define subscriptions and other scheduled operations. Use the SQL Server Surface Area Configuration tool to enable SQL Server Agent.
4. In a browser window, type http://localhost/reportserver (http:///ReportServer).The URL will be different if you installed the report server as a named instance. You can also go and try running report server directly through IIS.
5. Run reports to test report server operations. For this step, you can install and publish the sample reports if you do not have any reports available. For more information, see AdventureWorks Report Samples in SQL Server Books Online.

4.2 Verify that Report Manager is installed and running

1. In a browser window, type http://localhost/reports (http:///Reports) this is the virtual directory for Report Manager.

You can also go and try browsing report manager directly through IIS.

2. Use Report Manager to create a new folder or upload a file to test whether definitions are passed back to the report server database. If these operations are successful, the connection is functional.

-Abhishek

Microsoft IIS6 WebDAV bug

Microsoft has issued an advisory about a new vulnerability being discovered in IIS6 WebDAV component which leads to authentication bypass and can allow an attacker to gain access to the web server and upload malicious files which can lead to a complete compromise of the system.

Till the vulnerability is confirmed, Microsoft has asked users to disable WebDAV and apply ACLS.

The Microsoft Advisory can be found at microsoft technet security website and more details about this vulnerability can be found in this pdf at SecLists.Org.

-Abhishek