The BHC Blog » IT Security http://www.bhcblog.com The Technical Blog of Blackhawk Consulting Fri, 03 Sep 2010 19:39:23 +0000 en hourly 1 http://wordpress.org/?v=3.0 Microsoft to end support for Windows Rights Management Services V1.0 http://www.bhcblog.com/2009/03/10/microsoft-to-end-support-for-windows-rights-management-services-v10/ http://www.bhcblog.com/2009/03/10/microsoft-to-end-support-for-windows-rights-management-services-v10/#comments Tue, 10 Mar 2009 18:49:10 +0000 Jesse http://www.bhcblog.com/?p=143 Microsoft will be dropping support for all RMS (Rights Management Services) v1.0 products on March 23rd, 2009. This does not include RMS with V1.0 with SP2 or RMS v2.0 which will still be supported.

On top of dropping support, Microsoft will also be preventing activations or reactiviations of both the client or server.  So if you have a server that has an expired SLC you will not be able to renew it after March 23rd unless you upgrade to V1.0 SP2 or later.    Microsoft is ending support for v1.0 because it is outdated and can expose customers to security risks.

To get the new clients can be found on the following link:

Microsoft Rights Managment Services with SP2 Download and Info Page

If you have questions please post them and I will try to answer them.

_______________________________________
PLEASE HELP BY BOOKMARKING OUR SITE...
[del.icio.us] [Digg] [StumbleUpon]
]]> http://www.bhcblog.com/2009/03/10/microsoft-to-end-support-for-windows-rights-management-services-v10/feed/ 0 Security flaw, Google G1 Android Phone http://www.bhcblog.com/2008/11/17/security-flaw-google-g1-android-phone/ http://www.bhcblog.com/2008/11/17/security-flaw-google-g1-android-phone/#comments Mon, 17 Nov 2008 21:08:14 +0000 Jesse http://www.bhcblog.com/?p=84 I was recently examining a co-worker’s new Android phone and so far my impressions are favorable. It runs a linux variant so it is likely to have many free downloadable apps.   However, I did notice one potential security flaw:

Instead of the standard “enter a password to unlock” that most phones have, on the G-Phone, you draw a shape between 9 dots using the touch-screen.   I noticed that since fingers leave oil marks behind on glass, it’s relatively easy to “crack” the password just by tilting the phone in bright light to see where the smudges are.   It’s an old trick, but it worked well- I guessed the password on my second try.

_______________________________________
PLEASE HELP BY BOOKMARKING OUR SITE...
[del.icio.us] [Digg] [StumbleUpon]
]]> http://www.bhcblog.com/2008/11/17/security-flaw-google-g1-android-phone/feed/ 0 How to validate a form using JavaScript http://www.bhcblog.com/2008/09/16/how-to-validate-a-form-using-javascript/ http://www.bhcblog.com/2008/09/16/how-to-validate-a-form-using-javascript/#comments Tue, 16 Sep 2008 16:08:00 +0000 Jesse http://www.bhcblog.com/?p=58 Alot of companies have forms on their websites to help capture lead information and communicate effectively with customers and partners. Getting incomplete or invalid information can lessen the value of a potential lead so it is important to get complete and accurate information the first time.

To validate a javascript form add a javascript function that contains the validation information… Below is an example.

Add this section to the form html page between the header tags (adjust as necessary for your page):

<script language=”JavaScript” type=”text/javascript”>
<!– // function validate(form)
{
if(form.first.value == “”) {
window.alert(“Please make sure the \’ First Name \’ field was properly completed.”);
return false;
}
if(form.last.value == “”) {
window.alert(“Please make sure the \’ Last Name \’ field was properly completed.”);
return false;
}
if(form.phone.value.length < 12) {
window.alert(“Please make sure the \’ Phone \’ field is formated as: 703-555-5555.”);
return false;
}
}

As you can see we are basically looking at a values entered and then comparing them to what we expect to find.

Now we must add the section of code that triggers our function to run.

In the top of the form add this: onsubmit=”return checkform(this);

so your new line would be :

<form method=”POST” action=”submit.asp” name=”form” onsubmit=”return validate(this);”>

This will now call the javascript function when the user clicks the submit button. It will not launch the submit.asp page until the user has passed the validation test.

To test for not a value put an ! infront of the equation to be tested like the example below:

if(!(form.phone.value.length < 12)) { ……

_______________________________________
PLEASE HELP BY BOOKMARKING OUR SITE...
[del.icio.us] [Digg] [StumbleUpon]
]]> http://www.bhcblog.com/2008/09/16/how-to-validate-a-form-using-javascript/feed/ 0 Improved IT security through AD Design http://www.bhcblog.com/2008/08/04/improved-it-security-through-ad-design/ http://www.bhcblog.com/2008/08/04/improved-it-security-through-ad-design/#comments Tue, 05 Aug 2008 02:56:52 +0000 Jesse http://www.bhcblog.com/?p=19 One of the things I freqently notice is that many small and mid-sized organizations have not spent a great deal of time on designing their active directory structure. In this article I discuss how to improve the AD landscape to ensure proper access control while also cutting down on administrative time and creating an ability to audit the environment.  Click here to continue….

_______________________________________
PLEASE HELP BY BOOKMARKING OUR SITE...
[del.icio.us] [Digg] [StumbleUpon]
]]> http://www.bhcblog.com/2008/08/04/improved-it-security-through-ad-design/feed/ 0