This How To shows you how to create and configure a custom least-privileged service account to run an ASP.NET Web application. By default, an ASP.NET application on Microsoft Windows Server 2003 and IIS 6.0 runs using the built-in Network Service account. In production environments, you usually run your application using a custom service account. By using a custom service account, you can audit and authorize your application separately from others, and your application is protected from any changes made to the privileges or permissions associated with the Network Service account. To use a custom service account, you must configure the account by running the Aspnet_regiis.exe utility with the -ga switch, and then configure your application to run in a custom application pool that uses the custom account’s identity.
Read the rest of this entry »

• 0 Comments

The purpose of this guide is to provide an overview of Mac OS X v10.3.x Panther operating system security and recommendations for configuring the security features. This guide provides recommended settings to secure systems using this operating system, and points out problems that could cause security concerns in systems using this operating system. This document is intended for anyone managing a locally -administered Apple Mac OS X v10.3.x system. It is assumed that anyone using this guidance will have some experience using Mac OS X, and understands the basics of the Mac OS X user interface. Some instructions within this guidance are complex, and deviation could result in serious adverse effects on the system and its security.
Read the rest of this entry »

• 0 Comments

Oracle Security Alert #27. Reference date: 28 December 2001. Vulnerabilities in Oracle9i Application Server. Web Cache. Products. Oracle9iAS Web Cache
Read the rest of this entry »

• 0 Comments