Anatomy of a hack: mail server

Today I’ve been fixing a problem with my mail server after someone “hacked” (cracked) it. I’m reconstructing the chain of events as best I can, but the causality wasn’t obvious at the time. Background: this machine is running Windows Server 2003 SP1 with Exchange Server 2003 SP2. A few weeks ago, someone gained unauthorised access […]

Digital certificates

I’ve been taking an interest in computer security recently, and as part of that I’ve been investigating digital certificates, primarily in the context of code signing (e.g. applications/macros/plugins). There seem to be two main misconceptions here (at opposite ends of the scale), which are worth addressing: 1. “If something has been signed then it’s safe.” […]