Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	Apple tops the $100B+ tech club
•	Microsoft details Windows 8 for ARM devices
•	Web app lets enterprise set security, sharing for Google Apps users
•	Cloudscaling to offer OpenStack private cloud platform
•	Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
•	Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
•	Microsoft details 'Windows on ARM' program
•	March debut of 'iPad 3' a sure bet, says analyst
•	Resume Makeover: How an Information Security Professional Can Target CSO Jobs
•
•	FBI unbolts Steve Jobs 1991 investigation file
•	Cisco boosted profit, sales in Q2 while cutting costs
•	Macs take on the enterprise
•	Four crazy tech ideas from Google's Solve for X project
•	Obama 2012 campaign playlist revealed courtesy of Spotify
•	More breaking news

/

The dark side of MyServices, Part 1

Sign up to receive this and other networking newsletters in your inbox.

By Dave Kearns
Network World Windows Networking Newsletter, 02/06/02

Last time, we started looking at the upcoming .Net MyServices technology offering from Microsoft with a peek into its mechanisms. Today, we'll see why this user-centric technology is important for you, the network manager, to understand.

There are two reasons you need to take an interest - security and money.

Security first. Even though Bill Gates' famous memo from last month calls for all of Microsoft to put security at a higher priority than new functionality, we'll need to keep a very close eye on MyServices, which has a number of areas that could cause security problems. The Passport service, which lies at the heart of MyServices as its authentication mechanism, has already been compromised at least once, and it could happen again. The messages exchanged by .Net servers and MyServices clients use well-documented protocols, such as XML and Simple Object Access Protocol (SOAP), which can be compromised if not properly implemented.

There is also the problem of criminal servers. Nothing but good sense prevents users from being enticed to share information (such as credit card numbers) with servers set up by criminals in a massive, worldwide con game. While you can't do much to protect your users when they're at home (except, possibly, to warn them), you can take actions on your network to block access to these rogue sites and the incoming messages they use to entice your users.

Today's firewalls and antispam agents can be easily adapted to this use. The exact details won't be available until we know more about the structure of MyServices, but we'll keep you informed.

Next issue: The money angle.

RELATED LINKS

Microsoft introduction to .Net MyServices

Hole found in Microsoft's Passport wallet
IDG News Service, 11/05/01

Dave Kearns is a writer and consultant in Silicon Valley. His most recent book is "Peter Norton's Complete Guide to Networks" published by SAMS. Dave's company, Virtual Quill, provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more at Virtual Quill or by e-mail at info@vquill.com

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.