Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	VMware expands desktop virtualization capabilities
•	FBI warns of holiday cyber scams
•	U.S. Open used Web filtering to prevent online gambling
•	Google Earth used by terrorists in India attacks
•	Verizon trounces competition in wireless quality survey
•	Mumbai terrorist attacks don't deter technology companies
•	Google layoffs: 10,000 jobs being cut, report claims
•	Experts to Feds: Sign the DNS root ASAP
•	Cisco shutting down between holidays
•	Sprint completes Clearwire WiMAX deal
•	Mobile sales to beat economic gloom, forecasts Ovum
•	Start-ups starting to feel economic pain
•	Spam levels fluctuate as crooks try to revive botnets
•	Mozilla eyes extra beta for Firefox 3.1
•	Grim forecast for holiday e-commerce sales
•	More breaking news

NOSes /

The dark side of MyServices, Part 1

Sign up to receive this and other networking newsletters in your inbox.

By Dave Kearns
Network World Windows Networking Newsletter, 02/06/02

Last time, we started looking at the upcoming .Net MyServices technology offering from Microsoft with a peek into its mechanisms. Today, we'll see why this user-centric technology is important for you, the network manager, to understand.

There are two reasons you need to take an interest - security and money.

Security first. Even though Bill Gates' famous memo from last month calls for all of Microsoft to put security at a higher priority than new functionality, we'll need to keep a very close eye on MyServices, which has a number of areas that could cause security problems. The Passport service, which lies at the heart of MyServices as its authentication mechanism, has already been compromised at least once, and it could happen again. The messages exchanged by .Net servers and MyServices clients use well-documented protocols, such as XML and Simple Object Access Protocol (SOAP), which can be compromised if not properly implemented.

There is also the problem of criminal servers. Nothing but good sense prevents users from being enticed to share information (such as credit card numbers) with servers set up by criminals in a massive, worldwide con game. While you can't do much to protect your users when they're at home (except, possibly, to warn them), you can take actions on your network to block access to these rogue sites and the incoming messages they use to entice your users.

Today's firewalls and antispam agents can be easily adapted to this use. The exact details won't be available until we know more about the structure of MyServices, but we'll keep you informed.

Next issue: The money angle.

RELATED LINKS

Microsoft introduction to .Net MyServices

Hole found in Microsoft's Passport wallet
IDG News Service, 11/05/01

Dave Kearns is a writer and consultant in Silicon Valley. His most recent book is "Peter Norton's Complete Guide to Networks" published by SAMS. Dave's company, Virtual Quill, provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more at Virtual Quill or by e-mail at info@vquill.com

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

Click Here

alt text

Click Here

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.