Edi Wang

Microsoft MVP for Azure

Security

19
MAY

Keeping Azure NSG Rules Updated for Dynamic Remote IP Addresses

This post shows how to keep Azure Network Security Group rules in sync with trusted remote locations that use dynamic public IP addresses. Instead of manually updating NSG source IPs every time an ISP changes an address, a lightweight Docker container periodically resolves DDNS hostnames, compares them with the current NSG rule configuration, and updates only the rules that need changing.
Security Azure Docker
13
MAY

How to Prevent Untrusted Apps from Reading Your Browser Password on Windows

Although Microsoft Edge, Chrome, and Firefox store encrypted passwords in the user profile location, these can be easily decrypted by another program without requiring user authentication or approval. Consequently, an untrusted program, not flagged by Microsoft Defender or other security software, can easily access your passwords. Let's check out the simplest method to prevent this.
Windows Security
10
FEB

Get Clear Password from IIS App Pool

Sometimes, in order to get necessary permissions, we will assign domian accounts or local accounts for IIS app pool. For example, it usually happens for SharePoint deployment. However, this is not a secure way, because the password for these accounts are saved in clear text. For local accounts, the password is not readable. But if you are using domain accounts. The IIS Admin can read your …
IIS Security