Metasploit mailing list archives
Windows Server 2008 - Thoughts on security?qQaa
From: Tino.Martinez2 at Honeywell.com (Martinez, Tino)
Date: Mon, 5 Nov 2007 09:17:05 -0700
-------------------------- Sent using BlackBerry ----- Original Message ----- From: Rhys Kidd <rhyskidd at gmail.com> To: framework at metasploit.com <framework at metasploit.com> Sent: Mon Nov 05 07:48:58 2007 Subject: [framework] Windows Server 2008 - Thoughts on security? Well with the first Release Candidate for Windows Server 2008 released, I thought the builds were getting stable and close enough to a shipping product to warrant some investigation. Part of my poking and prodding so far has been in the security space, seeing what changes have been made that would make reliable remote code execution more difficult. -Hardware DEP is on for all programs by default (and these days hardware supporting NX is pretty ubiquitous). -From MS comments, memory pages with DEP enabled are marked as invoilable (MEM_EXECUTE_OPTION_PERMANENT) ; once it's set the kernel shouldn't let you do a NtSetInformationProcess() again. -ASLR is employed for every system library and executable I've seen. -System components are compiled with stack canaries, and SafeSEH. The Viridian technology (Microsoft's latest incarnation of virtualisation) is also an area of relatively fresh code. Using Metasm to create hundreds of executables with random opcodes should be fairly easy to do, and Metasploit's psexec would let you start each executable on the target system fairly efficiently. I'm sure there's some on this list who've been "behind the wall" so to speak at Microsoft helping secure Windows Server 2008, but have any who've taken some time to look around the RC? Rhys -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071105/500b56ad/attachment.htm>
Current thread:
- Windows Server 2008 - Thoughts on security?qQaa Martinez, Tino (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Joxean Koret (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)