Re: The sky's downward trajectory

[endrazine <endrazine () gmail com>]

Hi dear readers,

Rhys Kidd a écrit :
> So what does Microsoft provide to make this more secure?
>
> Firstly the push by Michael Howard et al to get ASLR implemented in 
> Vista beta 2 and above means the addresses within ntdll.dll are going 
> to be somewhat random, thereby making reliable use of this technique 
> difficult. NX bit based defenses really should be implemented 
> hand-in-hand with some form of memory randomisation, as was documented 
> by the PaX project.
Put me in my place if I'm wrong, but adresses are only randomized once 
at boot up, making the Vista randomization far less effective than a run 
time randomization a la PaX. Well, at least, thats what I understood 
from the Microsoft TechDays in Paris 2 weeks ago.
> Secondly, as Dave mentioned setting "AlwaysOn" in boot.ini should 
> prevent DEP from being disabled on a per-process basis.
>
> HTH.
> Rhys
>   

Regards,

endrazine-
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave