Dailydave mailing list archives
Re: The sky's downward trajectory
From: "Halvar Flake" <halvar () gmx de>
Date: Tue, 20 Feb 2007 13:28:23 +0100
As far as I can judge it, there is more than 8 bits of entropy. I might be wrong with this, but there seem to be 8 bits of entropy per DLL -- not 8 bits in total. This, together with DLL-remapping on collision, should provide for more than 8 bits total entropy. I might be wrong though. Cheers, Halvar ----- Original Message ----- From: "Jonathan Wilkins" <jwilkins () gmail com> To: "endrazine" <endrazine () gmail com> Cc: <dailydave () lists immunitysec com> Sent: Monday, February 19, 2007 9:37 PM Subject: Re: [Dailydave] The sky's downward trajectory ASLR is also limited to 8 bits of entropy per (Microsoft employee) Richard Johnson's talk at t00rcon. On 2/19/07, endrazine <endrazine () gmail com> wrote:
Hi dear readers, Rhys Kidd a Ã(c)crit :So what does Microsoft provide to make this more secure? Firstly the push by Michael Howard et al to get ASLR implemented in Vista beta 2 and above means the addresses within ntdll.dll are going to be somewhat random, thereby making reliable use of this technique difficult. NX bit based defenses really should be implemented hand-in-hand with some form of memory randomisation, as was documented by the PaX project.Put me in my place if I'm wrong, but adresses are only randomized once at boot up, making the Vista randomization far less effective than a run time randomization a la PaX. Well, at least, thats what I understood from the Microsoft TechDays in Paris 2 weeks ago.Secondly, as Dave mentioned setting "AlwaysOn" in boot.ini should prevent DEP from being disabled on a per-process basis. HTH. RhysRegards, endrazine- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: The sky's downward trajectory, (continued)
- Re: The sky's downward trajectory endrazine (Feb 19)
- Re: The sky's downward trajectory jf (Feb 19)
- Re: The sky's downward trajectory endrazine (Feb 19)
- Re: The sky's downward trajectory jf (Feb 19)
- Re: The sky's downward trajectory Jonathan Wilkins (Feb 19)
- Re: The sky's downward trajectory Dominique Brezinski (Feb 20)
- Re: The sky's downward trajectory ol (Feb 20)
- Re: The sky's downward trajectory ol (Mar 03)
- Re: The sky's downward trajectory jf (Feb 20)
- Re: The sky's downward trajectory Jonathan Wilkins (Feb 19)
- Re: The sky's downward trajectory Halvar Flake (Feb 20)
- Re: The sky's downward trajectory Halvar Flake (Feb 20)
- Re: The sky's downward trajectory Alexander Sotirov (Feb 20)
- Re: The sky's downward trajectory don bailey (Feb 21)
- Re: The sky's downward trajectory don bailey (Feb 22)
- Re: The sky's downward trajectory ol (Feb 23)
- Re: The sky's downward trajectory don bailey (Feb 26)
- Re: The sky's downward trajectory Dave Aitel (Feb 19)