the /gs is enabled in certain SP2 programs. The /gs compiler options allow you
to make secure program during compilation. It protect against basic stack
overflow. NXBit is a copy from Solar Designer, but it's implemented into the
chipset/processor hardely. As Stackguard, PaX, the NXBit need a kernel
upgrade. I don't really know (believe) if it's stable and you must know that
you are not protected against high-level-overflow like the heap overflow
exploitation by an indirect register callback.
Le Mardi 7 Juin 2005 20:54, ray.bowler (at) gmail (dot) com [email concealed] a écrit :
> I'm wondering if anyone has found any usefull information on XP SP2 and DEP
> (in conjunction with XD Bit/ NX Bit) ? I've been trying to track down
> anything other than the couple of Microsoft docs from their site, and
> articles written about it from a time period where the feature wasn't even
> yet supported. I've been seeing extremely inconsistant behavior from this
> feature, and little to no solid documentation about anything. I'va had Dell
> GX280's that do and dont' support this feature (Same Bios revision) , IBM
> M51's that fell into different production dates by a matter of a week that
> differ on supporting the feature or not. CA Unicenter remote control causes
> Explorer.exe to crash and pretty much brings down the GX280 when hardware
> DEP is enabled (with AlwaysOn). When The IBM M51 is set the same way
> (Without CA Unicenter) , it effectivly cripples the entire desktop (Cannot
> open IE, Windows Explorer, Control panel, etc etc etc...other 3rd part apps
> will not launch) CA Unicenter leaves the system essentially unusable as
> well (Albeit, resolved with CA RC SP1) Some of the issues are clearly
> caused by other Apps, but the lack of detail of what is happening in the OS
> makes troubleshooting difficult at best. In the case of CA, explorer.exe is
> the affected program. In this situation, you do not add an exclusion to
> CA, but to explorer.exe, to me , having to take these measures start to
> make enabling this feature pointless anyway. Does anyone have any good/bad
> experiences with SP2 and DEP? Is there really that much of a reason to
> enable it? I'm looking at a deployment of SP2 on new DEP enabled equipment
> for a large install base that has 1500+ custom applications, all of which
> are already showing their age. The client wants this enabled because it
> "will make the machines more secure". All I envision is a major mess of
> application failures.....
>
> ------------------------------------------------------------------------
---
> ------------------------------------------------------------------------
---
--
Michael Vergoz
BinarySEC - R&D.
http://www.binarysec.com/
mv (at) binarysec (dot) com [email concealed]
Skype: descript
the /gs is enabled in certain SP2 programs. The /gs compiler options allow you
to make secure program during compilation. It protect against basic stack
overflow. NXBit is a copy from Solar Designer, but it's implemented into the
chipset/processor hardely. As Stackguard, PaX, the NXBit need a kernel
upgrade. I don't really know (believe) if it's stable and you must know that
you are not protected against high-level-overflow like the heap overflow
exploitation by an indirect register callback.
Le Mardi 7 Juin 2005 20:54, ray.bowler (at) gmail (dot) com [email concealed] a écrit :
> I'm wondering if anyone has found any usefull information on XP SP2 and DEP
> (in conjunction with XD Bit/ NX Bit) ? I've been trying to track down
> anything other than the couple of Microsoft docs from their site, and
> articles written about it from a time period where the feature wasn't even
> yet supported. I've been seeing extremely inconsistant behavior from this
> feature, and little to no solid documentation about anything. I'va had Dell
> GX280's that do and dont' support this feature (Same Bios revision) , IBM
> M51's that fell into different production dates by a matter of a week that
> differ on supporting the feature or not. CA Unicenter remote control causes
> Explorer.exe to crash and pretty much brings down the GX280 when hardware
> DEP is enabled (with AlwaysOn). When The IBM M51 is set the same way
> (Without CA Unicenter) , it effectivly cripples the entire desktop (Cannot
> open IE, Windows Explorer, Control panel, etc etc etc...other 3rd part apps
> will not launch) CA Unicenter leaves the system essentially unusable as
> well (Albeit, resolved with CA RC SP1) Some of the issues are clearly
> caused by other Apps, but the lack of detail of what is happening in the OS
> makes troubleshooting difficult at best. In the case of CA, explorer.exe is
> the affected program. In this situation, you do not add an exclusion to
> CA, but to explorer.exe, to me , having to take these measures start to
> make enabling this feature pointless anyway. Does anyone have any good/bad
> experiences with SP2 and DEP? Is there really that much of a reason to
> enable it? I'm looking at a deployment of SP2 on new DEP enabled equipment
> for a large install base that has 1500+ custom applications, all of which
> are already showing their age. The client wants this enabled because it
> "will make the machines more secure". All I envision is a major mess of
> application failures.....
>
> ------------------------------------------------------------------------
---
> ------------------------------------------------------------------------
---
--
Michael Vergoz
BinarySEC - R&D.
http://www.binarysec.com/
mv (at) binarysec (dot) com [email concealed]
Skype: descript
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]