Re: Windows 2003 Server - MS Rulez?

From: Jimi Thompson (jimit_at_myrealbox.com)
Date: 05/24/03

  • Next message: Willis Johnson: "RE: Windows 2003 Server - MS Rulez?"
    Date: Fri, 23 May 2003 21:02:20 -0500
    To: Street <streetseeker@mail.ru>, focus-ms@securityfocus.com
    
    

    ALL hashes are prone to the "birthday attack". The question becomes
    seeing if code that will generate the same hash when piped through
    the hashing function will get you anywhere (i.e. result in a
    compromise).

    At 2:02 AM +0400 5/24/03, Street wrote:
    >Hello list. Today I have attended to official presentation of
    >Microsoft Windows 2003 Server. And the representatives of Microsoft
    >gave to my organisation an evaluation version of 2003 Server. That
    >thing looks very secure, i.e. known methods of attack did not gave a
    >damn thing. Also I learned an interesting feature - prohibition of
    >launch of any program is not made by its exe name - it makes a hash
    >from the body of program and politics are applied using this hash. I wonder
    >whether this method is secure and if there are any ways to defeat it.
    >
    >Any thoughts? Thank you in advance.
    >
    >--
    >Best regards,
    > Street mailto:streetseeker@mail.ru
    >
    >
    >-----------------------------------------------------------------------------
    >*** Wireless LAN Policies for Security & Management - NEW White Paper ***
    >Just like wired networks, wireless LANs require network security policies
    >that are enforced to protect WLANs from known vulnerabilities and threats.
    >Learn to design, implement and enforce WLAN security policies to
    >lockdown enterprise WLANs.
    >
    >To get your FREE white paper visit us at:
    >http://www.securityfocus.com/AirDefense-focus-ms
    >------------------------------------------------------------------------------

    -- 
    Thanks,
    Ms. Jimi Thompson, CISSP, Rev.
    "Those who are too smart to engage in politics are punished by being 
    governed by those who are dumber." --Plato
    -----------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats. 
    Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at: 
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------------
    

  • Next message: Willis Johnson: "RE: Windows 2003 Server - MS Rulez?"

    Relevant Pages

    • RE: A question for the list...
      ... >> evolution of the network ... implement and enforce WLAN security policies ... >> enterprise WLANs. ... implement and enforce WLAN security policies to ...
      (Incidents)
    • Re: [ANNOUNCE] protocol watcher
      ... attack, which is known to be a SYN attack! ... wireless LANs require network security policies ... > that are enforced to protect WLANs from known vulnerabilities and threats. ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)
    • RE: HTTPS Web site testing
      ... Subject: HTTPS Web site testing ... wireless LANs require network security policies ... that are enforced to protect WLANs from known vulnerabilities and threats. ... implement and enforce WLAN security policies to lockdown ...
      (Pen-Test)
    • Re: A question for the list...
      ... Just like wired networks, wireless LANs require network security policies ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)
    • RE: Scans from proxyprotector.com
      ... lockdown enterprise WLANs. ... Just like wired networks, wireless LANs require network security policies ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)