Firewalls: Re: Firewalls-Digest V5 #45

Firewalls
(January 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewalls-Digest V5 #45
From:	"Kenneth J. Stephens" <janken @ rust . net>
Date:	Tue, 23 Jan 1996 11:01:15 -0500 (EDT)
To:	Kent Dahlgren <kent @ trouble . WV . TEK . COM>
Cc:	Firewalls @ GreatCircle . COM

At 08:28 AM 1/22/96 -0800, you wrote:
>
>On Sun, 21 Jan 1996, Eric Osborne wrote:
>
>> 
>> Yes, I realize you didn't want to start a war here, but to accept an OS
>> as more secure because nobody know's what broken - isn't that security
>> by obscurity?
>> 
>I agree.  I'm reading about security holes in Win95 and WFW in another 
>group and I want to take the time to hack at it.  It seems that there are 
>too many out there quoting M$'s marketing.  We all may know at least some 
>of the theory of NT's kernel, but what I'm finding out slowly through 
>personal experience is that the system is not completely iron clad.  For 
>example, until the appropriate patch is loaded, the web server software 
>for NT takes a little piece of memory everytime it is accessed, and fails 
>to return it to the system when finished.  This is a serious problem.  
>According to my teachings, this is an impossibility.  But its happening.

--Snip--

Almost any small operating system will eat storage if you write the
application code badly enough.  The overhead for absolute operating system
memory control is larger than most people want to pay.  Application software
designers/coders don't get much help from their compiler/debugger.  The
problem is not much different 
than the stack overflow bugs.  People don't track the size of what they put on 
the stack or just how many blocks of memory (of what size) they "GET" 
from the operating system.  You can't return memory resources to the OS if you 
don't know what it gave you.

My $.02

Ken
  

 [][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[]                                                                          []
[]  Ken Stephens            Senior Capacity Planner/Data Security Officer   []
[]  email: Ken_Stephens @
 miconsulting .
 com             Voice (313) 876-5081   []
[]  Michigan Employment Security Commission (MESC)   Fax   (313) 876-6827   []
[]  7th Fl. I.S.                                                            []
[]  7310 Woodward Ave                                                       []
[]  Detroit, MI  48202                                                      []
[]                                                                          []
[]  Millennium Consulting                 Your Security Policy is only      []
[]  28234 Diesing Dr.                     as strong as your organization's  []
[]  Madison Heights, MI 48071             commitment to it.                 []
[]                                                                          []
 [][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]

Indexed By Date	Previous:	World-Wide Replication of Database From: Alex . Eveleigh @ kellogg . com (Alex Eveleigh)
Indexed By Date	Next:	Re: Fault Tolerant Firewall From: Dale Lancaster <dlancaster @ raptor . com>
Indexed By Thread	Previous:	Re: Firewalls-Digest V5 #45 From: Kent Dahlgren <kent @ trouble . WV . TEK . COM>
Indexed By Thread	Next:	KarlBridge From: Andrew Cameron <andrew @ andy . alt . za>