----- Original Message ----- From: David LeBlanc <dleblancat_private> To: <BUGTRAQat_private> Sent: Tuesday, October 05, 1999 8:24 PM Subject: Re: RFP9903: AeDebug vulnerability >David LeBlanc wrote: >One other thing to consider is that when user processes crash, they can >sometimes create a user.dmp file, which like UNIX-style core files can >sometimes contain information useful to an attacker. There is a way to >turn this off, but I don't recall what it is at the moment. > Just run drwtsn32.exe from system32, then you can configure the behaviour of drwtsn. There is a little hlp-file explaining the contents of the dump file, too. (Though this file doesn't treat the subject very deeply, from a technical point of view) >From time to time, I have to examine the contents of this file; I'm not sure whether these contents could be useful for an attacker. Regards, Enno ereyat_private-heidelberg.de
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:06:54 PDT