Hi David, > [...] Eventually I've rebased all of the DLLs used by SQL Server mutating > it's "genetic code", making it considerably different to any other SQL > Server install on the planet. In fact if I rebase every DLL on my system and > every executable then I can make my box almost invulnerable to a given > exploit, past, present or future. The idea is very elegant (in fact we have planned to include a variation of it in an upcoming product), but unfortunately it will not work very well with system DLLs. Many Windows system DLLs can't be safely rebased. Although they include relocation information, they make assumptions about where in memory they (or other system DLLs) will be loaded. Essentially, if you rebase some of the system DLLs, your system will become unstable or will fail to start. Also, many exes do not include relocation information at all (since exes are loaded first they are not supposed to be relocated in normal operation). You will not be able to rebase them either. Best regards, Torbjörn Hovmark ______________________________________ Abtrusion Security AB - next generation intrusion protection http://www.abtrusion.com
This archive was generated by hypermail 2b30 : Tue Feb 04 2003 - 11:52:47 PST