D

DACLs (discretionary access control lists), 32, 160

daemons, 97

dangling pointers, 55

data

encryption, 7

hashing, 141

MACing, 141

untrusted, 181

user, safe storage of, 30

Data Execution Prevention (DEP), 11, 59, 62.

See also NX (No-Execute up)

enabling, 127–128

Internet Explorer 7 defenses, 126–129

Davies, Joseph, 78

DCOM, 117

Debug privilege (SE_DEBUG_NAME), 16, 43

debugging

of application compatibility issues, 42–44

of Internet Explorer 7 Protected Mode, 126

kernel mode, 163, 175

process, 105

of services, 101

declspec syntax, 3

DecodePointer, 174

defects, software, 49–50

denial of service attacks

pipe server, 115–116

sockets, 117

deny SIDs, 19–20

DEP. See Data Execution Prevention (DEP)

desktop, communication with, 110–112

named pipes, 112–116

RPC/COM, 117

shared memory, 112

simple message boxes, 112

sockets, 116–117

desktop, private, CardSpace, 158

device drivers, loading and unloading, 105

devices, permanent, enabling, 104–105

digital signatures, 9, 136

Information Card, 151, 156

directories

allowing low-integrity process writing, 37

integrity level of, setting, 38

LDAP, synchronizing, 105

Program File, access to, 13, 28, 29

user-writable, 42

Windows, access to, 13

disabled warnings, 10–11

DisconnectNamedPipe, 115

discretionary access control lists (DACLs), 32, 160

DLLs (dynamic link libraries), 72

ASLR and, 51–54

firewall rules and, 90–91

GINA, 159

NX bypassing and, 60

document signing, 9

Authenticode, 44

domain administration, enabling, 105

domain service accounts, 99

domains, adding computers to, 107

double-free conditions, 55–56

downloads, blocking, 166.

See also parental controls

_dref_out_bcount(n) macro, 6

“drive-by downloads,” 121

drop-offs, reducing, 152

DSA, and RNGs, 140

DWORDs, 64, 68, 71

dwServiceSidType, 100

dynamic link libraries (DLLs). See DLLs (dynamic link libraries)

/DynamicBase linkage, 3, 11

ALSR, 72

browser defenses, 133