DACLs (discretionary access control lists), 32, 160
daemons, 97
dangling pointers, 55
data
encryption, 7
hashing, 141
MACing, 141
untrusted, 181
user, safe storage of, 30
Data Execution Prevention (DEP), 11, 59, 62.
See also NX (No-Execute up)
enabling, 127–128
Internet Explorer 7 defenses, 126–129
Davies, Joseph, 78
DCOM, 117
Debug privilege (SE_DEBUG_NAME), 16, 43
debugging
of application compatibility issues, 42–44
of Internet Explorer 7 Protected Mode, 126
kernel mode, 163, 175
process, 105
of services, 101
declspec syntax, 3
DecodePointer, 174
defects, software, 49–50
denial of service attacks
pipe server, 115–116
sockets, 117
deny SIDs, 19–20
DEP. See Data Execution Prevention (DEP)
desktop, communication with, 110–112
named pipes, 112–116
RPC/COM, 117
shared memory, 112
simple message boxes, 112
sockets, 116–117
desktop, private, CardSpace, 158
device drivers, loading and unloading, 105
devices, permanent, enabling, 104–105
digital signatures, 9, 136
Information Card, 151, 156
directories
allowing low-integrity process writing, 37
integrity level of, setting, 38
LDAP, synchronizing, 105
Program File, access to, 13, 28, 29
user-writable, 42
Windows, access to, 13
disabled warnings, 10–11
DisconnectNamedPipe, 115
discretionary access control lists (DACLs), 32, 160
DLLs (dynamic link libraries), 72
ASLR and, 51–54
firewall rules and, 90–91
GINA, 159
NX bypassing and, 60
document signing, 9
Authenticode, 44
domain administration, enabling, 105
domain service accounts, 99
domains, adding computers to, 107
double-free conditions, 55–56
downloads, blocking, 166.
See also parental controls
_dref_out_bcount(n) macro, 6
“drive-by downloads,” 121
drop-offs, reducing, 152
DSA, and RNGs, 140
DWORDs, 64, 68, 71
dwServiceSidType, 100
dynamic link libraries (DLLs). See DLLs (dynamic link libraries)
/DynamicBase linkage, 3, 11
ALSR, 72
browser defenses, 133