Old.

All of these features are basically raising the security bar on security.  With each thing, the amount of skill and effort it takes to get a working exploit rises.  That's the basic point of all the security stuff we throw out there.  Whether it's firewalls or service hardening or whatever, if there is a person motivated enough and skilled enough with a lot of free time on his/her hands, eventually they will either figure out how to get in or give up to find something more fun. 

There was discussion at DEFCON of how to defeat some of these things.  If you read this article http://arstechnica.com/news.ars/post/20080811-the-sky-isnt-falling-a-look-at-a-new-vista-security-bypass.html there is the discussion that talks what tntcoda said.  The things that I read that seemed most important is that a portion of all of this depends on software developers doing the right thing.  This is also implied with the grsecurity software here: http://www.grsecurity.net/confighelp.php.

In my opinion, we as security people can keep putting up barriers, but when we look at software development, even the folks that the developers frequently look up to such as Microsoft, are opting out of their own security measures (see the first article referenced).  If we are running OS's with only the base services enabled and fully patched, I think that the bar is pretty high up there, but as soon as you start installing software on there, the attack vector just gets bigger.  With Vista as an example, I am pretty confident that many people that got bothered by UAC just turned that puppy off and there goes another layer of protection.  Knowing that IE has opted out of additional security features along with this, and your attack space has gotten larger.

In my opinion, if we want to make sure that the systems are security, it needs to be a multi-pronged approach.  1) it needs to be convenient for the user, 2) it needs to be built into the OS, 3) it needs to be enforced by the applications.  Developers are going to need to start writing code that doesn't opt out of DEP (Data Execution Protection) and ASLR(Address Space Layout Randomization), but sometimes that's hard, and we're willing to compromise. We all compromise some, I am sure that I'm not the only one that's hit the "remind me later" button on Acrobat when I'm trying to read a PDF off of a site that I trust. The compromise is what really gets us in trouble i think.

Another example of an OS being hardened correctly is an NT box we have here. This thing has been resistant to every thing several of us have tried. When the box we set up, it had just a few services running and was configured in such a way that it didn't respond to an outside box. That is not to say that a person on the inside couldn't get to it. I haven't tried that yet and this gave me that idea. But it boils down to a competent admin keeping up with the latest patches and setting up in a secure manner from the get go.

One last point to ponder. Security seeks to make a target as unattractive as possible. Look at the target house a burglar may go after. He is going to look for old locks or open windows. Something that suggests an easy pick. But if you have newer locks, locked windows, and an alarm, he is going to look for something easier. That is not to say that he couldn't get into the house, but he runs a greater chance of being caught when the next door neighbor is an easier target. Some one will find a way to get in, the trick is to make it more trouble than it is worth.

Sorry to hijack this thread, but this marks Chris' 1000th post on EH-Net.

Many & continued thanks, my friend.

Don

17, 80, 139 are the ports that show on an nmap scan.

Nope
The thing doesn't respond to any requests to 17 or 80. Its freakin' rediculous.

lmao ChrisG,

 We have tried everything against it and we get no where. Its quite frustrating.

there are no SPs on this box and I'll try the reboot. Our other NT box has SP6 installed and that has fallen to our attenpts to gain access like nobody's business. Go figure...the SPs that are supposed to make it more secure actually make it less.