----- Original Message -----
From: David LeBlanc <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 05, 1999 8:24 PM
Subject: Re: RFP9903: AeDebug vulnerability
>David LeBlanc wrote:
>One other thing to consider is that when user processes crash, they can
>sometimes create a user.dmp file, which like UNIX-style core files can
>sometimes contain information useful to an attacker. There is a way to
>turn this off, but I don't recall what it is at the moment.
>
Just run drwtsn32.exe from system32, then you can configure the behaviour of
drwtsn. There is a little hlp-file explaining the contents of the dump file,
too. (Though this file doesn't treat the subject very deeply, from a
technical point of view)
>From time to time, I have to examine the contents of this file; I'm not sure
whether these contents could be useful for an attacker.
Regards,
Enno
[EMAIL PROTECTED]
