: Darren Mar-Elia [mailto:[EMAIL PROTECTED]
Sent: Monday, July 07, 2003 7:11 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD DOS vulnerability
Rick-
Glad to help! One thing I've played around with on this is some low-tech
methods for slowing down potential exploits of this. For example, I've
[mailto:[EMAIL PROTECTED]
Sent: Friday, July 04, 2003 5:42 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD DOS vulnerability
Joe,
Unfortunately, one of the biggest issues with AD can't be
addressed with an
upgrade, and that's the Security vulnerability from
cross-domain admins
access to the schema and configuration naming contexts
that they weren't granted explicitly.
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Monday, July 07, 2003 6:25 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] AD DOS vulnerability
Could you expand
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Monday, July 07, 2003 1:37 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD DOS vulnerability
I think this refers to the issue recently identified where a member of the
Domain
: RE: [ActiveDir] AD DOS vulnerability
Darren,
Thanks for providing the clarity. No intent to be 'stealthy' about the
vulnerability, but - frankly, I couldn't think of the proper words at
the moment.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone
PROTECTED]
Subject: RE: [ActiveDir] AD DOS vulnerability
I'd certainly concur with the idea of using the hotfix before rushing
SP4 out of the door without the usual acceptance testing but it might be
worth remembering that someone who is posting from an educational
establishment
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joe
Sent: Friday, July 04, 2003 10:21 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD DOS vulnerability
Also note that there is another
Given that this vulnerability can generally only be exploited through malicious use
from *within* the network (at least for most organisations), you may want to hold off
on SP4. This will depend on your assessment of the threat in your environment. SP4
was only released last week and it is