RE: [ActiveDir] AD DOS vulnerability

2003-07-08 Thread Myrick, Todd (NIH/CIT)
: Darren Mar-Elia [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 7:11 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DOS vulnerability Rick- Glad to help! One thing I've played around with on this is some low-tech methods for slowing down potential exploits of this. For example,

RE: [ActiveDir] AD DOS vulnerability

2003-07-07 Thread Darren Mar-Elia
3:08 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DOS vulnerability Darren, Thanks for providing the clarity. No intent to be 'stealthy' about the vulnerability, but - frankly, I couldn't think of the proper words at the moment. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - A

RE: [ActiveDir] AD DOS vulnerability

2003-07-07 Thread Rick Kingslan
wsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Monday, July 07, 2003 1:37 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DOS vulnerability I think this refers to the issue recently identified where a membe

RE: [ActiveDir] AD DOS vulnerability

2003-07-07 Thread Darren Mar-Elia
access to the schema and configuration naming contexts that they weren't granted explicitly. -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 6:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD DOS vulnerability Coul

RE: [ActiveDir] AD DOS vulnerability

2003-07-07 Thread Roger Seielstad
ck Kingslan [mailto:[EMAIL PROTECTED] > Sent: Friday, July 04, 2003 5:42 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] AD DOS vulnerability > > > Joe, > > Unfortunately, one of the biggest issues with AD can't be > addressed with an > upgrade, and that

RE: [ActiveDir] AD DOS vulnerability

2003-07-04 Thread Rick Kingslan
ft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe Sent: Friday, July 04, 2003 10:21 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DOS vulnerability Also n

RE: [ActiveDir] AD DOS vulnerability

2003-07-04 Thread Joe
3 8:53 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DOS vulnerability I'd certainly concur with the idea of using the hotfix before rushing SP4 out of the door without the usual acceptance testing but it might be worth remembering that someone who is posting from an education

RE: [ActiveDir] AD DOS vulnerability

2003-07-03 Thread Myrick, Todd (NIH/CIT)
from within the network are not just possible, or likely, but are simply another day at the office. > -Original Message- > From: Tony Murray [mailto:[EMAIL PROTECTED] > Sent: 03 July 2003 12:51 > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] AD DOS vulnerability

RE: [ActiveDir] AD DOS vulnerability

2003-07-03 Thread Robert Moir
k are not just possible, or likely, but are simply another day at the office. > -Original Message- > From: Tony Murray [mailto:[EMAIL PROTECTED] > Sent: 03 July 2003 12:51 > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] AD DOS vulnerability > > Given that this vulner

Re: [ActiveDir] AD DOS vulnerability

2003-07-03 Thread Tony Murray
Given that this vulnerability can generally only be exploited through malicious use from *within* the network (at least for most organisations), you may want to hold off on SP4. This will depend on your assessment of the threat in your environment. SP4 was only released last week and it is usu