Windows DEP

Rotty · September 12, 2006, 4:33am

I understand that CPF changes the boot.ini file, could someone post the origanal boot.ini and the changed boot.ini, or just post the changes so i can be comfortable installing this program.

cheers, rotty

XenonG · September 12, 2006, 4:46am

For my default installation of Windows I have it on partition label C:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /noexecute=optin /fastdetect

Its the /noexecute thing it changes only, the CPF config will back up a copy on you default Windows installation drive, for me its located in C:/ , try checking it there. File name with file type label is: boot.ini.comodofirewall

Rotty · September 12, 2006, 6:00am

Ok, thanks, mine says:

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /fastdetect /NoExecute=OptIn

Why is yours “multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /noexecute=optin /fastdetect”

eh, anyway, i don’t think i will apply the DEP change, as this comp is already set to Optin.

cheers, rotty

TheTOM_SK · September 12, 2006, 8:11am

I guess, that its purpose is to enable DEP, if it is disabled as it notified me once at a setup.

alg · September 12, 2006, 8:42pm

noexecute=optin => DEP is on

noexecute=alwaysoff => DEP is off

egemen · September 13, 2006, 5:52am

CPF changes noexecute=OptOut which means turn on dep but let me disable it on some applications. The windows will ask you the next time a buffer overflow detected with this option. If you dont have a reason, i recommend activating it. Buffer overflow attacks are quite common and cause unintended infections while browsing the web.

Egemen

svein · September 13, 2006, 3:47pm

Anyone who is remotely concerned about security should set DEP ON in their bios, and set it as opt-out in windows (i.e. only disable it for programs that they NEED to run, and that crashes with DEP on).

In addition, they should atleast ONCE per day (until the manufacturer of programs that crash with dep fixes their software) mail the technical support adress to tell them that the software is faulty. Send them the crashlog XP generates every time.

If the software isn’t updated within a week, start talking about it on the open forums, and warn people against using money on that defective software. It’s the only way we (consumers) can make software corps FIX their programs.

//Svein

Rotty · September 14, 2006, 1:48am

Certainly an interesting opinion, and i don’t have the knowledge to confirm or refute this LOL

cheers, rotty

Melih · September 14, 2006, 1:50am

I agree with Svein

One of the nastiest ways to get in is thru a BO (Buffer Overflow attack). I think firewalls should do more to protect against BO

melih

m0ng0d · November 15, 2006, 4:00am

CFP… the Right Guard of firewalls :BNC