Using a pre-shared secret.
This technique works as long as the key isn’t discovered.
Truly locking-down the exchange is tough. Your bat bet is the service SID approach.
Peter
OSR
@OSRDrivers
Using a pre-shared secret.
This technique works as long as the key isn’t discovered.
Truly locking-down the exchange is tough. Your bat bet is the service SID approach.
Peter
OSR
@OSRDrivers
Theoretically, you have an infinity of choices in regards to providing some -enhanced_ security mechanism for access to your driver.
You could require a HW dongle. You could develop a special hash exchange between your UM and KM code. You could assign a specialized security descriptor for a specialty service account.
An appropriately skillful administrator can defeat any of these methods and more ? and a skillful person with a debugger can defeat these even with out universal admin privileges
Your best option will be to decide on a level of security sufficient for your needs. Modern Windows (IIRC Vista+) has application service accounts. Create one of these in your installer / configuration tools and then assign an appropriate SD for your KM endpoint.
You can do many additional things, but the security that they create is fundamentally illusory ? this does not mean that they can?t be effective to defeat casual interference with your setup ? but it does mean that they are not actually secure.
Sent from Mailhttps: for Windows 10
From: Jan Bottorffmailto:xxxxx
Sent: June 24, 2017 8:23 PM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: Re: [ntdev] best method/approach to secure my driver?
An easy thing you can do in a day or three is configure a user mode service to run in a unique special service security account (which has a security identifier based on a hash of the service name, so can be predetermined at development time, and can?t be faked by a non-service process or another service with a different name). You then set the security descriptor for your device to only allow access from that specific security descriptor (and not general high privilege accounts like administrator). A slight detail is if you want your secure service to access any files, you will need to set the security descriptor on the files/directories too (like at product install time). You also can set network filters on that service to restrict who can talk to it over a network, this is called service hardening, and applies even if you disable the normal network firewall.
The page at https://blogs.technet.microsoft.com/askperf/2008/02/03/ws2008-windows-service-hardening/ talks about all this.
Jan
On 6/24/17, 2:52 PM, “xxxxx@lists.osr.com on behalf of xxxxx@mail.ru” wrote:
If my service communicates with my driver via DeviceIoControl, what is the best way to secure my driver from preventing being used by unauthorized applications? for example, random apps sending fake IOCTLs
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:></http:></http:></http:></mailto:xxxxx></mailto:xxxxx></https:>