Re: [Full-disclosure] plz suggest security for DLL functions

[Gaurav Kumar <gkverma@xxxxxxxxx>]

thanks a lot friends. i really got some innovative ideas from all of you. 

regards,
gaurav

On 7/2/05, John LaCour <johnlacour@xxxxxxxxx> wrote:
> Another suggestion - also not bullet proof - but largely effective:
> 
> 1) Write a kernel mode driver that hooks the Win32 APIs to load DLLs
> and filter any calls by programs other than your own.
> 
> 2) Ensure your driver protects itself.  There's a long list of things
> to do including:
> - protect the registry key / hive
> - protect the driver file
> - protect access to physical memory
> - etc. etc.
> 
> 3) Ensure that attacks to undo API hooks are prevented.
> See http://www.security.org.sg/code/sdtrestore.html as an example of
> these attacks (which can be used for evil or good in the case of
> undoing rootkit hooks).
> 
> As others have mentioned, the above made be significantly more
> expensive than the good EULA and lawyers route.
> 
> -John
> 
> On 6/30/05, Gaurav Kumar <gkverma@xxxxxxxxx> wrote:
> > friends,
> >
> > We are developing a software that makes use of a COM DLL. The whole
> > logic lies in the dll. The User Interface is in VC++. DLL exposes
> > functions, application calls it and displays result. Now, we found
> > that anybody can copy the DLL, register it and make use of those
> > functions.
> >
> > Please guide us in making those functions secret or encrypted so that
> > others cannt use our functions.
> >
> > thanks and regards,
> > gaurav
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/