C2 compliance?

[Guest Ham Pastrami]

I have read some articles about Windows NT/2K C2-compliance. The part that

interests me is object reuse protection. Supposedly this means that disk

space is initialized to 0 when it is allocated. However, I don't see this

happening on my 2K system, not as far as I can tell. Wouldn't zeroing (for

say, hundreds of megabytes) imply a long write to disk everytime a new file

was created?

 

I initially thought that C2 compliance could be achieved through

configuration, but did not ship that way out of the box. Some of the

articles state that the evaluation applies to off-the-shelf products, which

is ambiguous as to whether that means default configuration or simply a lack

of third party software.

 

The articles also tend to talk only about NT/2K and not XP or Vista. Why is

that?

[Guest David H. Lipman]

Re: C2 compliance?

 

From: "Ham Pastrami" <nomail@dot.com>

 

| I have read some articles about Windows NT/2K C2-compliance. The part that

| interests me is object reuse protection. Supposedly this means that disk

| space is initialized to 0 when it is allocated. However, I don't see this

| happening on my 2K system, not as far as I can tell. Wouldn't zeroing (for

| say, hundreds of megabytes) imply a long write to disk everytime a new file

| was created?

|

| I initially thought that C2 compliance could be achieved through

| configuration, but did not ship that way out of the box. Some of the

| articles state that the evaluation applies to off-the-shelf products, which

| is ambiguous as to whether that means default configuration or simply a lack

| of third party software.

|

| The articles also tend to talk only about NT/2K and not XP or Vista. Why is

| that?

|

 

Do you even know what C2 is ?

 

How about the idea C2 is outdated ?

 

Hint: Go to the NIST for the latest security specs/recommendations.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

http://www.ik-cs.com/got-a-virus.htm

[Guest Ham Pastrami]

Re: C2 compliance?

 

 

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:eFdqMo1wHHA.4588@TK2MSFTNGP05.phx.gbl...

> Do you even know what C2 is ?

 

Not intimately, no, nor do I intend to.

> How about the idea C2 is outdated ?

 

You realize this ng is for discussing a 7-year-old OS, right?

> Hint: Go to the NIST for the latest security specs/recommendations.

 

Unless my Win2k is also going there to update itself, I don't see how this

is relevant to my question.

 

Hint: I'm interested in Windows' file allocation behavior, not security

recommendations.

[Guest David H. Lipman]

Re: C2 compliance?

 

From: "Ham Pastrami" <nomail@dot.com>

 

|

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

| news:eFdqMo1wHHA.4588@TK2MSFTNGP05.phx.gbl...

>> Do you even know what C2 is ?

|

| Not intimately, no, nor do I intend to.

|

>> How about the idea C2 is outdated ?

|

| You realize this ng is for discussing a 7-year-old OS, right?

 

C2 was created for NT4. It is older than 7 years.

You are assuming static conditions. Threats change and so do recommended security

settings.

C2 is outdated even for NT4 (albeit anybody who is think those levels of security should NOT

being using NT4 )

 

>> Hint: Go to the NIST for the latest security specs/recommendations.

|

| Unless my Win2k is also going there to update itself, I don't see how this

| is relevant to my question.

|

| Hint: I'm interested in Windows' file allocation behavior, not security

| recommendations.

|

 

I gues you will not FIND your answer then.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

http://www.ik-cs.com/got-a-virus.htm

[Guest Ham Pastrami]

Re: C2 compliance?

 

 

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:%23%23qz9J2wHHA.1164@TK2MSFTNGP02.phx.gbl...

> From: "Ham Pastrami" <nomail@dot.com>

> | You realize this ng is for discussing a 7-year-old OS, right?

>

> C2 was created for NT4. It is older than 7 years.

 

Reiterating. You realize THIS NG is for discussing a 7-year-old OS, right?

I'm referring to the "win2000" part in the name.

> C2 was created for NT4. It is older than 7 years.

> You are assuming static conditions. Threats change and so do recommended

> security settings.

> C2 is outdated even for NT4 (albeit anybody who is think those levels of

security > should NOT

> being using NT4 )

 

Allow me to condense this line of discussion before we waste any more of

each other's time.

 

My question: Does your vinyl player scratch your records?

Your reply : Optical discs are the standard medium today.

My question: Does your vinyl player scratch your records?

(repeat)

> I gues you will not FIND your answer then.

 

Actually I found one from 1998, but thanks for the advice.

 

http://groups.google.com/group/comp.os.ms-windows.nt.admin.networking/msg/5f7f40e8db1b9c59?hl=en&

 

Windows did not ship in C2 configuration, so as I suspected the zero on

allocation does not occur on default installations.