Windows Cryptic Error Messages

In The News General Security Information Exploit & Vulnerability Mailing List Archives Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware (25 posts) The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers
	Database Security (Common-sense Principles)
	Places that viruses and trojans hide on start up
	Step-by-Step Guide to Using the Security Configuration Tool Set
	Improving the Security of Your Site by Breaking Into it
	Domain Name Robbery
	XDCC - An .EDU Admin's Nightmare
	Database Security
	Database Security
	Is Database Security an Oxymoron?
	Database security: protecting sensitive and critical information
	The database security blanket
	Database security in your Web-enabled apps
	Making Your Network Safe for Databases
	SQL Injection: Modes of Attack, Defence, and Why It Matters
	Database Security in High Risk Environments
	Linksys Router Information (A collection)
	Common Ports
	Protection of the Administrator Account in the Offline SAM
	Windows 2000 Security
	The dangers of ftp conversions on misconfigured systems
	Win98.BlackBat
	AnnaKournikova worm decrypted
	C/C++ made easy with GoGooSE 1.0
	UNIX Bourne Shell Programming
	BATCH ProgramminG
	Assembly for nerds using linux
	THE LATEST IN DENIAL OF SERVICE ATTACKS: "SMURFING"
	The Ingredients to ARP Poison
	Outlook 2002: can't send .exe file with Email
	Windows 9x/Me Security and System Restrictions
	Exploiting The IPC Share
	Local Windows hacking
	Windows Cryptic Error Messages
	Windows NT Registry Tutorial
	catch a macro virus
	Protecting Files with Windows NTXP
	Microsoft Baseline Security Analyzer V1.1
	A Beginners Guide To Wireless Security
	Default Logins and Passwords for Networked Devices
	How To Eliminate The Ten Most Critical Internet Security Threats
	About computer crime
	System Backdoor Information
	System Backdoors Explained
	Introduction to Buffer Overflow
	Donald Pipkin's Security Tips for the Week of December 23rd
	Getting IP data from numerous sources
	Rainbow Series Library [The One The Only]
	Honeypots (Definitions and Value of Honeypots)
	General Attack Descriptions
	Wireless Taping
	CYBERTERRORISM
	Security from a different angle

Windows Cryptic Error Messages

By Ankit Fadia

Article pulled from BlackSun Security

View Homepage à

All those of you who re Windows users, may be pretty familiar with the blue error screen that Windows pops up now and again.Ilegal Operation errors, Exception errors and Kernal errors are a common sight. The problem with these common errors is that they provide the user with very little info on what caused the error to occur and why the hell did the application or Windows crash.In order to diagonise the reasons behind the crash or error, we need to be able to understand what Windows is trying to tell us through the weird difficult to understand error messages it provides us with.

There has been a lot of talk about Windows being a lamer's machine and a real uberhacker uses a Linux box and everything else...well I do not agree with it. There is a common belief amonst people that Windoze is very insecure and it sucks but then on the other hand Red Hat too is not so great in the security sphere. There are nearly 50 known exploits to get root on a Linux box. The reason why hackers have found so many holes or bugs in Windows is due to the fact the Windows is the most widely used OS in the world and the largest number of Hackers have access to Windows and the largest number of people have a go at Windoze's Security. The only thing that is in support of Linux is the fact that it is free and the concept of Open Source and wel performance. So what I think is that there is nothing wrong in Using a Windoze box for Hacking. Yes Linux does provide you access to some kewl hacking tools from the various shells but for Windows there are many third party freebies that allow you to do the same thing. Linux does make hacking easier but there is nothing wrong in using Windows for Hacking.If you are able to understrand the entire Windows system then believe me, it is great.

Anyway, lets get down to what this manual is actually meant for.

Errors

Many people go real panicky when they see the blue error screen or the blue death, they really don't know what to do, some even start calling tech support saying that their computer is infected with a virus. Well there is no reason for a user to dread Windows error messages. They can be used usefully and for diagonising problems or roots of the problems, and answer questions like What exactly caused an error to occur and When does an error occur and What sould I do to rectify this error.

There are three general types of error messages you may encounter when working with applications under Win-dows. These are Exception errors, Illegal operation errors and Kernel errors.

Exception Error

An exception error signifies that something unexpected has happened within the Windows environment, typically an improper memory access. For example, an application or a Windows component might read or write to a memory location that has not been allocated to it, potentially overwriting and corrupting other program code in that area of memory.

Fatal Errors

Fatal exception errors are typically of the form: 'A fatal exception <Xx> has occurred atxxxx:xxxxxxxx.

Fatal exception errors are codes returned by a program if access to an illegal instruction has been encountered, invalid data or code has been accessed, or the privilege level of an operation is invalid.

When any of these errors occur, the processor returns an exception to the operating system, which in turn is han-dled as a fatal exception error. In many cases, the exception is non-recoverable, and the system must be restarted or shut down, depending on the severity of the error.

In the fatal exception error 'A fatal exception <XX> has occurred at xxxx:xxxxxxxx, the <XX> represents the actual processor exception from OO to OF. The xxxx:xxxxxxxx represents the 'code segment pointer:actual address where the exception occurred'.

Illegal Operation errors

Illegal Operation errors or 'program crashes' are actually invalid page faults (IPF). The error message is similar to:

'This program has performed an illegal operation and will be shut down. If the problem persists, contact the pro-gram vendor.' If you click Details, the following error message appears:

'<Application> caused an invalid page

fault in module <module name> at <address>.' After you click OK, the pro-gram is shut down.

An invalid page fault also occurs when a program or a Windows compo-nent reads or writes to a memory loca-tion that is not allocated to it. Kernel errors are also similar.

The first clue to the cause of an IPF is in the IPF error message that is dis-played. Note the module name that is listed. If you can gather clues about the component that is causing the IPF, then you can target the specific cause of the problem.

Sometimes, removing and rein-stalling the file mentioned in the IPF cor-rects the problem. Mso, noting when the error occurs can help determine the cause of the problem. For example, if the error occurs when you try to print a doc-ument in Word, the problem could be with the printer driver rather than Word itselL

A key part of troubleshooting IPFs is to determine how widespread the problem is. Try to answer the following questions:

Is the problem reproducible (can you make it happen whenever you want), or does it occur at random?
Does the problem occur only in the current application or in other applica-tions as well?
Are there specific, known issues about the application that describe your problem?
Does the problem happen only with a particular file handled by that applica-tion?
Does the problem occur only at a par-ticular time, such as while printing?

If, when trying to reproduce the problem, the error does not occur again, you can assume you have solved the problem. If the error occurs in other applications, most probably the fault is not with the application but with Win-dows, a component of Windows or a piece of software that is running in the background. Check with the program vendor's site if there are known issues with the application that may cause IPFs under specific circumstances. If the IPF is specific to a certain file opened by this application, the file may be too large, or damaged.

Well I hope know you know how to face Windows error messaages and make use of them to get rid of roots of crashes and prevent them.

Ankit Fadia

Warning: include() [function.include]: URL file-access is disabled in the server configuration in /home/governme/domains/governmentsecurity.org/public_html/articles/WindowsCrypticErrorMessages.php on line 728

Warning: include(http://www.governmentsecurity.org/forum/ssi2.php?a=lastposts) [function.include]: failed to open stream: no suitable wrapper could be found in /home/governme/domains/governmentsecurity.org/public_html/articles/WindowsCrypticErrorMessages.php on line 728

Warning: include() [function.include]: Failed opening 'http://www.governmentsecurity.org/forum/ssi2.php?a=lastposts' for inclusion (include_path='.:/usr/local/share/pear') in /home/governme/domains/governmentsecurity.org/public_html/articles/WindowsCrypticErrorMessages.php on line 728