Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- buffer overflow and format string vuln.
April 10, 2005, 9:23 pm
rate this thread
Sometimes we can hear abou new attacks performed successfuly. I found
software that should prevent OS from doing these attack (OpenWall
ttp://www.openwall.com/ , GRsecurity http://www.grsecurity.org/ , ProPolice
, StackGuard and StackShield ) Do you know these tools ? Could you tell if
they really do a good job ? Does exist any software preventing these attacks
Re: buffer overflow and format string vuln.
They certainly help, althought none of are perfect (for example, I believe
there's an article in Phrack on problems with GRsecurity's ASLR). If you've
done your homework, you'll also know that these tools operate in different
ways: some require you to recompile all the applications you wish to
protect using a patched version of gcc, others have high overheads, others
are incompatible with certainly applications (such as XFree86).
That said, they're definitely worth looking into: the pros greatly outway
the cons, imho). You might also want to look at LIDS and libsafe.
Incidently, GRsecurity, LIDS and Openwall do a lot more than protect against
buffer overflows/format string attacks.
"Linux Network Security", the ultimate book on protecting your network from
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security