Firewall Wizards mailing list archives
Re: securing bind
From: Crispin Cowan <crispin () cse ogi edu>
Date: Tue, 23 Nov 1999 02:45:35 +0000
Crispin Cowan wrote:
Ken Hardy wrote:It's obvious that we'll never see the end of stack overrun attacks until overrunning the stack doesn't get you anywhere. IMHO something like StackGuard should be a standard option on...Alternatively (and higher performance?) Solaris 2 has a kernel parameter that can be set to make the stack non-executable.As does Linux. I've just finished writing a paper describing the comparative effectiveness of a variety of buffer overflow defenses. Notably, non-executable stack overlaps with StackGuard, but each has attacks that it uniquely defends against. Since they are compatible, both should be used for maximum coverage. The paper will appear at the DARPA Information Survivability Expo ( http://schafercorp-ballston.com/discex/ ) and an invited talk at SANS 2000 ( http://www.sans.org/newlook/events/sans2000.htm ). I'll have the paper up on the publications page at http://immunix.org shortly.
Ok, I've posted my paper. It is available for download here: http://immunix.org/StackGuard/discex00.pdf Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- securing bind Jan Stifter (Nov 17)
- Re: securing bind Craig H. Rowland (Nov 17)
- Re: securing bind chuck (Nov 18)
- Re: securing bind Ken Hardy (Nov 21)
- Re: securing bind Crispin Cowan (Nov 22)
- Re: securing bind Crispin Cowan (Nov 23)
- Re: securing bind Saravana Ram (Nov 23)
- Who to blame (was RE: securing bind) Anton J Aylward (Nov 26)
- Re: securing bind Gerardo Richarte (Nov 26)
- Re: securing bind Craig H. Rowland (Nov 17)
- <Possible follow-ups>
- Fwd: Re: securing bind Predrag Zivic (Nov 28)