Re: BO preproc exploit published

[byte_jump <bytejump () gmail com>]

ProPolice:
http://www.research.ibm.com/trl/projects/security/ssp/
You need to have a GCC that has stack-smash-protector (SSP)
functionality. You can see if your GCC does by issuing the following
command:
gcc -v

If your gcc has SSP built in, it will output something like this:
gcc version 3.3.4 20040623 (Gentoo Hardened Linux 3.3.4-r1,
ssp-3.3.2-2, pie-8.7.6)

The "ssp" and "pie" (Position-Independent Executable) are what you
want to see. During compilation you want to see something like
"fstack-protector" in the compilation output. You can Google for more
info, but those are the basics.

Grsecurity and PaX can be found here:
http://grsecurity.net/
http://pax.grsecurity.net/

Those are patches for the Linux kernel and I highly recommend that you
read the info available on grsecurity's site. The "features" page has
quite a list describing what grsecurity does:
http://grsecurity.net/features.php



On 10/26/05, Ron Jenkins <rjenkins () dibr net> wrote:
> Hello
>
> Do you have web links for those two? I am interested in looking at them.
>
> Thanks much...


-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users