Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: cron exploit?
From: "Steve Bremer" <steveb () nebcoinc com>
Date: Wed, 01 Oct 2003 17:05:05 -0500


so all those
nice little local buffer and heap overflows (and other potential
privilege escalation ilk) are less dangerous than they would otherwise
be.


Have you also considered trying the grsecurity kernel patch?  I've 
found it to be quite stable in my testing as long as you don't chose 
the experimental options (e.g. KERNEXEC).  It provides some 
protection against stack and heap overflows, return into libc 
exploits, and temporary file handling issues.  It actually has a 
complete MAC system built in if you want to use it.  There are also a 
bunch of other protection enhancing features available that I won't 
go into here.  

I recommend grsecurity for boxes that have local users since it 
provides a lot additional protections if you can afford the small 
performance hit.

www.grsecurity.org

Steve Bremer
NEBCO, Inc.
System & Security Administrator

---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
  • Re: cron exploit? Steve Bremer (Oct 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]