mailing list archives
From: "Michael A. Williams" <mike () netxsecure net>
Date: Wed, 26 Jun 2002 08:18:45 +1200
Does apache-scalp.c work against your OpenBSD or FreeBSD system or not.
Either way it would be nice to know that you have some signed_exec code
acting as an additional security layer to stop unauthorized binaries if
not by denial at least then warning of their existence in Real Time.
Our signed_exec kernel patches for FreeBSD and OpenBSD are designed to
stop the installation of root kits on a compromised system, regardless
of the programming mistake or reason resulting in a compromise, the idea
is to not allow a Trojaned binary to execute under the guise of a valid
program, shared library or loadable kernel module.
We have been working on OpenBSD and FreeBSD with intentions to also look
at a GNU/Linux port and believe that there has been work underway for
some time on NetBSD to do something similar.
For more information see http://www.trojanproof.org
Regards, Michael A. Williams.
- Re: apache-scalp.c Michael A. Williams (Jun 27)