Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: core dump

From: jnorman () insync net (Johnathan Norman)
Date: Fri, 26 May 2000 07:44:53 -0500 (CDT)

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
a core dump normally follows a segmentation fault (ie: it dumps its
core). Which means a program is not handling memory as it should. 
If you have a program with root permissions dumping core, I would say it
is an issue that needs to be looked into.


I really need a brain dump on core dump ;)


A core dump is the copying what is in ram at a given time to the hard
drive.

info on smashing stacks =
http://phrack.infonexus.com/search.phtml?view&article=p49-14

Johnathan Norman
Insync Internet Services
Technical Support/ DNS
(713) 407-7054
JNorman () Insync net

On 26 May 2000, SHAIFUL HASHIM wrote:


Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
-----------------------------------------------------------------------------
Hi all,

Does a core dump file own by root indicates compromised host from buffer
overflow exploit? 

I really need a brain dump on core dump ;)

Regards,
Shaiful
Universiti Kebangsaan Malaysia

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
Previous By Date Next
Previous By Thread Next

Current thread: