Firewall Wizards mailing list archives
Re: Extreme Hacking
From: Crispin Cowan <crispin () cse ogi edu>
Date: Mon, 12 Jul 1999 14:25:45 -0700
"Marcus J. Ranum" wrote:
Ge' Weijers wrote:On the other hand: those who need to develop security-related code, protocols etc. do need to have an awareness of common exploits.Yes, and no. They need to know classes of bugs to avoid, and categories of common mistakes. For example, if you're developing security critical code you need to know what buffer overruns are and how to prevent them -- you do not need an exploit script that tickles a bug in the latest version of BIND.
I do. Consider StackGuard: I claim that StackGuard-protected programs are impervious to stack smashing buffer overflows, and I have some lovely viewgraphs that explain why this is so, but why should anyone believe me? To prove my claim, we went out and got a bunch of live exploits and vulnerable programs, demonstrated that the exploits actually do give you root shells. Then we recompile the vulnerable programs with StackGuards, and try the attacks again. Result: StackGuard intrusion attempt warnings. Live exploits were a vital part of this experiment. In particular, live exploits for vulnerabilities announced AFTER we built StackGuard prove the point that StackGuard can stop future, unknown attacks. I understand how much nicer the world would be for defenders if exploits did not find their way into the hands of script kiddies. But there really are fully legitimate uses for current attack programs in building defensive systems. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
Current thread:
- Extreme Hacking Kunz, Peter (Jul 05)
- Re: Extreme Hacking Marcus J. Ranum (Jul 05)
- Re: Extreme Hacking Arjan Vos (Jul 05)
- Re: Extreme Hacking Aleph One (Jul 06)
- Re: Extreme Hacking Marcus J. Ranum (Jul 06)
- Re: Extreme Hacking Ge' Weijers (Jul 06)
- Re: Extreme Hacking Marcus J. Ranum (Jul 12)
- Re: Extreme Hacking Ge' Weijers (Jul 12)
- Re: Extreme Hacking Darren Reed (Jul 12)
- Re: Extreme Hacking Crispin Cowan (Jul 13)
- Re: Extreme Hacking deab (Jul 06)
- Re: Extreme Hacking Paul Woodie (Jul 06)
- Re: Extreme Hacking Craig H. Rowland (Jul 06)
- Re: Extreme Hacking Crispin Cowan (Jul 08)
- Re: Extreme Hacking Craig H. Rowland (Jul 09)
- Vulnerability Escrow (was: Extreme Hacking) Crispin Cowan (Jul 09)
- Re: Extreme Hacking Joseph S D Yao (Jul 12)
- Re: Extreme Hacking Craig H. Rowland (Jul 12)
- Re: Extreme Hacking Marcus J. Ranum (Jul 05)
- Re: Extreme Hacking Vanja Hrustic (Jul 09)