Firewall Wizards mailing list archives

Fwd: Re: securing bind

From: Predrag Zivic <pzivic () yahoo com>
Date: Wed, 24 Nov 1999 08:29:04 -0800 (PST)

Another solution to preventing buffer overflows for
all other OSs can be found at

http://www.platinum.com/products/sysman/security/sec_feat.htm

Pez

--- Crispin Cowan <crispin () cse ogi edu> wrote:

Date: Tue, 23 Nov 1999 02:45:35 +0000
From: Crispin Cowan <crispin () cse ogi edu>
Organization: Oregon Graduate Institute
To: Ken Hardy <ken () bridge com>,
        Firewall Mailing List
<firewall-wizards () nfr net>
Subject: Re: securing bind
Reply-to: Crispin Cowan <crispin () cse ogi edu>

Crispin Cowan wrote:

Ken Hardy wrote:

It's obvious that we'll never see the end of

stack overrun

attacks until overrunning the stack doesn't get

you anywhere.

IMHO something like StackGuard should be a

standard option on

...

Alternatively (and higher performance?) Solaris

2 has a kernel

parameter that can be set to make the stack

non-executable.


As does Linux.  I've just finished writing a paper

describing the comparative

effectiveness of a variety of buffer overflow

defenses.  Notably, non-executable

stack overlaps with StackGuard, but each has

attacks that it uniquely defends

against.  Since they are compatible, both should

be used for maximum coverage.

The paper will appear at the DARPA Information

Survivability Expo (

http://schafercorp-ballston.com/discex/ ) and an

invited talk at SANS 2000 (

http://www.sans.org/newlook/events/sans2000.htm ).

 I'll have the paper up on

the publications page at http://immunix.org

shortly.

Ok, I've posted my paper.  It is available for
download here:
http://immunix.org/StackGuard/discex00.pdf

Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc.   
http://wirex.com
Free Hardened Linux Distribution:                
http://immunix.org


__________________________________________________
Do You Yahoo!?
Thousands of Stores.  Millions of Products.  All in one place.
Yahoo! Shopping: http://shopping.yahoo.com

Current thread:

securing bind Jan Stifter (Nov 17)
- Re: securing bind Craig H. Rowland (Nov 17)
  - Re: securing bind chuck (Nov 18)
  - Re: securing bind Ken Hardy (Nov 21)
    - Re: securing bind Crispin Cowan (Nov 22)
    - Re: securing bind Crispin Cowan (Nov 23)
    - Re: securing bind Saravana Ram (Nov 23)
    - Who to blame (was RE: securing bind) Anton J Aylward (Nov 26)
    - Re: securing bind Gerardo Richarte (Nov 26)
- Re: securing bind what's your style (Nov 18)
- <Possible follow-ups>
- Fwd: Re: securing bind Predrag Zivic (Nov 28)