Data on Linux attacks (was Re: [oss-security] Re: Fwd: x86 ROP mitigation)

[Josh Bressers <bressers () redhat com>]

> We face the problem that I and my immediate colleagues (on the Red Hat
> tools team) do not have access to information about successful
> compromises, and what attackers actually do today, on GNU/Linux systems,
> both to achieve initial access and to maintain a presence afterwards.
> Under these conditions, anything we implement is, to some degree,
> arbitrary and a shot in the dark.  We can still use our best judgment to
> set priorities, but we are very far from being guided by empirical evidence.

This is a place I think we could all stand to work together on. If anyone
has any information on Linux attacks it would be very useful for planning
future projects.

There is a lot of evidence against some other platforms, but I've not seen
anything great around Linux specifically.

If anyone has ideas or comments, I'm all ears.

-- 
    JB