Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: Peter Pentchev <roam () ORBITEL BG>
Date: Sat, 2 Sep 2000 20:30:26 +0300
That's quite nice, but I was thinking about something a bit less intrusive; a userland application, no kernel meddling (with a goal of portability in mind; I haven't been all that happy with Linux lately, and NO, I am NOT happy with the idea of a OS flamewar either :). On Sat, Sep 02, 2000 at 11:44:03AM -0400, Andrew Scott Reisse wrote:
Yes. There are kernel patches that do this kind of stuff. A very nicely configurable kernel security patch is medusa. I forgot where to get it but if anyone wants it I have the source. You define rules of what a process can access in a config file and can make syscalls (like socket()) change access.
G'luck, Peter -- I am the thought you are now thinking.
Current thread:
- Re: Remote exploitation of network scanners? Domenico De Vitto (Sep 01)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Sep 01)
- <Possible follow-ups>
- Re: Remote exploitation of network scanners? Peter Pentchev (Sep 02)
- Re: Remote exploitation of network scanners? Andrew Scott Reisse (Sep 02)
- Re: Remote exploitation of network scanners? Peter Pentchev (Sep 02)
- Re: Remote exploitation of network scanners? Andrew Scott Reisse (Sep 02)