Re: stackguard-like embedded protection

[Crispin Cowan <crispin () WIREX COM>]

Greg KH wrote:

> One nice advantage of running a box protected by StackGuard, like
> Immunix OS, is the offsets in most all pre-packaged crack scripts for
> the format bugs don't seem to work :)

This is an obscurity effect:  once the attacker figures out that s/he is
facing a StackGuarded program, it isn't that hard for the attacker to
re-calculate the offsets.  So while this does give you useful resistance to
idiot script kidz, it does not provide serious security against format bugs.

Crispin

P.S.  Thanks to Greg, who provided me with the list of programs that use %n in
my previous post.  I forgot to credit him.

--
Crispin Cowan, Ph.D.
Chief Research Scientist, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution:                    http://immunix.org
                Olympics:  The Corruption Games