A Security Wish List for 2002

A kernel stack protection patch based on SD's was available on www.getrewted.net several months ago, you can find variants of it on several sites, e.g. at www.conostix.org/~fpmip/secos-patch/. There are also rpms of the libsafe library available if one has a hard time with kernel patches. Daemons which are often attacked are good targets for StackGuard compiles, which I did on my systems ages ago, also replacing the wu/proftpd usually found with the OpenBSD one.

Sure, it'd be nice for all these things to be done for us in the distributions. Mandrake includes libsafe by default now, I think. But aren't things like this what we get paid for anyway? After using stack protection in Solaris 2.6, I haven't installed a system without it. Why wait for the vendors? Do it yourself! :-)

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/52/9779#9779

We all have same urge to amend reality 2002-01-10
by law or action or by dreaming our way around it...

A Security Wish List for 2002 2002-01-10
Night Hawk

Definitive Solution under Windows NT/2000/XP 2002-01-11
Marco

A Security Wish List for 2002 2002-01-12
Elc0chin0

A Security Wish List for 2002 - blocking executables in mail 2002-01-16
Anonymous (2 replies)

A Security Wish List for 2002 - blocking executables in mail 2002-01-17
Anonymous (1 replies)

A Security Wish List for 2002 - blocking executables in mail 2002-01-19
Anonymous

A Security Wish List for 2002 - blocking executables in mail 2002-05-02
Anonymous

A Security Wish List for 2002 2002-01-24
Amarendra GODBOLE [amar AT efn DOT org ]

A Security Wish List for 2002 2002-01-28
Anonymous