Language Selection

English French German Italian Portuguese Spanish

Securing Slackware

Filed under
Linux
Using the exec-shield Kernel Patch on Slackware 10.1

by Kurt Fitzner

The Holy Grail of most any hacker trying to get access to a system is the remote buffer overflow attack. Well, actually, it's finding a Windows PC not protected by a firewall, but the remote buffer overflow attack is a (somewhat) close second. This article will discus one way to help protect against this type of attack on a Slackware Linux system with the installation of a special system called exec-shield.

This installation will occur in two phases. The first phase is installing the exec-shield kernel patch, the second is replacing some of Slackware's packages with ones that are compiled to work together with exec-shield.

What is a Buffer Overflow Attack?

Before we explain how to protect against a buffer overflow attack, it is useful to examine what exactly this attack is and what the ramifications are for an unprotected system.

The best way to secure against a buffer overflow attack is to run software that isn't vulnerable to such attacks.

In order for a malicious attacker to get your system to do what the attacker wants it to do by using a buffer overflow to rewrite a return address, the attacker has to know the exact address in memory on your system of a useful function.

Full Article.

More in Tux Machines

Parted Magic 2014.11.19 Now Has Boot Repair Option

Parted Magic is a Linux distribution that features numerous tools for disk management, such as GParted and Parted. It’s one of the best distros of its kind, but also a commercial OS. Read more

With Assembly, anyone can contribute to open-source software and actually get paid

The open-source movement has produced some of the most widely utilized software in the world, a huge economic value driven by a widely dispersed community who believe contributing good work is often its own reward. Outside of the world of computer science, however, these strategies are still relatively niche. A San Francisco startup called Assembly is trying to change all that, by evolving the open-source model to easily incorporate disciplines outside coding and to include a shared profit motive as well. Today the company is announcing a $2.9 million round of funding it will use to help expand its platform. Read more

French, German, Dutch and Italian hackathons fuel UK ODF plugfest

Hackathons in Toulouse (France), Munich (Germany), Woerden (the Netherlands) and Bologna (Italy) involving software developers and public administrations, are providing input for the ODF Plugfest taking place in London on 8 and 9 December. The first four meetings involve developers working on the Open Document Format ODF and the LibreOffice suite of office productivity tools. The ODF Plugfest brings together multiple implementers and stakeholders of this document standard. The plugfest is aimed at increasing interoperability, tests implementations and discuss new features. Read more

Europe Commission approves Tradeshift data format for goverment purchasing

A product of OASIS, the Organization for the Advancement of Structured Information Standards, UBL was developed in a transparent standards-setting process over a period of 13 years by hundreds of leading business experts. OASIS is the same organization that created ODF, the Open Document Format (ISO/IEC 26300), a widely used International Standard for word processing. Read more