Language Selection

English French German Italian Portuguese Spanish

Securing Slackware

Filed under
Linux
Using the exec-shield Kernel Patch on Slackware 10.1

by Kurt Fitzner

The Holy Grail of most any hacker trying to get access to a system is the remote buffer overflow attack. Well, actually, it's finding a Windows PC not protected by a firewall, but the remote buffer overflow attack is a (somewhat) close second. This article will discus one way to help protect against this type of attack on a Slackware Linux system with the installation of a special system called exec-shield.

This installation will occur in two phases. The first phase is installing the exec-shield kernel patch, the second is replacing some of Slackware's packages with ones that are compiled to work together with exec-shield.

What is a Buffer Overflow Attack?

Before we explain how to protect against a buffer overflow attack, it is useful to examine what exactly this attack is and what the ramifications are for an unprotected system.

The best way to secure against a buffer overflow attack is to run software that isn't vulnerable to such attacks.

In order for a malicious attacker to get your system to do what the attacker wants it to do by using a buffer overflow to rewrite a return address, the attacker has to know the exact address in memory on your system of a useful function.

Full Article.

More in Tux Machines

Android Leftovers

A short critique of Stallmanism

I like Stallman and tend to agree with him often: regarding software, or other politics. This article tries to constructively criticize some parts of the free software movement's ideology, which I collectively refer to as "Stallmanism" (only as pun). It is not an attempt at a personal attack on Stallman, and by reading further you will probably see my politics are very far from that: I coined the term Stallmanism simply because he is at the center of the movement and himself a primary source of the ideas I am critiquing. Read more

Google may unveil merged Android and Chrome OS, dubbed Andromeda, at event

If you thought Google’s October 4 event — where the firm is rumored to launch two smartphones, Google Home, Daydream VR, Chromecast Ultra, and Wi-Fi Routers — wasn’t packed enough, think again. It has been a long time coming, but Google may finally offer a peak at Andromeda, an operating system that sees the merger of Android and Chrome OS. Andromeda is the code name for the long-rumored merger, and Android Police says it have been sitting on a rumor that Google may demo the OS in October. What made the company share it now? A tweet from Hiroshi Lockheimer, senior vice president of Android, Chrome OS, and Google Play at Google. Read more

KDE Leftovers