Language Selection

English French German Italian Portuguese Spanish

Securing Slackware

Filed under
Linux
Using the exec-shield Kernel Patch on Slackware 10.1

by Kurt Fitzner

The Holy Grail of most any hacker trying to get access to a system is the remote buffer overflow attack. Well, actually, it's finding a Windows PC not protected by a firewall, but the remote buffer overflow attack is a (somewhat) close second. This article will discus one way to help protect against this type of attack on a Slackware Linux system with the installation of a special system called exec-shield.

This installation will occur in two phases. The first phase is installing the exec-shield kernel patch, the second is replacing some of Slackware's packages with ones that are compiled to work together with exec-shield.

What is a Buffer Overflow Attack?

Before we explain how to protect against a buffer overflow attack, it is useful to examine what exactly this attack is and what the ramifications are for an unprotected system.

The best way to secure against a buffer overflow attack is to run software that isn't vulnerable to such attacks.

In order for a malicious attacker to get your system to do what the attacker wants it to do by using a buffer overflow to rewrite a return address, the attacker has to know the exact address in memory on your system of a useful function.

Full Article.

More in Tux Machines

Pithos 1.2

  • New Version of Linux Pandora Client ‘Pithos’ Released
    A new release of open-source Linux Pandora client Pithos is now available for download.
  • Pithos 1.2 Improves The Open-Source/Linux Pandora Desktop Experience
    Chances are if you've ever dealt with Pandora music streaming from the Linux desktop you've encountered Pithos as the main open-source solution that works out quite well. Released today was Pithos 1.2 and it ships with numerous enhancements for this GPLv3-licensed Pandora desktop client. Pithos 1.2 adds a number of new keyboard shortcuts for the main window, initial support for translations, an explicit content filter option, reduced CPU usage with Ubuntu's default theme, redesigned dialogs and other UI elements, and more.

OPNsense 16.7

  • OPNsense 16.7 released
  • pfSense/m0n0wall-Forked OPNsense 16.7 Released
    The latest major release is out of OPNsense, a BSD open-source firewall OS project derived from pfSense and m0n0wall. OPNsense 16.7 brings NetFlow-based reporting and export, trafic shaping support, two-factor authentication, HTTPS and ICAP support in the proxy server, and UEFI boot and installation modes.

New Blackmagic and Wine

Linux Foundation and Linux

  • Google, Samsung, Radisys join CORD project
    The Open Networking Lab (ON.Lab) and The Linux Foundation have spun off the Central Office Re-architected as a Data Center (CORD) initiative into its own, new open source project, and Google, Samsung Electronics and Radisys are joining the CORD and ONOS Projects as new partners. Google plans to host the first CORD Summit on July 29 at Google Sunnyvale Tech Corner Campus in California, where industry leaders, network architects and administrators, developers and engineers will convene.
  • CORD Project Aims to Bring Cloud Agility to Service Providers
    The CORD Project recently became an independent project hosted by The Linux Foundation. CORD (TM) (Central Office Re-architected as a Datacenter), which began as a use case of ONOS®, brings NFV, SDN, and commodity clouds to the telco central office and aims to give telco service providers the same level of agility that cloud providers have to rapidly create new services. Major service providers like AT&T, SK Telecom, Verizon, China Unicom, and NTT Communications, as well as companies like Google and Samsung, are already supporting CORD.
  • Linux Kernel 4.4.16 LTS Released with Over 150 Changes, It's Already in Solus
  • Linux Kernel 4.6.5 Has Numerous Nouveau Improvements, ARM and ARM64 Fixes
  • Linux Kernel 4.6.5 and Kernel 4.4.16 released
    Just after a couple of weeks,Linux Kernel 4.6.4 and 4.6.15 release was announced,here comes the next release in both series of Linux kernel 4.6 and 4.4. Both the releases are to bring fixes and improvements in performance.There are some workarounds made in GPU drivers,Wireless,USB,Sound and others can be checked in the change log,Of Course. In the Kernel 4.6.5 there are 220 files changed,1754 files inserted newly and 998 deletations are made.On the other hand,Linux kernel 4.4.16 has 156 files are changed,1475 insetations and 845 deletations are notified as per the announcement.
  • Linux 4.7 now out with enhanced security and advanced graphics support