|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Curt Wilson (curtwilson618
gmail.com)
Date: Thu Mar 26 2009 - 23:34:48 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Mar 26, 2009 at 12:44 PM, Jeremy Brown <0xjbrown41gmail.com> wrote:
<snip>
> From the Linux perspective,
> all around, things seem to be done more efficiently. Are applications
> more secure on Linux? Not really. But a result of protections readily
> available on Linux distributions (honorable mentioned on BSD
> derivatives and Solaris) has nearly diminished public exploits for
> applications that result in stack smashing or otherwise memory-related
> exploitation.
I've aware of recent successful linux heap corruption using malloc
maleficarum techniques "house of mind" and "house of spirit" for server-side
attacks, and "house of mind" for a client-side attack on a PDF reader. Only
one of these was made public. I haven't seen a public exploit for a linux
stack overflow in ages. What I'm seeing "in the wild" in the day job is
more and more trickery and a continued reliance on older windows exploits,
with a few exceptions. One recent exception I am currently investigating is
a Torpig trojan infection (+ mebroot) that was possibly dropped on the box
through a driveby with a relatively recent (known) java bug (no public
exploit, that I know of, however).
cw
>
>
> 2009/3/26 Dave Aitel <dave.aitelgmail.com>:
> > So over and over for several years now you can hear people in the
> offensive
> > information security talk in despair about the new Microsoft protection
> > measures. But here's the thing as I see it - if you tell yourself its
> > impossible, then it definitely will be. As Joe Bennet from "Lipstick
> > Jungle" would say: "Plan for success!".
> >
> > All of the new security technologies coming out total a one or two order
> of
> > magnitude increase in an attacker's costs. That's not impossible, that's
> > just inflation. So deal.
> >
> > _______________________________________________
> > Dailydave mailing list
> > Dailydavelists.immunitysec.com
> > http://lists.immunitysec.com/mailman/listinfo/dailydave
> >
> >
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]