|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Buffer Overflows and DoS
From: Douglas Ostling (quasi
quasisoft.com)Date: Wed Apr 26 2000 - 23:45:13 CDT
- Next message: Fred Cohen: "Re: DoS"
- Previous message: Crispin Cowan: "Buffer Overflows and DoS"
- In reply to: Crispin Cowan: "Buffer Overflows and DoS"
- Next in thread: Crispin Cowan: "Re: Buffer Overflows and DoS"
- Reply: Douglas Ostling: "Re: Buffer Overflows and DoS"
- Reply: Crispin Cowan: "Re: Buffer Overflows and DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 27 Apr 2000, Crispin Cowan wrote:
> Douglas Ostling wrote:
>
> > Of course, we know the DoS implications of this, so what is the
> > result when the same happens to an application on an Openwall-patched
> > kernel system?
>
> Context dependent. The program might seg fault, or it might catch the
> seg fault and carry on. Unlike StackGuarded programs, it does not
> give you a definitive syslog entry that says "someone tried to
> overflow this program in that function(), but I stopped them."
>
In the case of lynx, I have seen the overflowed characters on the screen.
I have to kill the running program. This looks like the perfect candidate
for StackGuard. How about the apache method of using a super-server to
start the child processes? Could we do this with bind and sendmail, as well?
Does this make better sense than inetd?
With regards,
Douglas Ostling, Internet Entrepreneur
----> quasiquasisoft.com <----
- Next message: Fred Cohen: "Re: DoS"
- Previous message: Crispin Cowan: "Buffer Overflows and DoS"
- In reply to: Crispin Cowan: "Buffer Overflows and DoS"
- Next in thread: Crispin Cowan: "Re: Buffer Overflows and DoS"
- Reply: Douglas Ostling: "Re: Buffer Overflows and DoS"
- Reply: Crispin Cowan: "Re: Buffer Overflows and DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]