|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: anti-ptrace
From: John Davis (zhen
gentoo.org)
Date: Mon Dec 01 2003 - 16:26:34 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Felipe Franciosi wrote:
|>I installed the anti-ptrace in my server linux, i like to know if exists
|>some form of an invader to defraud the anti-ptrace.
|>Tks.
Denis:
A PaX/ Grsecurity setup is another option to consider. PaX
<http://pageexec.virtualave.net> is a kernel patchset that implements a
non-executable stack, complete address space randomisation, mprotect()
restrictions, trampoline emulation, etc. IIRC, PaX is more mature than
openwall, the implementation that we use in Gentoo Hardened is rock
solid and very well done. Grsecurity <http://www.grsecurity.net> is a
kernel patchset that offers some very mature security measures such as
fs and proc restrictions, robust ACLs, and network protections.
Cheers,
//John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/y8AaZlASNRlGLUcRAiIWAKDNwc9Dh9IbTXhkGsv7HCVfgTr1uACfWXNi
bqLOuJKG6c2DR/UcSHrOTa4=
=9Ig0
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]