Re: anti-ptrace
From: John Davis (zhen_at_gentoo.org)
Date: 12/01/03
- Previous message: Mogens Valentin: "Re: tripwire"
- In reply to: Felipe Franciosi: "Re: anti-ptrace"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 01 Dec 2003 17:26:34 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Felipe Franciosi wrote:
|>I installed the anti-ptrace in my server linux, i like to know if exists
|>some form of an invader to defraud the anti-ptrace.
|>Tks.
Denis:
A PaX/ Grsecurity setup is another option to consider. PaX
<http://pageexec.virtualave.net> is a kernel patchset that implements a
non-executable stack, complete address space randomisation, mprotect()
restrictions, trampoline emulation, etc. IIRC, PaX is more mature than
openwall, the implementation that we use in Gentoo Hardened is rock
solid and very well done. Grsecurity <http://www.grsecurity.net> is a
kernel patchset that offers some very mature security measures such as
fs and proc restrictions, robust ACLs, and network protections.
Cheers,
//John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/y8AaZlASNRlGLUcRAiIWAKDNwc9Dh9IbTXhkGsv7HCVfgTr1uACfWXNi
bqLOuJKG6c2DR/UcSHrOTa4=
=9Ig0
-----END PGP SIGNATURE-----
- Previous message: Mogens Valentin: "Re: tripwire"
- In reply to: Felipe Franciosi: "Re: anti-ptrace"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
