[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kernel aslr: someone interested?
On Mar 25, 10:17pm, Mouse wrote:
} > [ASLR] is just one more check mark in the exploit building tool.
} Yes and no.
} It increases the work required to exploit any putative bugs. It does
} not make exploitation impossible, but that does not mean it's not worth
} making it harder. "You don't have to run faster than the bear; you
} just have to run faster than someone else." That is, you don't have to
} be impossible to exploit; you just have to be enough harder to make
} them go after someone else instead.
True enough. Sometimes the simplest things are effective at
keeping the script kiddies away. I use a different port for SSH
on my gateway box and I never hear from the script kiddies even
though a simple port scan would quickly find my SSH server. On
the other hand, machines with SSH on the normal port are constantly
being hammered by the script kiddies.
}-- End of excerpt from Mouse
Main Index |
Thread Index |