Re: kernel aslr: someone interested?

To: Mouse <mouse%Rodents-Montreal.ORG@localhost>, tech-kern%NetBSD.org@localhost
Subject: Re: kernel aslr: someone interested?
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
Date: Sun, 26 Mar 2017 00:50:08 -0700

On Mar 25, 10:17pm, Mouse wrote:
}
} > [ASLR] is just one more check mark in the exploit building tool.
} 
} Yes and no.
} 
} It increases the work required to exploit any putative bugs.  It does
} not make exploitation impossible, but that does not mean it's not worth
} making it harder.  "You don't have to run faster than the bear; you
} just have to run faster than someone else."  That is, you don't have to
} be impossible to exploit; you just have to be enough harder to make
} them go after someone else instead.

     True enough.  Sometimes the simplest things are effective at
keeping the script kiddies away.  I use a different port for SSH
on my gateway box and I never hear from the script kiddies even
though a simple port scan would quickly find my SSH server.  On
the other hand, machines with SSH on the normal port are constantly
being hammered by the script kiddies.

}-- End of excerpt from Mouse

References:
- Re: kernel aslr: someone interested?
  - From: Mouse

Prev by Date: Re: kernel aslr: someone interested?
Next by Date: Re: Exposing FUA as alternative to DIOCCACHESYNC for WAPBL
Previous by Thread: Re: kernel aslr: someone interested?
Next by Thread: Re: kernel aslr: someone interested?
Indexes:

Home | Main Index | Thread Index | Old Index