tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel aslr: someone interested?

On Mar 25, 10:17pm, Mouse wrote:
} > [ASLR] is just one more check mark in the exploit building tool.
} Yes and no.
} It increases the work required to exploit any putative bugs.  It does
} not make exploitation impossible, but that does not mean it's not worth
} making it harder.  "You don't have to run faster than the bear; you
} just have to run faster than someone else."  That is, you don't have to
} be impossible to exploit; you just have to be enough harder to make
} them go after someone else instead.

     True enough.  Sometimes the simplest things are effective at
keeping the script kiddies away.  I use a different port for SSH
on my gateway box and I never hear from the script kiddies even
though a simple port scan would quickly find my SSH server.  On
the other hand, machines with SSH on the normal port are constantly
being hammered by the script kiddies.

}-- End of excerpt from Mouse

Home | Main Index | Thread Index | Old Index