Date: Wed, 26 Aug 1998 21:43:14 -0400 From: Barrett Richardson <rabtter@orion.aye.net> To: dyson@iquest.net, hackers@FreeBSD.ORG Subject: Re: I want to break binary compatibility. Message-ID: <35E4B9B2.3892CF05@orion.aye.net> References: <199808260142.UAA00976@dyson.iquest.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Many thanks to all who pitched in with information. I believe I now have enough info to start building some systems for my ISP (the owner is also a personal friend of mine from a previous job -- just to clarify some ambiguity in my original posting). The crackers have expressed intent of breaking into our systems again and I think they are going to gain access one way or another (via social engineering if nothing else). Scrambling the syscalls I think is going to have big payoffs per amount of work and I had a look at stackguard per a suggestion. Its a beautifully simple concept, throw a randomly generated word before the return address for a function and have the compiler emit code to insure that it is not clobbered before returning from said function. I do, however have good news to report after our system breach. We did have a quad Challenge DM with 384 megs of RAM. Out of necessity we threw our virtual domains (about 330) on a Pentium 133 with 128 megs of RAM and decided to let it run till it choked before we slapped more RAM and a faster processor in it. The SGI was doing other significant thing other than virtaul domains, but those were responsible for about half the load -- and the SGI was struggling. The choking point we were dreading with our FreeBSD box never came -- still sitting there humming along while we are piecing together some permanent boxes. To say that we are "suprised" is an understatement. - Barrett Richardson rabtter@aye.net John S. Dyson wrote: > > Nicholas Charles Brawn said: > > > > If any of you who are involved in this thread aren't subscribed to > > freebsd-security (why not? *smack*), I've put together something that > > prevents arbitrary execution of binaries. > > > I am not subscribed to any mailing lists anymore, but drop-in once > in a while :-). > > -- > John | Never try to teach a pig to sing, > dyson@iquest.net | it makes one look stupid > jdyson@nc.com | and it irritates the pig. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35E4B9B2.3892CF05>