Re: Buffer overflow prevention

[Crispin Cowan <crispin@immunix.com>]

Shaun Clowes wrote:

>Perhaps I'm the only one who feels this way, but I believe that the vast
>majority of the exploitation of systems is being performed by people
>with no knowledge of how to write an exploit and that the vast majority
>of exploits are fragile. Doing anything that makes you different from
>every other installation of Linux/HPUX/Solaris/InsertOSHere will
>drastically decrease the changes of any point and click exploit working
>against you.
>
>Could a determined (and knowledgable) attacker still get through? Sure.
>But if we're talking protections that take very little effort to
>implement, have a minor performance impact and will save your
>skin some of the time, it's obvious that it's worth deploying them. As
>long as you're not kidding yourself that you're then totally secure.
>
Exactly: trivial changes will protect you from script kiddies. 
Non-bypassability is required to protect you from determined attackers. 
It depends on your threat model: how much will a penetration event cost 
you? What is it worth to someone to hack you?

>Its kind of reminiscent of that old joke about the two guys running away
>from the lion. You don't have to beat the lion, just the other person. 
>
But if you taste better (you are a bank and he is a basement RH box) 
then the lion may choose to chase you anyway.

Crispin

-- 
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
            http://www.immunix.com/shop/