Language Selection

English French German Italian Portuguese Spanish

Securing Slackware

Filed under
Linux
Using the exec-shield Kernel Patch on Slackware 10.1

by Kurt Fitzner

The Holy Grail of most any hacker trying to get access to a system is the remote buffer overflow attack. Well, actually, it's finding a Windows PC not protected by a firewall, but the remote buffer overflow attack is a (somewhat) close second. This article will discus one way to help protect against this type of attack on a Slackware Linux system with the installation of a special system called exec-shield.

This installation will occur in two phases. The first phase is installing the exec-shield kernel patch, the second is replacing some of Slackware's packages with ones that are compiled to work together with exec-shield.

What is a Buffer Overflow Attack?

Before we explain how to protect against a buffer overflow attack, it is useful to examine what exactly this attack is and what the ramifications are for an unprotected system.

The best way to secure against a buffer overflow attack is to run software that isn't vulnerable to such attacks.

In order for a malicious attacker to get your system to do what the attacker wants it to do by using a buffer overflow to rewrite a return address, the attacker has to know the exact address in memory on your system of a useful function.

Full Article.

More in Tux Machines

Leftovers: Software

  • newsFish news client for ownCloud
    While I was using my Nexus 7, I missed the convenience of my news client, so I polished up the code a bit and ported it to Qt5/QtQuick2. Due to the excellent cross platform support of Qt, testing was done on the desktop, and it seems like it wouldnt be completely unusable as a desktop application, so, when I post the code to Github later, feel free to build yourself a desktop version!
  • Cantor in KDE Applications 15.04
    I started the Cantor port to Qt5/KF5 during previous LaKademy and I continued the development along the year. Maybe I had pushed code from 5 different countries since the beginning of this work. The change for this new technology was successfully completed, and for the moment we don’t notice any feature missed or new critical bug. All the backends and plugins were ported, and some new bugs created during this work were fixed.
  • What are good command line HTTP clients?
    The whole is greater than the sum of its parts is a very famous quote from Aristotle, a Greek philosopher and scientist. This quote is particularly pertinent to Linux. In my view, one of Linux's biggest strengths is its synergy. The usefulness of Linux doesn't derive only from the huge raft of open source (command line) utilities. Instead, it's the synergy generated by using them together, sometimes in conjunction with larger applications.

today's howtos

It Doesn't Look Like KDBUS Will Make It For Linux 4.1

While Linux 4.1 is bringing many new features and improvements, there's one addition that's noticeably absent. To frequent Phoronix readers, the missing feature is, of course, KDBUS. KDBUS developers had been planning to land it in 2014 but that didn't pan out and now most likely they're looking at a H2'2015 arrival for this feature. Read more Also: The Many Features Of The Linux 4.1 Kernel With Linux 4.1 You Can Play With The Chrome OS Lightbar Dell Keyboard Backlight Support In Linux 4.1 Intel Bay Trail & Cherry Trail CPUs To Run Faster With Linux 4.1

An open source, e-commerce friendly CMS

Developers Peter Ivanov, Alex Raikov, and I came up with the idea for Microweber about five years ago, when we were all having problems building sites with the existing solutions. Microweber aims to take the complexity out of building a website, online shop, or blog, through a combination of drag-and-drop UI and real-time, WYSIWYG site edits. From the beginning, it's been an open source project. The earliest versions were licensed under GPL, but we switched to Apache License version 2.0 to allow the developers to protect their work and have commercial merits. Read more