[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: daemons

To: linux-india-programmers@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: daemons
From: Shridhar Daithankar <shridhard@xxxxxxxxxx>
Date: Mon, 31 Jul 2000 14:21:24 +0530
Organization: Persistent Systems Pvt. Ltd.

Hi
I would be interesing for you to take a look at www.bastille-linux.org. These
are also scripts that secures the system. Also there is some library
lib*safe.so. I don't remember the exact name. It encapsulates the known
vulnarable calls such as strcpy with safe version. So that even if some program
is not patched, they can not be exploited, as excution of such calls is routed
to safe versions.

Also take a look at LIDS, Linux intrusion detection systems at www.lids.org. It
makes the system virtually bulletproof. Although that does not grant the
sysadmin, the right of being stupid.

HTH

 Bye
  Shridhar

Dwivedi Ajay kumar wrote:

> On Mon, 31 Jul 2000, Sharad Joshi wrote:
>
> >> + i make a program differentiate between a normal setuid program (chfn,
> >> + passwd ) and a buffer overflow exploit ( pam.sh , sendmail exploit?
> >

Prev by Subject: Re: daemons
Next by Subject: DNS
Previous by thread: Re: daemons
Next by thread: Please Unsubscribe me
Index(es):
- Subject
- Thread