BBSˮľÇ廪վ¡Ã¾«»ªÇø
·¢ÐÅÈË: vertex (happy hacking), ÐÅÇø: Linux
±ê Ìâ: Re: ¶Ô»º³åÇøÒç³öµÄ¹¥»÷ÓÐʲô°ì·¨Âð?
·¢ÐÅÕ¾: BBS ˮľÇ廪վ (Thu Jan 13 10:52:03 2000)
¡¾ ÔÚ ttao (¿àÀÖÉúÑÄ) µÄ´ó×÷ÖÐÌáµ½: ¡¿
¡Ã Óа취¶ÔÕâÖÖ¹¥»÷ÁôÏÂһЩ¼Í¼Âð?
¡Ã µ±È»Ê×ÏÈÒª×öµÄ¾ÍÊÇÇåµôϵͳÀïËùÓв»±ØµÄsuid³ÌÐò.
¡Ã ÀíÂÛÉϽ²ÊDz»ÊÇûÓÐsuidµÄ³ÌÐò,¾Í²»´æÔÚÕâÖÖ¹¥»÷ÄØ?
¡Ã ¸÷λ´óÅ£¸øµã½¨Òé°É.
¶Ôkernle´òÉÏsolar µÄpatch ..¿ÉÒÔ×赲һЩbuffer over flowµÄ¹¥»÷.
ËûµÄÔÀíÊÇ×赲ϵͳ²»ÄÜÖ´ÐÐstackÖеÄÖ¸Áî.
µ«ÊÇ,ÔÚ³¤Ô¶À´¿´..Õâ¸öÎÊÌâ²»»áºÜÈÝÒ×½â¾ö..ÒòΪºÜ¶àÓ¦ÓóÌÐò¾ÍÊÇ
ÐèÒª stack ÊÇ¿ÉÒÔÖ´ÐеÄ..
µ«ÊÇ,¿ÉÒÔÓöàÖÖ¹¤¾ßÀ´±£Ö¤°²È«..±ÈÈç˵ÓÃtripwareÀ´±£Ö¤ÎļþµÄÍêÕûÐÔ.ÓÃ
lids(linux intrution defence system ) À´±£Ö¤¼´Ê¹intruderÀûÓÃbuffer over flow
È¡µÃÓû§È¨ÏÞºó,ËûÒ²²»Äܹ»ÆÆ»µÏµÍ³.
ÔÙÓоÍÊÇÒª±£Ö¤ÔËÐеÄdaemonµÄ°²È«ÐÔ.¼ÓÉϹýÂËÆ÷,´òÉϱØÒªµÄ°²È«patch, chroot.
¾¡Á¿²»ÒªÒÔrootµÄÉí·ÝÔËÐÐ..ÔÚ·þÎñÆ÷Éϲ»ÒªÔËÐÐûÓõijÌÐò...»¹ÓÐÓÃipchainsÀ´
×èµ²¶Ô·Ç·¨¶Ï¿ÚµÄʹÓõÈ.....
ʵÏ
ʵÏÖ°²È«µÄ¹¤¾ßÓкͶà...
²Î¿¼website :
http://www.linuxwall.org/ buffer over flow patch of solar
http://lids.webmotion.net/
http://www.soarng-bird.com.cn/oss_proj/lids/ The Linux IDS project.
/usr/doc/HOWTO/Security-HOWTO
--
¡ù À´Ô´:¡¤BBS ˮľÇ廪վ smth.org¡¤[FROM: 159.226.41.109]
BBSˮľÇ廪վ¡Ã¾«»ªÇø