need recommendations on security...
okay, i have my linux box running 2 services, sshd and vsftpd on their default ports. i compiled iptables in my kernel, i'm about to set up my firewall to block everything not on these two ports,
now here's the question: how do i know if my system is suseptable to a buffer overflow? basically, i have a good idea of how to set up a system (diable services, keep up to date, run a firewall) but, how would i try to break into my own system? does anyone have any recommended reading. what are ways to stop buffer overflows? disclaimer: this is just my personal box, nothing mission critical or holding sensitive info. |
Well if you want to try and break into your own box you can a) search for a known exploit for the software you are running http://www.cert.org/advisories/ b) get the source code to the programs you are running and look for mistakes that could lead to a buffer overflow or other exploitable mistake. This article will help you craft your own exploits: http://www.cs.ucsb.edu/~jzhou/security/overflow.html Other things to do are subscribe to security mailing lists Read stuff like this: http://www.nic.com/~dave/SecurityAdm...dminGuide.html If you aren't following the advice there see why you didn't and see if you can do something you shouldn't be able to. If you can, see what that lets you do. Play around. If you learn to think like an Just do everyone a favor, if you do find an exploitable flaw send a patch to the project. |
You should secure your services. For vsftpd and SSH you will get useful in-depth knowledge at my website (www.linux-corner.net)
|
thanks, i bookmarked all links, i'll start taking a look this weekend (got exams this week).
|
All times are GMT -5. The time now is 01:47 AM. |