[[linux:grsec]]
Trace:
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
linux:grsec [2006/06/09 00:40]
a gradm install 		linux:grsec [2006/07/26 14:23]
a
Line 90: Line 90:
  
   * [[http://pax.grsecurity.net/|PAX Homepage]]   * [[http://pax.grsecurity.net/|PAX Homepage]]
 +
 +install pax utils:
 +   apt-get install chpax paxctl paxtest
 +
 +**Testing the PAX default settings** with ''paxtest''
 +
 +  PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org>
 +  Released under the GNU Public Licence version 2 or later
 +  
 +  Mode: kiddie|blackhat
 +  Linux xxxx
 +  
 +  Executable anonymous mapping             : Vulnerable
 +  Executable bss                           : Vulnerable
 +  Executable data                          : Vulnerable
 +  Executable heap                          : Vulnerable
 +  Executable stack                         : Vulnerable
 +  Executable anonymous mapping (mprotect)  : Vulnerable
 +  Executable bss (mprotect)                : Vulnerable
 +  Executable data (mprotect)               : Vulnerable
 +  Executable heap (mprotect)               : Vulnerable
 +  Executable shared library bss (mprotect) : Vulnerable
 +  Executable shared library data (mprotect): Vulnerable
 +  Executable stack (mprotect)              : Vulnerable
 +  Anonymous mapping randomisation test     : 9 bits (guessed)
 +  Heap randomisation test (ET_EXEC)        : 13 bits (guessed)
 +  Heap randomisation test (ET_DYN)         : 13 bits (guessed)
 +  Main executable randomisation (ET_EXEC)  : No randomisation
 +  Main executable randomisation (ET_DYN)   : No randomisation
 +  Shared library randomisation test        : 8 bits (guessed)
 +  Stack randomisation test (SEGMEXEC)      : 19 bits (guessed)
 +  Stack randomisation test (PAGEEXEC)      : 19 bits (guessed)
 +  Return to function (strcpy)              : Vulnerable
 +  Return to function (strcpy, RANDEXEC)    : Vulnerable
 +  Return to function (memcpy)              : Vulnerable
 +  Return to function (memcpy, RANDEXEC)    : Vulnerable
 +  Executable shared library bss            : Vulnerable
 +  Executable shared library data           : Vulnerable
 +  Writable text segments                   : Vulnerable
  
 ==== gdadm ==== ==== gdadm ====
Line 122: Line 161:
  
 ==== grsec iptables patch ==== ==== grsec iptables patch ====
-  TODO+FIXME TODO
linux/grsec.txt ยท Last modified: 2009/05/25 00:35 (external edit)
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready