Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
linux:grsec [2006/06/09 00:40] a gradm install |
linux:grsec [2006/07/26 14:23] a |
||
---|---|---|---|
Line 90: | Line 90: | ||
* [[http:// | * [[http:// | ||
+ | |||
+ | install pax utils: | ||
+ | | ||
+ | |||
+ | **Testing the PAX default settings** with '' | ||
+ | |||
+ | PaXtest - Copyright(c) 2003,2004 by Peter Busser < | ||
+ | Released under the GNU Public Licence version 2 or later | ||
+ | | ||
+ | Mode: kiddie|blackhat | ||
+ | Linux xxxx | ||
+ | | ||
+ | Executable anonymous mapping | ||
+ | Executable bss : Vulnerable | ||
+ | Executable data : Vulnerable | ||
+ | Executable heap : Vulnerable | ||
+ | Executable stack : Vulnerable | ||
+ | Executable anonymous mapping (mprotect) | ||
+ | Executable bss (mprotect) | ||
+ | Executable data (mprotect) | ||
+ | Executable heap (mprotect) | ||
+ | Executable shared library bss (mprotect) : Vulnerable | ||
+ | Executable shared library data (mprotect): Vulnerable | ||
+ | Executable stack (mprotect) | ||
+ | Anonymous mapping randomisation test : 9 bits (guessed) | ||
+ | Heap randomisation test (ET_EXEC) | ||
+ | Heap randomisation test (ET_DYN) | ||
+ | Main executable randomisation (ET_EXEC) | ||
+ | Main executable randomisation (ET_DYN) | ||
+ | Shared library randomisation test : 8 bits (guessed) | ||
+ | Stack randomisation test (SEGMEXEC) | ||
+ | Stack randomisation test (PAGEEXEC) | ||
+ | Return to function (strcpy) | ||
+ | Return to function (strcpy, RANDEXEC) | ||
+ | Return to function (memcpy) | ||
+ | Return to function (memcpy, RANDEXEC) | ||
+ | Executable shared library bss : Vulnerable | ||
+ | Executable shared library data : Vulnerable | ||
+ | Writable text segments | ||
==== gdadm ==== | ==== gdadm ==== | ||
Line 122: | Line 161: | ||
==== grsec iptables patch ==== | ==== grsec iptables patch ==== | ||
- | | + | FIXME TODO |