Home > Software > Linux



Using under OpenBSD

Sort Desciption:

participates in the de] OpenBSD Translation Project. . runs the OpenBSD mirror at the University of Erlangen. Germany (. anoncvs2.de.openbsd.org ...



Content Inside:

Using under OpenBSDPage 1Usingsystraceunder OpenBSDAlexander von Gernler<grunk@steelix.kd85.com>FOSDE M BrusselsFebruary 2122 2004Usingsystraceunder OpenBSD p.1/10Page 2About this talkThis talk will ...discuss the idea of system call interposition/interceptionintroduce the use ofsystraceunder OpenBSDpresent you with links to the topicThe author ...participates in the de] OpenBSD Translation Projectruns the OpenBSD mirror at the University of ErlangenGermany (anoncvs2.de.openbsd.org)does not want to sellsystracefor something brand newbut he thinks that still too few people know about itUsingsystraceunder OpenBSD p.2/10Page 3MotivationThe problemimportant daemons running on your system need root e. g.for binding to ports <1024 writing raw packets ...yes of course you canchrootthem. You actually should.whenever possible you should also make use of privilegeseparated daemonsupon exploitation causing damage is still possible at leastin the chroot environment (if at all set up :)So what exactly is causing damage?misbehavior of daemons especially not doing what they areusually supposed to (spawning root shells and what not)under UN*X the important operations are done usingsyscallsUsingsystraceunder OpenBSD p.3/10Page 4System call interposition/interceptionLooking at the symptomshttpdneeds to read files from disk bind to port 80 anddoes much more other stuffbut it does not need to spawn shellsthen again why should it be allowed to do so?Thats the idea!interpose between system calls and keep track of what issupposed to be a normal behavior of your daemon.do this on a noncompromised vanilla installation within atest scenarioafter knowing what your daemon needs forbid everythingelseThis can be done usingsystrace!Usingsystraceunder OpenBSD p.4/10Page 5Controlling syscalls usingsystracehas nothing to do with chroot and can be usedindependentlyexplicitly allows or forbids the execution of certain syscallsto specific programsprivilege elevation also possible: users pro ...

Source: pestilenz.org


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us
Search Terms:

 

Related Files

TruePort Linux User Guide

Filed under: Software and Linux
TruePort Linux User Guide, Version 6.0, Part #5500164-10 1 TruePort Linux User Guide This document ... SSL/TLS Trouble Shooting ...

066 - Advanced Unix/Linux Admin & Microsoft Windows Integration

Filed under: Software and Linux
... com.au www.mit.com.au Overview This course has a strong practical slant covering the use of Linux ... and test login i) Security - Iptables, firewalling j) Putty -secure remote admin Day 5 Trouble shooting a ...

Using under OpenBSD

Filed under: Software and Linux
participates in the de] OpenBSD Translation Project. . runs the OpenBSD mirror at the University of Erlangen. Germany (. anoncvs2.de.openbsd.org ...

eurobsdcon 05 For Your Information: OpenBSD @ eurobsdcon 05 ...

Filed under: Software and Linux
Implementing and deploying OpenBSD based wireless networks using hostapd ... cesspoints and a centralized OpenBSD network booting and management server. ...

Using OpenBSD and Snort to build ready to roll Network Intrusion ...

Filed under: Software and Linux
Overview of OpenBSD and Snort. Deployment of Distributed Network Intrusion ... $OpenBSD: Makefilev1.201 2004/02/29 18:02:14 deraadt Exp $ ...