Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: NX (No eXecute) support for x86, 2.6.7-rc2-bk2

NX (No eXecute) support for x86, 2.6.7-rc2-bk2 12 years 2 months ago #5382

  • dchri
  • dchri's Avatar
  • Offline
  • New Member
  • Posts: 10
  • Karma: 0
Hmm, i think that this is the start of death of buffer overflow on stack attacks .
:D
The only catch is to upgrade to a newer processor! :?

Read carefully .... 8)
http://www.uwsg.indiana.edu/hypermail/linux/kernel/0406.0/0497.html
"The distance between genius and insanity is measured only by success." --
The administrator has disabled public write access.

Re: NX (No eXecute) support for x86, 2.6.7-rc2-bk2 12 years 2 months ago #5385

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Well not really.. lots of architectures have had non-executable stacks for a long time, not to mention that there were even patches for the same... however this will not kill off buffer overflows..

Simple reason -- this just prevents code from being executed on the stack.. it will not prevent buffer overflows (the condition of unchecked input being copied to an undersized memory space)... the 'classic' buffer overflow relied on the executable code being contained in the buffer... in other words, on the stack..

Now with NX, an attacker will just have to store his executable code elsewhere -- for example he can use return to libc style attacks, or even easier, in an environment variable....

There is only one way to stop a bof, thats to check the size of the input you copy.....
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
Time to create page: 0.072 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup