On Friday, 2002-08-30 at 18:33:13 +0000, HalbaSus wrote: > About that stoopid way of preventing buffer owerflows... Well, tell me a > better one. Of course you can patch known bugs. But... how are you gonna > prevent new buffer owerflows ?
Auditing? > What if the guys with 0-day warez are faster > than packetstorm and securityfocus ? Read BUGTRAQ and Full-Disclosure. But as I said, you can't prevent this from happening. If you could by simply writing a wrapper, how many protective wrappers would we have now? More than a newly wed couple at the start of their honeymoon. > Buffer owerflow under 500 characters ??? Sure. There are single-byte overflow exploits in circulation. > (don't forget that it has to be inserted in a valid input field (User Agent, > or something)). And that 500 char. limit was just like a guessing... it's not > really something i calculated. This is no way to approach a security problem. > If you want to see how does a b0f act start > /apache-nojob localhost:69 (and fire up a netcat listening on port 69) > About the posting stuff.. don't worry about that... my site doesn't need to do > posting... so... everybody's happy :) I'm not arguing about what your site needs (actually I expected so much, but things change, and *presto* you have your first feedback form ;-), but what to do about Apache (and mod_perl) security in general. You know, these discussions find their ways into archives, and somebody else might find this thread looking for advice. So I want in no way to prevent you from doing with your webserver whatever you choose to do (Romania is a free country, too! And I'm glad about that), just to point out that this gains you little and may in fact weaken your security. HTH, Lupe Christoph -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | Big Misunderstandings #6398: The Titanic was not supposed to be | | unsinkable. The designer had a speech impediment. He said: "I have | | thith great unthinkable conthept ..." |
