On Mar 25, 10:17pm, Mouse wrote: } } > [ASLR] is just one more check mark in the exploit building tool. } } Yes and no. } } It increases the work required to exploit any putative bugs. It does } not make exploitation impossible, but that does not mean it's not worth } making it harder. "You don't have to run faster than the bear; you } just have to run faster than someone else." That is, you don't have to } be impossible to exploit; you just have to be enough harder to make } them go after someone else instead.
True enough. Sometimes the simplest things are effective at keeping the script kiddies away. I use a different port for SSH on my gateway box and I never hear from the script kiddies even though a simple port scan would quickly find my SSH server. On the other hand, machines with SSH on the normal port are constantly being hammered by the script kiddies. }-- End of excerpt from Mouse