Jan Luehr wrote:
greetings
are there any kernel patches or other things, defending suse linux against Bufferoverwflows?
some like openwall or grsecurity (anybody knows whats up with grsecurity.net? it's down since a few days) or try LIDS (www.lids.org)
Do you have any expirences in defending suse Linux?
a littlebit, without patches it's nearly impossible to protect your servers from bufferoverflows without modifying programms etc. and you'll never know all your possible overflows ;) keep the system up-to-date is a good idea, hardening like protect your binarys from execution of 'bad' or 'unknown' users (like apache etc.) is also good. -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 Junk mail is war. RFCs do not apply.