[ILUG] hack attempt - thoughts

Mon Mar 6 08:56:01 GMT 2000

Smelly Pooh wrote:
> They do indeed, but as others have already mentioned, security through
> obscurity.  It is only the assembly code used in a buffer overflow that is
> hardware specific, the buffer overflow exists in all platforms compiling the
> same source.  What's worse is that this assembly code is generally identical
> for all buffer overflows on the same platform, just assembly code to get stack

yes, but script kiddies - by far the biggest generator of attacks - know
intel assembly if they know any at all.  going with other platforms
makes their job harder, which gives an admin more time.  and while
proactive security is better, time is an important thing to have if
you're reacting.

as an aside, i don't think "alternative" platforms are secure.  i just
think of it as taking advantage of a statistical reality - most root
kits get built for i386/sparc.  think of it like an airbag: used with a
seat belt and safe driving it might save your life; ram a tree at 80 w/o
a seatbelt and it might help kill you.

kevin
-- 
kevin at suberic.net       "we were goin' for breakfast.  in canada.  we
fork()'ed on 37058400    made a deal: if she'd stop hookin', i'd stop
meatspace place: home    shootin' people.  maybe we were aiming high."
                                                   --porter, "payback"