Date: Wed, 31 Jul 2013 15:16:06 -0400 From: Anthony Brown <groundup2360917182914017@gmail.com> To: freebsd-net@freebsd.org Subject: Is a shellcode kernel network detector worth it? Message-ID: <CAKwMmas4%2BE6-hNNVH_SbmZ_a-1QjvfcfMm8DjBdGcmghgy7%2BPw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Is a shellcode kernel network detector worth it. I was thinking about making a kernel module that would detect shellcode and then stop it from getting pass the kernel. I don't know if it is worth it though, because if the data in the packets is encrypted I won't be able to check for shellcode. Is it normal for must data coming from the network to not be encrypted?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKwMmas4%2BE6-hNNVH_SbmZ_a-1QjvfcfMm8DjBdGcmghgy7%2BPw>