Date: Sun, 23 Aug 1998 17:52:56 -0700 (PDT) From: Brian Beattie <beattie@aracnet.com> To: Mikael Karpberg <karpen@ocean.campus.luth.se> Cc: "B. Richardson" <rabtter@aye.net>, hackers@FreeBSD.ORG Subject: Re: I want to break binary compatibility. Message-ID: <Pine.LNX.3.96.980823174548.6071D-100000@shell2.aracnet.com> In-Reply-To: <199808220009.CAA05667@ocean.campus.luth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
This approach will no no good, if the hackesr can down load a binary,
because they see what has been done. I thought scrambling the syscall
table was good but it also falls to the dowloaded binaty, although it is a
lot harder to decipher. I was thinking you could encrypt all your
binariaes and use a scheme like the compressed executables. unfortubately
this would fall prey to the know plaintext attack.
I would say that of the ideas I have herad so far the scrambled syscall
table seems to have the best band for the buck.
On Sat, 22 Aug 1998, Mikael Karpberg wrote:
> According to B. Richardson:
> >
> >
> > I have a problem with some hackers that are obsessed with making my
> > ISP's life miserable (they've already hacked our SGI). I've slapped
> > together a FreeBSD box to throw their webpages on it, turned off all
> > services except http.
> >
> > The hackers have expressed intent to break into our machines at
> > any opportunity (they seem to be infuriated that we intervened and
> > was able to keep a couple of services up on our SGI).
> >
> > The hackers relentlessly attacked our machine every time we tried to
> > bring our SGI online for a 48 hour stretch, and I believe that are
> > going to try to break into our new machines with the same fervor.
> >
> > What I want to do, if possible is build a uniq system such that binaries
> > from other systems will not run on it and vice versa. Is this possible?
>
> One simple way could be to just change the "magic number" on the binaries,
> maybe, and disable all linux compat, etc?
>
> /Mikael
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
>
Brian Beattie | If my corporate life has taught me anything,
beattie@aracnet.com | it was that running multi-million dollar
www.aracnet.com/~beattie | projects in no way implied managerial competence.
| Tony Porczyk ( in comp.unix.bsd.freebsd.misc )
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.980823174548.6071D-100000>