List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Jan 18, 2006 at 10:29:47AM -0500, Douglas Breault Jr wrote:
> I need to run this CSA in order to gain access to the network. I don't
> trust the network much either, but I am always using OpenVPN, which I
> trust completely. Currently I can access the network, and ergo my vpn
> without this, but after the 26th that all changes.
> I will definitely look into grsec but it seems complicated. Regardless I
> require a viable solution and I will take the steps necessary,
> regardless of complication.
I've used grsec in the past (something like 1-2 years ago) and it wasn't that
complicated. I've also experimented with the hardened project running on a
multi-user server. We ran into issues with software breakage so we backed off.
I'm sure they've gotten lots of those problems fixed by now and might be quite
useful in a hostile environment. You could also explore machine virtualization,
ie Xen/"User Mode Linux". That'd give you the "clean room" environment needed to
explore what your binary might do during operation.
> Is there a way to try and trace what the binary wants to do? I'm aware i
> could run strace on it and ethereal to capture what it transmits... But
> is there more I can do?
Your basic tools for analyzing binaries are strace, lstrace, lsof, netcat,
strings. That binary is hopefully statically compiled so ltrace won't be as
useful. Definitely make sure to run strings on it and see if you can spot any
pertinent comments. You might get some use out of gdb if they left some
debugging symbols when compiling.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
-----END PGP SIGNATURE-----
firstname.lastname@example.org mailing list