1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
On Wed, Jan 18, 2006 at 10:29:47AM -0500, Douglas Breault Jr wrote: |
5 |
|
6 |
> I need to run this CSA in order to gain access to the network. I don't |
7 |
> trust the network much either, but I am always using OpenVPN, which I |
8 |
> trust completely. Currently I can access the network, and ergo my vpn |
9 |
> without this, but after the 26th that all changes. |
10 |
> |
11 |
> I will definitely look into grsec but it seems complicated. Regardless I |
12 |
> require a viable solution and I will take the steps necessary, |
13 |
> regardless of complication. |
14 |
|
15 |
I've used grsec in the past (something like 1-2 years ago) and it wasn't that |
16 |
complicated. I've also experimented with the hardened project running on a |
17 |
multi-user server. We ran into issues with software breakage so we backed off. |
18 |
I'm sure they've gotten lots of those problems fixed by now and might be quite |
19 |
useful in a hostile environment. You could also explore machine virtualization, |
20 |
ie Xen/"User Mode Linux". That'd give you the "clean room" environment needed to |
21 |
explore what your binary might do during operation. |
22 |
|
23 |
> Is there a way to try and trace what the binary wants to do? I'm aware i |
24 |
> could run strace on it and ethereal to capture what it transmits... But |
25 |
> is there more I can do? |
26 |
|
27 |
Your basic tools for analyzing binaries are strace, lstrace, lsof, netcat, |
28 |
strings. That binary is hopefully statically compiled so ltrace won't be as |
29 |
useful. Definitely make sure to run strings on it and see if you can spot any |
30 |
pertinent comments. You might get some use out of gdb if they left some |
31 |
debugging symbols when compiling. |
32 |
|
33 |
Brandon Edens |
34 |
-----BEGIN PGP SIGNATURE----- |
35 |
Version: GnuPG v1.4.2 (GNU/Linux) |
36 |
|
37 |
iD8DBQFDzmym4fsYS1VDj0gRAnXoAKCas91U0nGckitZeLhPUlDdVnVhNACfWxbt |
38 |
1CqzJdp64x0aDOI/QXjUTVo= |
39 |
=ahLf |
40 |
-----END PGP SIGNATURE----- |
41 |
|
42 |
-- |
43 |
gentoo-security@g.o mailing list |