grsecurity: kötelezo darab

Kezdőlap Fórumok Biztonság grsecurity: kötelezo darab

3 bejegyzés megtekintése - 1-3 / 3
  • Szerző
    Bejegyzés
  • 2004-03-31-23:28 #1934000
    fellow
    Felhasználó

      csak a lenyeget hagytam ki:

      /usr/src/paxtest-0.9.6# ./paxtest blackhat
      PaXtest – Copyright© 2003,2004 by Peter Busser
      Released under the GNU Public Licence version 2 or later

      Writing output to paxtest.log
      It may take a while for the tests to complete
      Test results:
      PaXtest – Copyright© 2003,2004 by Peter Busser
      Released under the GNU Public Licence version 2 or later

      Mode: blackhat
      Linux cecil 2.4.20-wolk4.11s #1 2004. már. 29., hétf?, 05.18.44 CEST i686 GNU/Linux

      Executable anonymous mapping : Killed
      Executable bss : Killed
      Executable data : Killed
      Executable heap : Killed
      Executable stack : Killed
      Executable anonymous mapping (mprotect) : Killed
      Executable bss (mprotect) : Killed
      Executable data (mprotect) : Killed
      Executable heap (mprotect) : Killed
      Executable shared library bss (mprotect) : Killed
      Executable shared library data (mprotect): Killed
      Executable stack (mprotect) : Killed
      Anonymous mapping randomisation test : 16 bits (guessed)
      Heap randomisation test (ET_EXEC) : 13 bits (guessed)
      Heap randomisation test (ET_DYN) : 25 bits (guessed)
      Main executable randomisation (ET_EXEC) : 16 bits (guessed)
      Main executable randomisation (ET_DYN) : 17 bits (guessed)
      Shared library randomisation test : 16 bits (guessed)
      Stack randomisation test (SEGMEXEC) : 23 bits (guessed)
      Stack randomisation test (PAGEEXEC) : 24 bits (guessed)
      Return to function (strcpy) : Vulnerable
      Return to function (strcpy, RANDEXEC) : ./paxtest: line 41: 18671 Szegmens hiba ./$i
      Return to function (memcpy) : Vulnerable
      Return to function (memcpy, RANDEXEC) : ./paxtest: line 41: 29848 Szegmens hiba ./$i
      Executable shared library bss : Killed
      Executable shared library data : Killed
      Writable text segments : Killed

      /var/log/syslog
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: , 2f8ab000-2f8ad000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/anonmap(anonmap):25094, uid/euid: 0/0, PC: 2f8ac000, SP: 5b02fd7c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/execbss, 08049000-0804a000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/execbss(execbss):5511, uid/euid: 0/0, PC: 08049b94, SP: 5af8949c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/execdata, 08049000-0804a000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/execdata(execdata):31903, uid/euid: 0/0, PC: 08049a5c, SP: 5eba5dec
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: , 0804a000-08073000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/execheap(execheap):24571, uid/euid: 0/0, PC: 08053538, SP: 5add8a5c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 c1 fa 01 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: , 5bc00000-5bc04000 ffffd000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/execstack(execstack):27146, uid/euid: 0/0, PC: 5bc00ed0, SP: 5bc00ecc
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: , 24e6a000-24e6c000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/mprotanon(mprotanon):14774, uid/euid: 0/0, PC: 24e6b000, SP: 5c84785c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/mprotbss, 08049000-0804a000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/mprotbss(mprotbss):11283, uid/euid: 0/0, PC: 08049bd4, SP: 59a669bc
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/mprotdata, 08049000-0804a000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/mprotdata(mprotdata):25746, uid/euid: 0/0, PC: 08049a9c, SP: 5cee85dc
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: , 0804a000-08073000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/mprotheap(mprotheap):2570, uid/euid: 0/0, PC: 08053b68, SP: 580e3b2c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 00 00 00 00 00 00 00 00 91 f4 01 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/mprotshbss, 08049000-0804a000 00000000
      Apr 1 01:27:29 localhost kernel: PAX: terminating task: /usr/src/paxtest-0.9.6/mprotshbss(mprotshbss):15393, uid/euid: 0/0, PC: 08049cf4, SP: 59e3c41c
      Apr 1 01:27:29 localhost kernel: PAX: bytes at PC: c3 00 00 00 40 40 32 27 00 00 00 00 00 00 00 00 00 00 00 00
      Apr 1 01:27:29 localhost kernel: PAX: execution attempt in: /usr/src/paxtest-0.9.6/mprotshdata, 08049000-0804a000 00000000

      2005-09-12-09:00 #1934001
      admin
      Adminisztrátor

        Most tanulmányozom a grsecurity-t. Meg tudná mondani valaki hogy mi is pontosan ez a learning mode? (gradm –F –L /etc/grsec/learning.log)

        2009-12-04-19:55 #1873248
        csaba
        Felhasználó

          (sorry, ez eleg vazlatszeru lesz, az okok itt: http://www.linuxforum.hu/modules.php?name=…&start=15#47968 )
          az exploitok elleni vedekezes nemcsak ajanlott, hanem egyenesen kotelezo, nemcsak sajat magunk erdekeben;
          biztonsag szempontjabol nincs kozepesen jo vagy epp megfelelo megoldast szabad alkalmazni (bat = best available technology); az expolitok elleni vedelem szempontjabol ez a grsecurity;
          szeleskoru vedelmet nyujt es cserebe csak nagyon keves plusz odafigyelest jelent, amit most igyekszem alaposan kitargyalni:

          a patch lelohelye: http://www.grsecurity.net/
          patcheles, stb: lasd honlapom;
          beallitasrol par szo: a scriptben van egy kicsit bug es csak akkor allit be mindent (pld chroot jail) alapbol helyesen, ha vegigzongorazzuk: low -> med -> high -> customized;
          ezutan en kikapcsoltam a kovetkezoket:
          „Randomize kernel stack base” – a help szerint nem stabil;
          „Deny writing to /dev/kmem, /dev/mem, and /dev/port” – inkompatibilis a vmwareral;
          „Hide kernel symbols” – acl tamogatas kellene hozza;
          „Proc restrictions” – a rendszerfigyelo programoknak kell;
          „Kernel Auditing” – rengeteg logot general es nem hasznalom ki;

          a pax felulbirasa:
          chpax csomag ( a paxctlna kene spec. binutils tamogatas);
          a felulbiralando binarisok pontos helyet a which megmondja;
          a problemas program egy „Leállítás” üzenettel szokott kilépni és / vagy az /usr/log/syslogban van egy szep kis uzenet, pld:

          Mar 2 14:16:04 localhost kernel: PAX: execution attempt in: , 081f3000-08254000 00000000
          Mar 2 14:16:04 localhost kernel: PAX: terminating task: /usr/X11R6/bin/XFree86(XFree86):18833, uid/euid: 0/0, PC: 082514e8, SP: 5e201e8c
          Mar 2 14:16:04 localhost kernel: PAX: bytes at PC: 55 89 e5 83 ec 08 c7 04 24 e0 17 25 08 8b 45 08 a3 e8 17 25

          omlesztve nehany problematikus program es kikuszobulesuk:

          X engedejezese: non-exec
          chpax -sp /usr/X11R6/bin/XFree86

          java + opera:
          chpax -spm /usr/local/j2re1.4.2/bin/java
          chpax -sp /usr/lib/opera/7.23-20031119.1/opera

          nvidia glx
          chpax -m minden ezt hasznalo progira (lddvel nem art minden 3dt hasznalot megnezni elore)
          vagy confirm mprotect() kikapcsolas a kernelkonfigban

          Mar 2 14:20:13 localhost kernel: PAX: execution attempt in: /usr/lib/tls/libGL.so.1.0.5336, 25a40000-25a4e000 0004b000
          Mar 2 14:20:13 localhost kernel: PAX: terminating task: /usr/X11R6/bin/glxinfo(glxinfo):18887, uid/euid: 1000/1000, PC: 25a45f20, SP: 5efdaa90
          Mar 2 14:20:13 localhost kernel: PAX: bytes at PC: b8 f0 ff ff ff e9 2b 73 fe ff b8 f4 ff ff ff e9 31 73 fe ff

          wine:
          chpax -spm /usr/local/bin/wine-kthread
          chpax -spm /usr/local/bin/wine-pthread
          winecfg X11 panel: passz

          mplayer:
          -m opengl
          -sp kulso dcodecek win emulalat
          mencoder -sp kulso codecek miatt

          localedef: non-exec
          chpax -sp localedef

          ooo:
          chpax -sp /usr/lib/openoffice/program/soffice.bin

          chpax -spm /sbin/grub

          ha a pax lelo egy progit, az gyakran „beragad”, igy kell felszabaditani:

          $ chpax -spm /usr/local/bin/mplayer
          /usr/local/bin/mplayer: Text file busy
          $ fuser -k /usr/local/bin/mplayer
          /usr/local/bin/mplayer: 16885e
          $ chpax -spm /usr/local/bin/mplayer

          par libGL.so.1 et hasznalo binaris:
          licq.real
          glxinfo
          glxgears
          xlock
          /usr/local/games/ut2004demo/System/ut2004-bin

        • Szerző
          Bejegyzés
        3 bejegyzés megtekintése - 1-3 / 3
        • Be kell jelentkezni a hozzászóláshoz.