At 05:25 PM 3/9/2016, Sergej Schmidt wrote:
In which way ASLR has something to do with security by obscurity?
ASLR attempts to create security by obscuring the locations of
objects within the machine's address space. Critics of ASLR say
(with some justification!) that this is just hiding the
On 2016/03/09 23:01, Peter wrote:
A much worse problem, for me at least, is that 9.3-RELEASE-p37
makes apache crash with signal 11.
As far as I know, a web server on 9.3-RELEASE-p37 works fine
if installed by the following step.
(1) Install security/openssl from ports
(2) Install apache from p
> ASLR is controversial. Some see it as "security by obscurity;" others see
> it as extremely useful and effective.
In which way ASLR has something to do with security by obscurity? Imho
this is a standard security feature of a modern OS.
Regards,
Sergej
signature.asc
Description: OpenPGP digi
On 09 Mar 2016, at 23:59, Dag-Erling Smørgrav wrote:
>
> Akihiro HIRANO writes:
>> Frank Möller writes:
>>> After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system
>>> crashes by signal 11 when I connect to the server with an old ssh
>>> client (e.g. OpenSSH_4.5p1). Using a newer s
Akihiro HIRANO writes:
> Frank Möller writes:
> > After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system
> > crashes by signal 11 when I connect to the server with an old ssh
> > client (e.g. OpenSSH_4.5p1). Using a newer ssh client versions
> > (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.
On Wed, Mar 09, 2016 at 10:21:42AM -0700, Brett Glass wrote:
> ASLR is controversial. Some see it as "security by obscurity;" others see
> it as extremely useful and effective.
>
> Yes, I would like it as a kernel build option, so that I can choose to
> optimize for raw speed (e.g. on a server whi
ASLR is controversial. Some see it as "security by obscurity;" others see
it as extremely useful and effective.
Yes, I would like it as a kernel build option, so that I can choose to
optimize for raw speed (e.g. on a server which is hardened in other ways)
or for the extra warm fuzzies that ASLR
On Wed, Mar 09, 2016 at 04:39:37PM +, Big Lebowski wrote:
> Shawn,
>
> Please, note, that I said, these are the things I've heard, and there
> should be people able to answer those better. As such, you should consider
> them to be opinion, not pure facts.
>
> On Wed, Mar 9, 2016 at 4:22 PM, S
Shawn,
Please, note, that I said, these are the things I've heard, and there
should be people able to answer those better. As such, you should consider
them to be opinion, not pure facts.
On Wed, Mar 9, 2016 at 4:22 PM, Shawn Webb
wrote:
> (Responding inline)
>
> On Wed, Mar 09, 2016 at 04:05:1
(Responding inline)
On Wed, Mar 09, 2016 at 04:05:12PM +, Big Lebowski wrote:
> Hi Piotr,
>
> There are people who can probably answer it better, but until they do, I
> can share what I've heard about it: on the FreeBSD side there are few
> things that stop ASLR implementation:
>
> - there's
Hi Piotr,
There are people who can probably answer it better, but until they do, I
can share what I've heard about it: on the FreeBSD side there are few
things that stop ASLR implementation:
- there's no actual agreement between the influencial developers on wether
ASLR is viable or needed in fir
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Shawn Webb has recently announced that ASLR is complete on HardenedBSD.
There are patches ready for FreeBSD to use and it's ready to be shipped
in FreeBSD. However, for some reason FreeBSD developers do not want to
ship ASLR in FreeBSD. Why can't it
On Wed, Mar 09, 2016 at 09:32:34PM +0900, Akihiro HIRANO wrote:
> Hi,
>
> On 2016/03/09 19:59, Frank Möller wrote:
> >I got the same problem here.
> >
> >After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes
> >by signal 11
> > when I connect to the server with an old ssh cl
Hi,
On 2016/03/09 19:59, Frank Möller wrote:
I got the same problem here.
After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by
signal 11
> when I connect to the server with an old ssh client (e.g. OpenSSH_4.5p1).
Using a newer ssh client versions (e.g. OpenSSH_6.6.1
Hello,
I got the same problem here.
After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by
signal 11 when I connect to the server with an old ssh client (e.g.
OpenSSH_4.5p1).
Using a newer ssh client versions (e.g. OpenSSH_6.6.1p1 from FreeBSD
9.3-RELEASE-p10) the sshd
15 matches
Mail list logo
