PageViews: 201,914 hits / 747 nets |
home | updates | download | manual | documents | feedback | search | ITS more |
|
DEFENSE AGAINST ATTACKERS
Since the most typical method of attackers is buffer overflow on stack, expecting a target buffer resides at a certain address, randomizing stack address will be effective to decrease the probability of successful attack. And a failure of attack will cause a fatal error to be caught by DeleGate.
A suspicious client host will be shut out until a relevant file (under ADMDIR/shutout/) is removed, or the file is expired by TIMEOUT=shutout (30 minutes by default). For safety, TIMEOUT="shutout:0" (never timeout) is desirable not to give a second chance to the attacker. But as fatal errors are highly provably caused by usual bugs in DeleGate itself, it may be troublesome to be the default value...
Anyway you should be aware of following options if you are aware of preventing this kind of attacks, as well as access control configurations.
At the start up time, the original environment variables and command line arguments on stack area are moved to heap area and cleared not to be utilized for intrusion code by attackers. At the same time, a dummy environment variable named RANDENV with a value of random length (with maximum MAXIMA=randenv) is inserted to randomize addresses of environment variables to be inherited to child processes like filter programs and CGI programs.