Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
tintin++ ogg sound player script for linux
Author: Robert Smith
Submitted by: Vladaar
6Dragons ogg Soundpack
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.4
Author: Vladaar
Submitted by: Vladaar
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
Users Online
CommonCrawl, Yandex, Sogou, DotBot

Members: 0
Guests: 7
Stats
Files
Topics
Posts
Members
Newest Member
481
3,734
19,366
618
Micheal64X
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » General » General Discussions » Hardening
Forum Rules | Mark all | Recent Posts

Hardening
< Newer Topic :: Older Topic >

Pages:<< prev 1 next >>
Post is unread #1 Feb 15, 2006, 3:44 am
Go to the top of the page
Go to the bottom of the page

enderandrew

GroupMembers
Posts8
JoinedFeb 8, 2006

I know that you can harden your server by using a hardened kernel, and then compiling programs with ssp support and such.

However, I've seen codebases claim that right off the bat, their code is hardened against buffer overflow attacks and such.

Are there things we can do from a coding perspective to better harden the code?
       
Post is unread #2 Feb 15, 2006, 6:19 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,643
JoinedJan 1, 2002

The type of hardening you're probably talking about would be from adding two functions which were borrowed from BSD code and are relied upon by the likes of SSH to ensure that buffers being used are properly trimmed and NULLd. So in this manner it is accurate to say that string handling has been hardened against overflows.

There are of course other methods which could be used to further secure the code, but I haven't spent a great deal of time looking into them because a MUD generally isn't a high profile hacker target.
       
Pages:<< prev 1 next >>