Libsafe is a tool for protecting the server against buffer overflow attacks. It is written in C language and used to protect systems against some of the more common buffer overflow attacks.
When you first install Libsafe, its advisable to use the first method, since if Libsafe causes problems, one can easily unset LD_PRELOAD to stop Libsafe being used.
cd /usr/local/src/
wget http://pubs.research.avayalabs.com/src/libsafe-2.0-16.tgz
tar -xzvf libsafe-2.0-16.tgz
cd libsafe-2.0-16/
make
yes y | make install
Now that Libsafe has been built and installed, we need to ensure that it intercepts all function calls to the standard C library. We can do this in two ways.
1) We can set the environmental variable LD_PRELOAD e.g. (in bash):
$ LD_PRELOAD=/lib/libsafe.so.2 $ export LD_PRELOAD
To set this on a system-wide basis, just add this to e.g. /etc/profile (or maybe /etc/profile.local)
2) Alternatively, we can add a line to /etc/ld.so.preload
echo '/lib/libsafe.so.2' >> /etc/ld.so.preload
This will ensure that Libsafe is used for all programs, and cannot be disabled by a normal user (unlike environmental variables).
Problems with Libsafe
At this point the reader will no doubt be wondering why Libsafe isn't included by default with all Linux distributions; unfortunately, Libsafe doesn't always work, and worse still, can even cause extra problems.
Because of certain assumptions made about the stack, Libsafe will only work with x86 processors.
Programs that have been linked against libc5 won't work with Libsafe.
If a program has been compiled without a stack pointer (i.e. by using the -fomit-frame-pointer option in GCC or perhaps due to an optimizer), then Libsafe won't be able to catch any overflows.
Libsafe won't catch overflows in statically compiled programs since Libsafe works by intercepting calls to shared libraries.
If a function is included inline, then for the same reason as above Libsafe won't catch overflows.
And of course, since Libsafe only works with a limited set of functions, it won't catch buffer overflows which involve other (user-defined) functions !
from http://www.symantec.com/connect/articles/protecting-systems-libsafe
Sunday, February 24, 2013
Tuesday, February 19, 2013
Linux Sed Command
Linux Sed Command
sed command to change all occurrences of one string to another within a file, just like the search-and-replace feature of your word processor. The
sed command can also delete a range of lines from a file. Since
sed is a stream editor, it takes the file given as input, and sends the output to the screen, unless you redirect output to a file. In other words,
sed does not change the input file. The general forms of the
sed command are as follows:
Substitution sed 's/<oldstring>/<newstri ng>/g' <file>
Deletion sed '<start>,<end>d' < file>
Let's start with a substitution example. If you want to change all occurrences of lamb to ham in the poem.txt file in the grep example, enter this:
sed 's/lamb/ham/g' poem.txt
Mary had a little ham
Mary fried a lot of spam
Jack ate a Spam sandwich
Jill had a ham spamwich
In the quoted string, the "s" means substitute, and the "g" means make a global change. You can also leave off the "g" (to change only the first occurrence on each line) or specify a number instead (to change the first n occurrences on each line).
Now let's try an example involving deletion of lines. The values for start and end can be either a line number or a pattern to match. All lines from the start line to the end line are removed from the output. This example will delete starting at line 2, up to and including line 3:
sed '2,3d' poem.txt
Mary had a little lamb
Jill had a lamb spamwich
This example will delete starting at line 1, up to and including the next line containing Jack:
sed '1,/Jack/d' poem.txt
Jill had a lamb spamwich
The most common use of sed is to change one string of text to another string of text. But I should mention that the strings that sed uses for search and delete are actually regular expressions. This means you can use pattern matching, just as with grep. Although you'll probably never need to do anything like this, here's an example anyway. To change any occurrences of lamb at the end of a line to ham, and save the results in a new file, enter this:
sed 's/lamb$/ham/g' poem.txt > new.file
Since we directed output to a file, sed didn't print anything on the screen. If you look at the contents of new.file it will show these lines:
Mary had a little ham
Mary fried a lot of spam
Jack ate a Spam sandwich
Jill had a lamb spamwich
Use the man sed command for more information on using sed.
Connecting wireless through command line
The first command you need to use is ifconfig. With this command you are going to enable your wireless device. Most likely your device will be called wlan0. So in order to enable this you would enter the command (as root):
ifconfig wlan0 up
You won’t see any feedback unless there is a problem.
The next step is to scan for your wireless network to make sure it is available. Do this with the following command:
iwlist wlan0 scan
With this command you will see output like the following:
So you know this network is available. From the above output you can also see this network is employing WPA2, so you will need a passkey. If you don’t know that passkey, you are out of luck (which would be the case no matter if you were using a front end in Linux, Windows, or Mac.)
Now it’s time to configure your connection. To do this issue the command:
iwconfig wlan0 essid NETWORK_ID key WIRELESS_KEY
Where NETWORK_ID is the ESSID of the network with which you want to connect and WIRELESS_KEY is the security key needed to connect to the wireless access point.
Note: iwconfig defaults to using a HEX key. If you want to use an ascii key you will have to add the “s:” prefix to your key like so:
iwconfig wlan0 essid NETWORK_ID key s:WIRELESS_KEY
Now that you have your configuration set, it’s time to get an IP address with the help of dhclient. Issue the command:
dhclient wlan0
If no output is reported there are no errors. You should now be up and running.
Make it a script
Of course who wants to type out all of those commands. Instead of doing this you could create a script for this like so:
Where NETWORK_ID is the actually essid of the network and WIRELESS_KEY is the security key for that network. Save this script with the filename wireless_up.sh and then make this script executable with the command:
chmod u+x wireless_up.sh
You can make this a global command by placing this script in /usr/local/bin. You can now issue the command wireless_up.sh from anywhere in your directory structure and it will run, connecting you to the configured wireless access point.
Or by running:
ifconfig wlan0 up
You won’t see any feedback unless there is a problem.
The next step is to scan for your wireless network to make sure it is available. Do this with the following command:
iwlist wlan0 scan
With this command you will see output like the following:
Cell 01 - Address: 00:21:43:4E:9B:F0
ESSID:"HAIR STROBEL"
Mode:Master
Channel:5
Frequency:2.432 GHz (Channel 5)
Quality=100/100? Signal level:-45 dBm? Noise level=-95 dBm
Encryption key:on
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 22 Mb/s
6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
36 Mb/s; 48 Mb/s; 54 Mb/s
Extra:tsf=000002f1d9be01b7So you know this network is available. From the above output you can also see this network is employing WPA2, so you will need a passkey. If you don’t know that passkey, you are out of luck (which would be the case no matter if you were using a front end in Linux, Windows, or Mac.)
Now it’s time to configure your connection. To do this issue the command:
iwconfig wlan0 essid NETWORK_ID key WIRELESS_KEY
Where NETWORK_ID is the ESSID of the network with which you want to connect and WIRELESS_KEY is the security key needed to connect to the wireless access point.
Note: iwconfig defaults to using a HEX key. If you want to use an ascii key you will have to add the “s:” prefix to your key like so:
iwconfig wlan0 essid NETWORK_ID key s:WIRELESS_KEY
Now that you have your configuration set, it’s time to get an IP address with the help of dhclient. Issue the command:
dhclient wlan0
If no output is reported there are no errors. You should now be up and running.
Make it a script
Of course who wants to type out all of those commands. Instead of doing this you could create a script for this like so:
#! /bin/bash
ifconfig wlan0
iwconfig wlan0 essid NETWORK_ID key WIRELESS_KEY
dhclient wlan0Where NETWORK_ID is the actually essid of the network and WIRELESS_KEY is the security key for that network. Save this script with the filename wireless_up.sh and then make this script executable with the command:
chmod u+x wireless_up.sh
You can make this a global command by placing this script in /usr/local/bin. You can now issue the command wireless_up.sh from anywhere in your directory structure and it will run, connecting you to the configured wireless access point.
sudo iwconfig wlan0 freq 2.422G
Or by running:
sudo iwconfig wlan0 channel 3ifconfig wlan0 down
iwconfig wlan0 mode managed
ifconfig wlan0 up
iwconfig wlan0 channel 3
iwconfig wlan0 key xxxxxxxxxx
iwconfig wlan0 key restricted
iwconfig wlan0 essid "Blah Blah Foo Bar"
iwconfig wlan0 ap xx:yy:zz:aa:bb:cc
sleep 5
dhcpcd -d wlan0
Subscribe to:
Posts (Atom)