[Dailydave] The sky's downward trajectory
jf
jf at danglingpointers.net
Mon Feb 19 23:23:02 EST 2007
> well, it prevents caned sploits to be triggered remotly, but is of little help
> against local exploits or patient hackers. Not mentioning that any address
> leakage will nullify the effect of the randomization.
Well, to be pedantic, it doesn't prevent them, it just cuts the numbers
down, you just need to have one valid address, the only difference is the
number of boxes you own, so we'll end up with botnets of 200,000 instead
of 600,000 (numbers pulled out of the air), that is to say, out of every
256 attempts, one will be successful (in theory). It drastically cuts the
numbers down, but doesn't stop the canned exploits at all.
More information about the Dailydave
mailing list