One of the most common ways for hackers to break into a Solaris system is to exploit buffer overflows. How do I turn on buffer overflow protection under Solaris UNIX operating system just like CentOS/Redhat Linux system?
Sun Solaris UNIX kernel provide protection against buffer overflows. It can detect, log, and prevent such attempts to execute code on the stack. You need update the /etc/system file, which provides a static mechanism for adjusting the values of kernel parameters. Values specified in this file are read at boot time and are applied. Any changes that are made to the file are not applied to the operating system until the system is rebooted.
Open /etc/system file, enter:
# cp /etc/system /etc/system.old
# vi /etc/system
Add / modify the following lines:
set noexec_user_stack=1 set noexec_user_stack_log=1
Where,
- noexec_user_stack=1 : Turn on buffer overflow protection
- set noexec_user_stack_log=1 : Enable the Logging of Executable Stack Messages.
Finally, reboot the system:
# init 6
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012

- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop




![Unix Copy Command Examples [ cp command ]](http://s13.cyberciti.org/images/shared/rp/3/24.jpg)







{ 2 comments… read them below or add one }
Unfuckable Buffer Overflow :)
Very good article. I believe the original source would be
http://www.sun.com/blueprints/0401/security-updt1.pdf