Linux
ASLR (Address Space Layout Randomization)
Description: ASLR randomly arrages the address space positions of key data areas of a process,including the base of the executeable and the positions of the stack, heap and libraries.
Check Status: cat /proc/sys/kernel/randomize_va_space
Enable: sudo sysctl -w kernel.randomize_va_space=2
Value:
- 0: Disabled
- 1: Partial (randomizes stack, mmap regions, but not heap)
- 2: Full (randomizes all regions)
More Information: WikiPedia
Stack Canary
Description: Canaries or canary or stack cookies are know value that are placed between a buffer and control data on the stack to monitor buffer overflows.
Enable: GCC compilation flags
-fstack-protector: Protects some functions-fstack-protector-all: Protects all functions-fstack-protector-strong: Smart protects strategy
Value:
[TODO]: Determine the function at different levels.
More Information:
NX (No-Execute)
Description: NX is used to prevent certain types of malicious software form taking over computers by inserting their code into another program’s data storage area and running their code from within this section.
Check Status: grep nx /proc/cpuinfo to check if “nx” in the flags option. grep stack /proc/self/maps to check if “x” is exists.
Enable: Usually enabled at compile time with -z noexecstack
Value: GCC compilation flag: -Wl,-z,noexecstack
More Information:
PIE (Position Indepent Executable)
Description: PIE are executeable binaries made entirely from position-independent code. PIE are used in some security-focused Linux distributions to allow PaX or Exec Sheild to ues address space layout randomization to prevent attackers knowing where existing executable code in during a secrity attack using exploites that rely on knowing the offset of the executable code in the binray, sucn an return-to-libc attacks.
Check status: readelf -h <binray> | grep "Type"(should who “DYN”)
Enable: GCC compliation flags: -fpie -pie
More Information: