One aspect of security, then, is to prevent these attacks whenever possible. This is where WireX and their Immunix distribution and StackGuard compiler come in. WireX's StackGuard compiler is based on the egcs compiler, but has been rewritten to remove buffer . . .
One aspect of security, then, is to prevent these attacks whenever possible. This is where WireX and their Immunix distribution and StackGuard compiler come in. WireX's StackGuard compiler is based on the egcs compiler, but has been rewritten to remove buffer overflow vulnerabilities. The Immunix distribution is based on Red Hat Linux 7.0, but the majority of the distribution has been compiled with the StackGuard compiler instead of the standard GNU compilers. (There are a few exceptions, but I'll get to those a bit later.)

WireX has also come up with FormatGuard, a patched version of glibc 2.2 that protects against the format vulnerability discovered in June 2000. The "format bug" may allow unfiltered data to be returned to a program, causing problems similar to a buffer overflow.

WireX has also created a remote administration utility called the RNAEngine that allows remote administration of most if not all services on Immunix server appliances.

Unlike the rest of the Immunix distribution, the RNAEngine is not available for download -- but if you want to test-drive it, you can find a demo on the WireX Web site ().

The link for this article located at UnixReview is no longer available.