More information is better? Known exploit detection in the Linux kernel https://lkml.org/lkml/2013/12/12/358 …
@InsanityBit step 0: "find exploit" is in theory the noisy part. doesn't help with attackers that do research on their target first.
-
-
@kees_cook Basic post exploitation 'research' would fix that. Plus, they just have to run all attacks faster than you log. Right? -
@InsanityBit it might help with forensics of the attack or the attribution if logging is over the network. -
@kees_cook Just seems very easy to work around as an attacker. Either heuristically detect kernel version first, or beat the log race.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.