@Sergio
Excuse me but I have no idea who endman is.
The reason why I wrote this post was because I presented the same problem to forums.freebsd.org to tell them that it is a serious problem in today?s situation with software security. I also asked them for any simple work arounds but all they just did was ban me and removed my post like as if they are doing some cover up. Thus I was fustrated and shock by such a community and their software that I posted here instead hoping for a solution to show people this situation.
The reason why I was doing this was because we had a new CTO (now fired) who demanded our company to migrate our Linux servers (which we were well familiar with) to FreeBSD servers (which I and other sysadmins don?t have much technical expertise). That CTO didn?t gave any reason for such a risky and unessasary switch. An argument broke out between him and other corparate officers and to resolve the issue, I was asked to use, get familiar with and analyze FreeBSD and do simple tests to see how secure it is.
After a few days of using it and reading the handbook, me and other sysadmins found that FreeBSD seriously inadequate for running our company?s servers. As per our company?s policy on who should report to who, we submitted our findings to the CTO and his response was abusive demanding that we migrate our servers immediately and learn who to use FreeBSD or be fired. Me and my fellow sysadmins knew that we would be violating the company policy governing migration of servers between software platforms if we obeyed him. Worse is that the company?s proficiency in IT would be severly deminished if our servers were using FreeBSD instead of Linux. We decided to report this to the other corperate officers and they (unlike the CTO) seriously considered our report. They then had the CTO fired for his misconduct.
The reason why this article was also at http://aboutthebsds.wordpress.com/ was because a UNIX engineer on contract at our company approached me to ask if he could publish part of my report on FreeBSD?s lack of ASLR on his blog which I agreed to as I felt that this situation should be made known to the public.
@JX8p
Thanks for the work around but our company is trying to avoid solutions involving the recompilation of an OS kernel as that would take a long time and is subseptible to complications. Furthermore, I searched around and found no evidence of FreeBSD RELEASE-10 having ASLR enabled by default. I know OpenBSD has ASLR but it is not very random and I?ve seen it hacked much more quickly and easily that either Linux or Windows. NetBSD has userland ASLR in which you have to do a ?paxctl +A <binary file>? on every binary file to make them have ASLR which is time consuming and introduces the risk of some binary files not having ASLR.
Kind regards
Felix Doggoson
Excuse me but I have no idea who endman is.
The reason why I wrote this post was because I presented the same problem to forums.freebsd.org to tell them that it is a serious problem in today?s situation with software security. I also asked them for any simple work arounds but all they just did was ban me and removed my post like as if they are doing some cover up. Thus I was fustrated and shock by such a community and their software that I posted here instead hoping for a solution to show people this situation.
The reason why I was doing this was because we had a new CTO (now fired) who demanded our company to migrate our Linux servers (which we were well familiar with) to FreeBSD servers (which I and other sysadmins don?t have much technical expertise). That CTO didn?t gave any reason for such a risky and unessasary switch. An argument broke out between him and other corparate officers and to resolve the issue, I was asked to use, get familiar with and analyze FreeBSD and do simple tests to see how secure it is.
After a few days of using it and reading the handbook, me and other sysadmins found that FreeBSD seriously inadequate for running our company?s servers. As per our company?s policy on who should report to who, we submitted our findings to the CTO and his response was abusive demanding that we migrate our servers immediately and learn who to use FreeBSD or be fired. Me and my fellow sysadmins knew that we would be violating the company policy governing migration of servers between software platforms if we obeyed him. Worse is that the company?s proficiency in IT would be severly deminished if our servers were using FreeBSD instead of Linux. We decided to report this to the other corperate officers and they (unlike the CTO) seriously considered our report. They then had the CTO fired for his misconduct.
The reason why this article was also at http://aboutthebsds.wordpress.com/ was because a UNIX engineer on contract at our company approached me to ask if he could publish part of my report on FreeBSD?s lack of ASLR on his blog which I agreed to as I felt that this situation should be made known to the public.
@JX8p
Thanks for the work around but our company is trying to avoid solutions involving the recompilation of an OS kernel as that would take a long time and is subseptible to complications. Furthermore, I searched around and found no evidence of FreeBSD RELEASE-10 having ASLR enabled by default. I know OpenBSD has ASLR but it is not very random and I?ve seen it hacked much more quickly and easily that either Linux or Windows. NetBSD has userland ASLR in which you have to do a ?paxctl +A <binary file>? on every binary file to make them have ASLR which is time consuming and introduces the risk of some binary files not having ASLR.
Kind regards
Felix Doggoson
Comment