Is a shellcode kernel network detector worth it?
Anthony Brown
groundup2360917182914017 at gmail.com
Wed Jul 31 19:16:08 UTC 2013
Is a shellcode kernel network detector worth it. I was thinking about
making a kernel module that would detect shellcode and then stop it from
getting pass the kernel. I don't know if it is worth it though, because if
the data in the packets is encrypted I won't be able to check for
shellcode. Is it normal for must data coming from the network to not be
encrypted?
More information about the freebsd-net
mailing list