Migration paths to consider include moving services to a completely new operating system
or complete replacement of a vulnerable application with one that is more secure.
Gray Hat Hacking: The Ethical Hacker??™s Handbook
482
Migrating to a New Operating System
Migrating an existing application to a new operating system is usually only possible
when a version of the application exists for the new operating system. In selecting a new
operating system, we should consider those that contain features that make exploitation
of common classes of vulnerabilities difficult or impossible. Many products exist that
either include built-in protection methods or provide bolt-on solutions. Some of the
more notable are
OpenBSD
grsecurity
ExecShield
Openwall Project
NGSEC StackDefender
Microsoft Windows XP SP2 or Vista
Any number of arguments, bordering on religious in their intensity, can be found regarding
the effectiveness of each of these products. Suffice it to say that any protection is better
than none, especially if you are migrating as the result of a known vulnerability. It is important
that you choose an operating system and protection mechanism that will offer some
protection against the types of exploits that could be developed for that vulnerability.
Pages:
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844