Enable No Execute (NX) protection against buffer overflow on amazon AMI

Discussion in 'General Linux' started by kabu, Jun 21, 2013.

  1. kabu

    kabu New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I'm build amazon micro instance based on Amazon Ec2 AMI and I have kernel version:


    - 3.4.43-43.43.amzn1.x86_64
    Code:
    # $ s cat /proc/cpuinfo
    processor      : 0
    vendor_id      : GenuineIntel
    cpu family      : 6
    model          : 26
    model name      : Intel(R) Xeon(R) CPU          E5507  @ 2.27GHz
    stepping        : 5
    microcode      : 0x11
    cpu MHz        : 2266.746
    cache size      : 4096 KB
    physical id    : 0
    siblings        : 1
    core id        : 0
    cpu cores      : 1
    apicid          : 0
    initial apicid  : 6
    fpu            : yes
    fpu_exception  : yes
    cpuid level    : 11
    wp              : yes
    flags          : fpu de tsc msr pae cx8 sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc up rep_good nopl nonstop_tsc pni ssse3 cx16 sse4_1 sse4_2 popcnt hypervisor lahf_lm dtherm
    bogomips        : 4533.49
    clflush size    : 64
    cache_alignment : 64
    address sizes  : 40 bits physical, 48 bits virtual
    power management:
     
    

    What I'm trying to figure it out is to how enable NX(No Execute) Protection on that virtual instance. I tried installing pae kernel but it looks like package is not found for this distro.
    I think it might be something related specifically to that AMI and maybe someone had an issue like that in the past, so any input is appreciated.
    Thanks !!
  2. ryanvade

    ryanvade Administrator Staff Member Staff Writer

    Messages:
    1,341
    Likes Received:
    447
    Trophy Points:
    83
    You probably need to compile the kernel yourself. More then likely you may want the Grsecurity patches.
    http://grsecurity.net/

Share This Page