Language Selection

English French German Italian Portuguese Spanish

Preventing Buffer Overflow Exploits

Filed under

Internet servers, including Web, e-mail, and FTP servers have long been a target of different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit.

Buffer Overflow Exploit in Action

A successful buffer overflow exploit has four steps:
1. Find a process that is vulnerable to the buffer overflow exploits
2. In order to inject the most damage, the process should run with root privileges.
3. Decide what to execute as a result of buffer overflow exploit
4. Find a way from the vulnerable process to start the chosen process

The troubling thing about buffer overflow exploits is that good programming practices could wipe out even potential exploits; however, that simply has not happened. The defense against such exploits should revolve around controlling access to sensitive systems, installing software updates that replace exploitable software, and being aware of what a buffer overflow exploit looks like when your system is the intended victim.

Part 1.

Part 2.

More in Tux Machines

The ZFS File System Will Be Included in Ubuntu, Says Mark Shuttleworth

A very interesting discussion started earlier today, October 6, on the Ubuntu Snappy Core mailing list about a method of adding kernel modules to a Snappy-based operating system. Read more

Displaylink adds Linux support for USB monitors

A few weeks ago at IDF, Displaylink released drivers for USB monitors on Linux. This has been something SemiAccurate has been asking them about since, well it has been years now. The idea is simple, transfer video data over USB rather than a dedicated video port. This requires a bit of compression, CPU load, and of course their proprietary hardware on the monitor side. That isn’t a big deal, the chips are fairly inexpensive and since you are buying a USB monitor or dock, it comes with the device out of the box. On the plus side it means your monitor will work everywhere, or at least it will now. Read more Also: Intel Compute Shaders Appear Nearly Ready For Mainline Mesa

Slackel Linux: Not Your Father's Slackware

You might think of the Slackel distro as a better Slackware derivative. Slackware dates back to 1992. By comparison, well-known and well-used distros such as Ubuntu, Fedora and Linux Mint were introduced in the mid-2000s. So Slackware is among the oldest actively maintained Linux distros. Despite its longevity, it has not joined more modern Linux offspring in terms of user friendliness. Read more

Android 6.0 Marshmallow Review: Google Outsmarts Apple By Guessing Your Next Move

It may seem like a big decision, but something tells me the service arms race is going to be a lot like the feature race. Google has the nose on Apple with Google Now on Tap until… Apple figures out a way to borrow it. Read more