Language Selection

English French German Italian Portuguese Spanish

Preventing Buffer Overflow Exploits

Filed under
Security

Internet servers, including Web, e-mail, and FTP servers have long been a target of different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit.

Buffer Overflow Exploit in Action

A successful buffer overflow exploit has four steps:
1. Find a process that is vulnerable to the buffer overflow exploits
2. In order to inject the most damage, the process should run with root privileges.
3. Decide what to execute as a result of buffer overflow exploit
4. Find a way from the vulnerable process to start the chosen process

The troubling thing about buffer overflow exploits is that good programming practices could wipe out even potential exploits; however, that simply has not happened. The defense against such exploits should revolve around controlling access to sensitive systems, installing software updates that replace exploitable software, and being aware of what a buffer overflow exploit looks like when your system is the intended victim.

Part 1.

Part 2.

More in Tux Machines

Ubuntu MATE 15.04 Vivid Vervet Beta 1 Released, Ubuntu MATE Is Now Official Flavor


ubuntu 15.04 beta released with official release for MATE

Ubuntu 15.04 Vivid Vervet MATE Beta 1 released today with other flavors of Ubuntu like KDE, Xfce, LXDE and GNOME desktop environment. Although, as usual Ubuntu unity has not taken part in Beta release. And first time Ubuntu MATE is an official releaed.
 

Read at LinuxAndUbuntu

Calligra 2.9 Brings Biggest Krita Release and New Kexi Partnership

We are happy to announce the release of final version 2.9 of the Calligra Suite, Calligra Active and the Calligra Office Engine. This version is the result of thousands of changes which provide new features, polishing of the user experience and bug fixes. More

Meizu MX4 Ubuntu Edition Is Official, Will Be at MWC In March

No longer a rumour but fact: Meizu has confirmed the news on its social media accounts this morning, just as the latest flash sale for the Bq Ubuntu Phone was getting underway. Read more