In: Categories » Computers and technology » Data security » What are Buffer Overflows
|
Exploiting a buffer overflow is an advanced hacking technique. However, it is a leading type of security vulnerability. To understand how a hacker can use a buffer overflow to infiltrate or crash a computer, you need to understand exactly what a buffer is. A computer program consists of many different variables, or value holders. As a program is executed, these different variables are assigned a specific amount of memory as required by the type of information the variable is expected to hold. For example, a short integer only needs a little bit of memory, whereas a long integer needs more space in the computer's memory (RAM). There are many different possible types of variables, each with its own predefined memory length. The space set aside in the memory is used to store information that the program needs for its execution. The program will store the value of a variable in this memory space, and then pull the value back out of memory when needed. This virtual space is called a buffer. A buffer overflow attack deliberately enters more data than a program was written to handle. The extra data "overflows" the region of memory set aside to accept it, thus overwriting another region of memory that was meant to hold some of the program's instructions. In the ideal attack, the overflow values introduced become new instructions that give the attacker control of the target processor. A successfulbuffer overflow hack is difficult to execute. However, even if the buffer overflow fails somewhere during its execution, it will most likely cause problems for the target computer. Because of the delicate nature of computer memory, a failed buffer overflow will often result in a computer crash. The program that originally allocated the segment of memory that was overwritten will not check to see whether the data has changed. Therefore, it will attempt to use the information stored there and will assume it is the same information it had placed there previously. For example, when the program goes to look for a number that is used to calculate the price of tea and instead gets the word "Bob," the program will not know what to do. Although you might not consider your system worthy of such a technically difficult attack, there are many pre-made programs that script kiddies use against known buffer overflow vulnerabilities. In fact, in the case of the previously mentioned vulnerability found in Microsoft's IIS server, it was not long after the hole was found that a program enabled even the most computer illiterate hacker to perform a buffer overflow with ease. This same type of vulnerability can be found in software on the average home or small business user's computer. It is simply a matter of what programs are installed on your computer, and if there are any well-known vulnerabilities for the installed software. All it takes is one script kiddie who has a pre-made hacker program to create a huge headache for you. For this reason, you must be aware of what software you are running on your computer. Keep a watchful eye out for vendor-released security patches. If a vulnerability is found, download and install the patch as soon as it is available from the manufacturer.
|
legal disclaimer
1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service
Useful tools and features
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.
related articles
The first and best line of defense against unwarranted intrusions into personal privacy is for individuals to employ e-commerce technology to protect themselves. Industry-developed and supplied encryption technologies and firewalls, for example, provide individuals with substantial tools to guard against unwarranted intrusions. Encryption is technology, in either hardware or software form, which scrambles e-mail, database information, and other computer data to keep them private. Using a sophisticated mathemati...
|
|
Notions of identity and authentication are fundamental concepts in every marketplace. People and institutions need to get to know one another and establish trust before conducting business. In traditional commerce, people rely on physical credentials (such as a business license or letter of credit) to prove their identities and assure the other party of their ability to consummate a trade. In the age of e-business, authenticated SSL certificates provide crucial online identity and security to help establish trust between ...
3. Virus Prevention ~ How to protect against Internet Viruses
There are several elements to a good virus defense. The most important element requires some self-control—you must NEVER open a file/program unless you are 100% sure it is not infected. No matter how attractive the file is, where it came from, or what it promises you, you can never assume that a file is what it claims to be. For example, the Melissa virus reproduced through email and sent copies of itself to every one in the victim's address book. Because of this, relatives and friends of the victim were soon infected as ...
4. How to protect against Hostile Web Pages and Scripting
The dangers of Trojans and viruses are well known. However, many computer users are completely unaware of the dangers involved in viewing Web pages. Through scripting languages, Web page operators can upload and download files to your device (PC/PDA). They can also install mini-programs or grab information from you that can be used to destroy or take over your computer. Every time you go to a Web page, you actually download the full document to your computer. This includes all text, pictures, and even any code that is r...
5. Features of Windows Encrypting File System (EFS)
• Only available on Windows 2000 and Windows XP operating systems using NTFS partitions and volumes. (NTFS v5). • Encryption is transparent to the user. • Uses public-key encryption. Using a public key from the user’s certificate encrypts keys that are used to encrypt the file. The list of encrypted fileencryption keys is kept with the encrypted file and is unique to it. When decrypting the file encryption keys, the file owner provides a private key that only he has. ...
6. What are Denial of Service Attacks (DOS attacks) and how to protect against them
Hackers can wreak havoc without ever penetrating your system. For example, a hacker can effectively shut down your computer by flooding you with obnoxious signals or malicious code. This technique is known as a denial-of-service attack. Hackers execute a denial-of-service attack by using one of two possible methods. The first method is to flood the target computer or hardware device with information so that it becomes overwhelmed. The alternative method is to send a well-crafted command or piece of erroneous data that crash...
7. What is a Sniffer and How to Protect your Data Against Sniffing
A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as...