Buffer Overflow Research Paper
Buffer Overflow
Subscribe
Hide Description
Explain what buffer overflow attacks are and how they are created to attack our software. And, describe the best security measures you would recommend mitigate these buffer overflow attacks.
Buffer overflow attacks occurs when hackers sending a large amount of data than the buffer was intended to hold, this large amount data immediately overwrite and corrupt other data in the buffer. Data contain codes to trigger specific actions that controls the program execution path and hijack the control of the program to execute the hacker 's code instead of the system process code. It could change and modify user data, disclose sensitive information, brings down applications and lock up the system or applications.
Hackers can use a buffer overflow to cause havoc to a web application, hack into the web server, gain control of a corporate machine, launch programs/commands from the stack. A buffer overflow can be used …show more content…
to perform a Denial of Service (DoS) attack or a Distributed Denial of Service (DDoS) attack. This cause serious damage to a company by means of expensive data security breach.
Recommendation to defenses buffer overflows:
Deploy the system capable of using non-executable stacks, such as:
AMD and Intel x86-64 chips with associated 64-bit operating systems
Windows XP SP2 (both 32- and 64-bit)
Windows 2003 SP1 (both 32- and 64-bit)
Linux after 2.6.8 on AMD and x86-64 processors in 32- and 64-bit mode
Disable stack execution when installing the OS.
Code auditing in automated and manual.
Use higher level programming languages that disallow direct memory access.
Use compilers that protect against stack overflows. Developer can write programs in Java instead of C to prevent buffer overflow.
Use StackGuard or other compiler tools like StackShield or Libsafe to hardens programs against stack overflow attacks, detects and defeats stack smashing attack.
Any field of entry or input could be a potential point of vulnerability for buffer overflow. Input must be validate to prevent unexpected data for being process.
References:
EC-Council, (2000). Ethical Hacking and Countermeasures Threats and Defense Mechanisms. Clifton Park, N.Y. Cengage
Learning
Cross-site scripting attacks are different than most application-layer attacks, such as SQL injection, as they attack an application 's users, not the application or server. Attacks work by injecting code, usually a client-side script such as JavaScript, into a Web application 's output. Most websites have numerous injection points, such as search fields, feedback forms, cookies and forums that are vulnerable to cross-site scripting. The most common purpose of XSS attacks is to gather cookie data, as cookies are commonly and regularly used incorrectly to store information such as session IDs, user preferences or login information. Although client-side scripts cannot directly affect server-side information, they can still compromise a site 's security, often using Document Object Model manipulation to alter form values or switch the form action to post the submitted data to the attacker 's site.
Subscribe
Hide Description
Explain what buffer overflow attacks are and how they are created to attack our software. And, describe the best security measures you would recommend mitigate these buffer overflow attacks.
Buffer overflow attacks occurs when hackers sending a large amount of data than the buffer was intended to hold, this large amount data immediately overwrite and corrupt other data in the buffer. Data contain codes to trigger specific actions that controls the program execution path and hijack the control of the program to execute the hacker 's code instead of the system process code. It could change and modify user data, disclose sensitive information, brings down applications and lock up the system or applications.
Hackers can use a buffer overflow to cause havoc to a web application, hack into the web server, gain control of a corporate machine, launch programs/commands from the stack. A buffer overflow can be used …show more content…
to perform a Denial of Service (DoS) attack or a Distributed Denial of Service (DDoS) attack. This cause serious damage to a company by means of expensive data security breach.
Recommendation to defenses buffer overflows:
Deploy the system capable of using non-executable stacks, such as:
AMD and Intel x86-64 chips with associated 64-bit operating systems
Windows XP SP2 (both 32- and 64-bit)
Windows 2003 SP1 (both 32- and 64-bit)
Linux after 2.6.8 on AMD and x86-64 processors in 32- and 64-bit mode
Disable stack execution when installing the OS.
Code auditing in automated and manual.
Use higher level programming languages that disallow direct memory access.
Use compilers that protect against stack overflows. Developer can write programs in Java instead of C to prevent buffer overflow.
Use StackGuard or other compiler tools like StackShield or Libsafe to hardens programs against stack overflow attacks, detects and defeats stack smashing attack.
Any field of entry or input could be a potential point of vulnerability for buffer overflow. Input must be validate to prevent unexpected data for being process.
References:
EC-Council, (2000). Ethical Hacking and Countermeasures Threats and Defense Mechanisms. Clifton Park, N.Y. Cengage
Learning
Cross-site scripting attacks are different than most application-layer attacks, such as SQL injection, as they attack an application 's users, not the application or server. Attacks work by injecting code, usually a client-side script such as JavaScript, into a Web application 's output. Most websites have numerous injection points, such as search fields, feedback forms, cookies and forums that are vulnerable to cross-site scripting. The most common purpose of XSS attacks is to gather cookie data, as cookies are commonly and regularly used incorrectly to store information such as session IDs, user preferences or login information. Although client-side scripts cannot directly affect server-side information, they can still compromise a site 's security, often using Document Object Model manipulation to alter form values or switch the form action to post the submitted data to the attacker 's site.