Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … proportion of attacks based on buffer overflows is increasing each year-in recent years, buffer overflow attacks have become the most widely used type of security attack . Buffer flow attacks are believed to have begun as early as the 1960's, but became commonly known in 1988 with the infamous Internet Worm attack that infected tens of thousands of hosts. The most popular form of buffer flow exploitation is to attack buffers on the stack, referred to as stack smashing attack (Baratloo, Singh and Tsai). As a counter measure, hardware vendors have added the ability to turn off stack execution. For example, Sun has added the ability to turn off stack execution on more recent versions of Solaris. Although effective, turning off stack execution isn't always feasible for many operating environments for a variety of reasons. Even so, this feature is helpful to many implementations and is better than other alternatives.
Figure 1: Number of Reported CERT Security Advisories and the Number Attributable to Buffer Overflow
Source: Proceedings 7th Network and Distributed System Security Symposium
Buffer overflows allow attackers access to the process stack. A buffer overflow attack places new programmatic code on a process stack and causes the process to execute this code when returning from a function (Roamer, 2000). Thus, the code is executed with the same rights as the running process, allowing the attacker to control the program. Once this happens, the intruder can extract maximum damage by attacking setuid 0 programs and any daemons running as root.
To understand how the process stack...
The stack starts at a high memory address and works its way down to a low memory address. Things are either pushed onto the stack or popped off the stack. When something is pushed onto the stack, the value that is being pushed is copied into the memory location pointed to by the stack pointer, and the stack pointer is decremented to reflect the next spot on the stack. When a function is called, local arguments are pushed onto the stack, then the return address (code segment), then the old base pointer (so it's known where on the stack you were before this function was called), and then local variables to that function.
All attackers need to do is find a program that will let them insert data into it that doesn't check the length of the data (Bijjam). If the data written is outside of the process address space, the function will get a segmentation violation when it returns and tries to read the next instruction. The buffer overflow then allows the attack to change the return address of a function so that they can change the flow of execution of the program so that the program that spawns a shell is executed. From this shell, the attacker issues commands of their choice.
Making the stack non-executable is a commonly proposed method for stopping buffer overflow attacks. However this method has several drawbacks and may be inappropriate in certain situations (Bijjam). For example, patching and recompiling the kernel is not…
Bibliography
Baratloo, A. Singh, N. And Tsai, T. Transparent run-time defense against stack smashing attacks. Retrieved March 20, 2004 from Web site: http://www.research.avayalabs.com/project/libsafe/doc/usenix00/paper.html
Bijjam. P.S. Stack smashing. Retrieved March 20, 2004 from Web site: http://homepages.wmich.edu/~p1bijjam/603/
Creating secure software. Retrieved March 20, 2004 from Web site: http://216.239.57.104/search?q=cache:lRrv4HTGxNkJ:www.arcert.gov.ar/webs/textos/SecureSoftware-01-10-01-FINAL.pdf+%22stopping+stack+smashing%22&hl=en&ie=UTF-8
Roamer (2000). Reducing the risks of Solaris buffer overflow attacks. Retrieved March 20, 2004 from Web site: http://www.securityhorizon.com/security_whitepapers/hacking_resolution/overflows.html
Attacks on the system security include password theft, back doors and bugs, social engineering, protocol failures, authentication failures, Denial of Service attacks, active attacks, botnets, exponential attacks including worms and viruses, and information leakage. (Fortify Software Inc., 2008); (Fortify Software, n. d.) Servers are targets of security attacks due to the fact that servers contain valuable data and services. For instance, if a server contains personal information about employees, it
Internet The Great Worm -- an power point presentation script an all black slide with the giant movie logo "REVENGE OF THE NERDS" (available from http://www.supermanfred.it/nerds.htm -- the image will need to be slightly edited to remove "the website" from it) in the center. Play a section of "She Blinded me with Science!" Script: [said ominously] "It was the eighties. Anything could have happened. The internet was still a text-based baby and there
(%) Cross Site Scripting (XSS) errors -- by far the most common strategy hackers use to gain access to the source code of websites and the databases supporting them is to use a technique called cross-site scripting (Brodkin, 2007). Actively monitoring the percentage of XSS errors over time can determine patterns of when hackers attempt to gain access to a website's source code, database links, pricing and e-commerce systems. This
Bluetooth devices use encryption security and this makes the requirement of a "unique key session key to derive per-packet keys thus avoiding frequent key reuse." (Kennedy and Hunt, 2008, p.4) Kennedy and Hunt report that ZigBee is a reasonably priced low energy consumption two-way CDMA/BA-based wireless communications standard which is based on IEEE 802.15.4 which is referred to commonly as a 'Low Rate Wireless Personal Area Networks (LR-WPANs) and which
The following diagram represents the structure of the idea. Figure 2. Project flow pursuant to Plan Abu Dhabi 2030: Urban Structure Framework Plan Objectives of the Study The overarching objective of this study is to build a solid portfolio management application that connects all the local governments of Abu Dhabi emirates in ways that will allow them to collaborate on various projects pursuant to Plan Abu Dhabi 2030 through one unified system
SSID & NETWORKS SSID's & Networks The author of this report has been asked to answer a few brief questions as it relates to the security and safety of networks. The questions that will be answered include how one would design, develop and implement a security management system to protect an organization's internet and intranet access points. There will also be a description of what a service set identifier (SSID) is and