SynopsisWill the Code You Write Today Headline Tomorrow’s BugTraq Mail List?
·Includes Numbered-by-Line Exploit Code Examples That Illustrate the Differences Between Stack Overflows, Heap Corruption, and Format String Bugs
·Provides Case Studies for Most Major Platforms and Environments, Including Windows, FreeBSD, FrontPage, and Linux,
·Avoid Worm or Custom Exploits by Analyzing Your Source Code to Detect Buffer Overflow Vulnerabilities
Forensic investigations of notorious Internet attacks, such as the SQL Slammer and Blaster Worms, reveal buffer overflows to be the sophisticated hacker’s "vulnerability of choice". These worms crippled the Internet and cost billions of dollars to clean up. Now, even more powerful and insidious threats have appeared in the form of "custom exploits". These one-time only exploits are custom crafted to attack your enterprise, making them even more difficult to detect and defend. No catchy names, no media coverage; just your own personal disaster.
James C. Foster’s Buffer Overflow Attacks clearly demonstrates that the only way to defend against the endless variety of buffer overflow attacks is to implement a comprehensive design, coding and test plan for all of your applications. From Dave Aitel’s Foreword through the last appendix, this is the only book dedicated exclusively to detecting, exploiting, and preventing buffer overflow attacks.
Annotation
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.
Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim's machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.
A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows. None of the current-best selling software security books focus exclusively on buffer overflows. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer
More Reviews and Recommendations BiographyJames C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine(acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.
Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania’s Wharton School of Business.
Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress Publishing, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, and the forthcoming Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1) .
Vitaly Osipov (CISSP, CISA) is currently managing intrusion detection systems for a Big 5 global investment bank from Sydney, Australia. He previously worked as a security specialist for several European companies in Dublin, Prague and Moscow. Vitaly has co-authored books on firewalls, IDS and security, including Special Ops: Host and Network Security for Microsoft, UNIX and Oracle (ISBN 1-931836-69-8) and Snort 2.0: Intrusion Detection (ISBN 1-931836-74-4). Vitaly’s background includes a long history of designing and implementing information security systems for financial, ISPs, telecoms and consultancies. He is currently studying for his second postgraduate degree in mathematics. He would like to thank his colleagues at work for the wonderful bunch of geeks they are.
Download