Buffer overflow tutorial: How to find vulnerabilities, prevent attacks

Buffer overflow exploits and vulnerabilities can lead to serious harm to corporate Web applications, as well as embarrassing and costly data security breaches and system compromises.

Buffer overflow exploits and vulnerabilities can lead to serious harm to corporate Web applications, as well as embarrassing and costly data security breaches and system compromises.

In this tutorial, learn how to prevent buffer overflow attacks with a variety of resources and best practices. Develop a better, more accurate understanding of the attack with in-depth definitions and expert opinions on how to stop buffer overflow attacks with several tools and methods, including manual system and application testing, memory leakage prevention and Web application vulnerability scanning.

Defining and preventing buffer overflows
In order to detect vulnerabilities and exploits, and ultimately prevent your organization from falling victim to a buffer overflow attack, you must first develop an accurate understanding of what the attack is and how it works.

This tip offers an in-depth definition of a buffer overflow attack and provides advice and best practices on how to thwart such an attack and keep your organization safe.

What causes buffer overflows and memory leaks in a Web application?
Buffer overflows and memory leaks can cause serious harm to Web applications and lead to security breaches and system compromises. This expert answer examines memory leakage and offers insight on how a memory leak can lead to a buffer overflow attack.

You will also receive best practices on how to prevent memory leakage, as well as buffer overflow attacks that can allow hackers access to systems or result in application or system crashes or data security breaches.

What is the best way to manually test for buffer overflows?
Buffer overflow detection is one key element in attack prevention. In this tip you will learn about two ways to review a program for buffer overflow, as well as how to examine a program's source code and file code to manually test for buffer overflows.

Security expert Michael Cobb offers best practices and guidelines for manual testing for buffer overflows, and reviews the tools available for analyzing and reviewing source and compiled code to find patterns and detect vulnerabilities before an attack occurs.

Making the case for Web application vulnerability scanners
Vulnerability scanners may not have caught on in most enterprises, but they can help organizations find and stop buffer overflows, as well as a slew of other flaws and vulnerabilities.

In this tip, Michael Cobb examines the pros and cons of Web application vulnerability scanners, and also explains why a solid application vulnerability scanner can be a valuable part of an enterprise's development strategy.

This was first published in October 2009

Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close