Manage Learn to apply best practices and optimize your operations.

Using OS Security's OSsurance

In this Ask the Expert Q&A, our application security expert takes an in-depth look at OS Security's OSsurance tool and discusses how it can help protect against a variety of application-based attacks.

Do you know if OSsurance Desktop can prevent my server from crashing? It says they support Windows Server 2000 and 2003. I have 2003. They claim to stop buffer overflows from executing. Is that enough to stop a crash?
OSsurance from Canadian-based OS Security takes an approach to computer security that I personally like, because it only permits authorized programs to install or run on a computer, even if they have passed through a firewall, anti spyware and antivirus protection. This is a classic access model used in information security. It rejects everything that is not explicitly allowed and blocks any programs that are scheduled to execute unless the user has authorized it. This approach is advantageous because OSsurance doesn't require constant updating and can provide protection regardless of where an attack originates. This contrasts with antispyware, antivirus and intrusion detection systems, which need to be constantly updated to keep up with the latest types of attack or virus. Even those using behavioral analysis have problems handling new exploits and unidentified attacks. OSsurance does however require you to scan your system each time you install a program, or update or patch existing programs and DLL files. This keeps the Authorized Program List up-to-date, enables it to protect running programs, prevent the use of unauthorized programs and DLLs, and determine whether programs on your computer have been modified without your knowledge before they are executed.

OS Security does claim OSsurance detects buffer overflow attacks on programs running on your computer, using a patent-pending method of protection. It blocks the execution of the malicious code by ensuring system resources are being used only by legitimate code. By checking the memory page attributes pointed to by the return address of the running process, it can stop the buffer overflow attack from crashing your computer. Their site states that they support Windows 2000 and Windows 2003 server, so, I suggest you download and test the fully functional 60-day trial copy so you can evaluate its performance and effectiveness firsthand.

This was last published in October 2005

Dig Deeper on Application attacks (buffer overflows, cross-site scripting)

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.