Buffer-Overflow Attacks, Essay Example

Buffer-overflow attacks are based on the principle that hackers can exploit a program’s inability to store a large quantity of data in a buffer. When it attempts to store more data than it was meant to, the additional information can overflow into other buffers, which can potentially overwrite the data that was initially stored within them. This process can occur accidentally, but it is also a major security threat that computer users should be aware of. In the purposeful malignant attack, the excess information that was unable to fit in the original buffer contains codes that are able to cause additional actions rooting from the overflow. This new information has been used in order to access user files and to change important documents.

To ensure that individuals are able to protect any information stored on their private computers, it is essential to understand why these attacks occur. Many information technology professionals believe that it is due to inherent errors present in the C programming language in addition to poor coding that allows the buffering system to become vulnerable. Advanced hackers have been creative in sending buffer-overflow attacks in the form of viruses for the purpose of stealing information. In one particular case that occurred in 2000, users of Microsoft Office were sent an email that initiated the attack. Upon receiving the email, computers became infected even if the users did not open the links it contained (Rouse, 2007).

Since talented hackers can initiate buffer-overflow attacks easily, it is essential to understand how to avoid them. To do so, it is essential for programmers to ensure that buffer-overflows do not occur in the programs they create. This can include using program languages that tend to not result in buffer-overflows, such as PERL, Python, PHP, .NET, Java, and others. Fortunately, even if a program is released that demonstrates this vulnerability, patches can be made in order to resolve some of the existing bugs. When these tools are initially developed, additional programs can be used to screen errors. These compiler tools include StackShield, StackGuard, and Libsafe. In addition to the above recommendations, the creation of vulnerabilities that contribute to buffer-overflow attacks can be resolved in part due to code auditing and developer training. It is essential for programmers to be careful when writing their code and to check for unsafe functions throughout. For example, strncatcan be used instead of strcat andstrncpy can be used instead of strcpy.

To protect against a stack overflow, it is essential to deploy on systems that are capable of using non-executable stacks. Furthermore, the code should be screen to ensure that it isn’t too long and contains junk characters. If a vulnerable programming language is used, programmers should be sure to be up to date in terms of patches, use compilers that protect against the overflows, and use the principle of least privilege. Stack overflows can be prevented using this method as well. Format string buffer-overflow, Unicode overflow, and integer overflow can be resolved using similar methods. To specifically prevent integer overflows however, it is important to use integers without sign values when numbers are not negative and range checking should be utilized after arithmetic operations. Lastly, exceptions should be checked depending on the language that is used and its ability to support this function.

References

Gibson D. (2011). Managing Risk In Information Systems. Jones & Bartlett Learning.

Rouse M. (2007). Buffer Overflow. TechTarget. Retrieved from  http://searchsecurity.techtarget.com/definition/buffer-overflow