Buffer Overflow Attacks

Description:

Will the Code You Write Today, Headline Tomorrow’s BugTraq Mail List?
Forensic investigations of notorious Internet attacks, such as the SQL Slammer and Blaster Worms, reveal buffer overflows to be the sophisticated hacker’s “vulnerability of choice.” These worms crippled the Internet and cost billions of dollars to clean up. Now, even more powerful and insidious threats have appeared in the form of “custom exploits.”

These one-time only exploits are custom crafted to attack your enterprise, making them even more difficult to detect and defend. No catchy names, no media coverage; just your own personal disaster.

James C. Foster’s Buffer Overflow Attacks clearly demonstrates that the only way to defend against the endless variety of buffer overflow attacks is to implement a comprehensive design, coding and test plan for all of your applications. From Dave Aitel’s Foreword through the last appendix, this is the only book dedicated exclusively to detecting, exploiting, and preventing buffer overflow attacks. In Buffer Overflow Attacks, you will see:

Includes Numbered-by-Line Exploit Code Examples That Illustrate the Differences Between Stack Overflows, Heap Corruption, and Format String Bugs
Provides Case Studies for Most Major Platforms and Environments, Including Windows, FreeBSD, FrontPage, and Linux,
Avoid Worm or Custom Exploits by Analyzing Your Source Code to Detect Buffer Overflow Vulnerabilities
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

描述：
你今天寫的程式碼，明天是否會成為BugTraq郵件列表的頭條新聞？
對於臭名昭著的互聯網攻擊，如SQL Slammer和Blaster蠕蟲，鑑證調查顯示緩衝區溢出是高級黑客的“首選漏洞”。這些蠕蟲使互聯網癱瘓，清理工作耗費數十億美元。現在，更強大和隱蔽的威脅以“自定義利用”形式出現。

這些一次性利用是為了攻擊你的企業而定制的，使它們更難以檢測和防禦。沒有引人注目的名字，沒有媒體報導；只有你自己的個人災難。

詹姆斯·C·福斯特的《緩衝區溢出攻擊》清楚地表明，對抗各種緩衝區溢出攻擊的唯一方法是為所有應用程序實施全面的設計、編碼和測試計劃。從戴夫·艾特爾的前言到最後的附錄，這是唯一一本專門用於檢測、利用和防止緩衝區溢出攻擊的書籍。在《緩衝區溢出攻擊》中，你將看到：

- 包含按行編號的利用代碼示例，說明堆棧溢出、堆破壞和格式字符串漏洞之間的差異
- 提供大多數主要平台和環境的案例研究，包括Windows、FreeBSD、FrontPage和Linux
- 通過分析源代碼來檢測緩衝區溢出漏洞，避免蠕蟲或自定義利用
- SANS研究所維護著一份“十大軟件漏洞”列表。目前，這些漏洞中超過一半可以被緩衝區溢出攻擊利用，使得這類攻擊成為惡意攻擊者最常見和最危險的武器之一。這是第一本專門用於檢測、利用和防止最常見和最危險攻擊的書籍。

近年來，幾乎所有對互聯網造成重大破壞的計算機攻擊，包括SQL Slammer、Blaster和I Love You攻擊。如果執行得當，溢出漏洞將允許攻擊者以被溢出的進程的等效權限在受害者的計算機上運行任意代碼。這通常用於為受害者機器提供遠程shell，可用於進一步的利用。

緩衝區溢出是某些編程語言中存在的意外行為。本書從黑客的角度提供了具體的、真實的代碼示例，以利用緩衝區溢出攻擊，並為軟件開發人員提供防禦這些攻擊的方法。