• Like


Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Buffer-overflowsHow they able to execute arbitrary code in your computer remotely.
  • 2. Introductionwhat is a buffer-overflow? * Major vulnerability among computing. * Its only one class of attack. * there are many more classes of attacks. * Why its so popular.How it exists in a software system. -lack of software testing. -weak personal. -Two different minds.
  • 3. It’s Not Your Computer Anymore! WHAT?what kind of things buffer-overflow can do? - execute the arbitrary code. - alter the program logic flow. - Crash the host program ^ This leads to DDoS. - bench system security. - [in worst] by pass kernel security.
  • 4. How It’s Works !Stack overflow is only a one subtype from wholethe class of buffer-overflows.Ex- Stack overflow. - x86 machines are using a stack. - How local variables stored. - How return address is stored. - insufficient bounds checking. - So now its not magic.
  • 5. Targets Affected- Calculator to Satiate. There are example history stories. - Microsoft windows OS. - Microsoft GDI+ vulnerability link: - x86 computer architecture oses. [Linux , BeOs, MacOs , etc etc] - Web servers. [ Apache , ISS] Examples - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 http://www.cert.org/advisories/CA-2003-09.html - Mobil Phones and embedded software. - Most top secured places. [ CIA , Pentagon, NSF are already hackzored ! :P ] - Router and protocol stacks. - car computer to far away satiate.
  • 6. Fighting Back Against- nothing called abstract security. But there are things to lower the possibility. - Automatic Static code analysis tools. Ex- http://www.klocwork.com/products/insight/klocwork-truepath/index.php - Libraries and compiler extensions. Ex - Stack Guard from USENIX Security. GCC Stack-Smashing Protector. Microsoft Visual Studio /GS option. IBM -qstackprotect option. StackGhost. [static but uses help of hardware] - Dynamic runtime code analysis tools, like ZoneAlarm. - Dynamic level. Dynamic level protection depends on hardware implementation. - Data Execution Preventation bit. - Hardware based bound checking. - Segmented Protection. - External protection like Antivirus Servers ,IDS firewalls, NAT, DMZ zones etc etc.
  • 7. Finally• Final Conclusion . No matter what security we invoke or enforce, oursoftware/hardware and computers are still vulnerable to bufferoverflows. The most best way to prevent is code very carefully. Gothrough more code reviews. Computing is a hostile environment !“ I never travel on a plane ,if plane automatic control electronics usesthe software that I have written !” -- James Glossring [author of Java[ programming language and chief softwarearchitect of Sun Microsystems]Thanks.