StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Stack and Buffer Attacks in Operating Systems - Essay Example

Cite this document
Summary
This essay "Stack and Buffer Attacks in Operating Systems" states that administrators can avoid buffer overflows by taking their time in considering the buffer size and avoid buffer overflow. Software users should take full responsibility for their codes in order to secure a program…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.7% of users find it useful
Stack and Buffer Attacks in Operating Systems
Read Text Preview

Extract of sample "Stack and Buffer Attacks in Operating Systems"

Due: Stack and Buffer Attacks in Operating Systems Introduction A buffer attack is a programming error that attempts to store data beyond the required maximum storage of fixed size buffer. Stack and buffer attacks occur when an application puts more data into a memory address such that it cannot handle. The results of buffer attacks may cause corruption in the neighboring data on the stack. The aftermath may also be a systems crash if the overflow was provoked by mistake. Buffer overflows from the past ten years have dominated in the areas of remote network penetrations especially in cases where a user has a total control of a host. Buffer overflow vulnerability gives an attacker with the option to generate and run a code; the code then attacks the vulnerable application allowing the user to define the term of bias on the application giving an attacker the option to control a system (Crispin Cowan 1999) The first buffer attack was widely used by the Morris Worm in the year 1988. Afterwards malicious crackers discovered the vulnerability and designed ways to exploit the advantage of vulnerability attack on system. In 1995, a buffer overflow was discovered in NCSA httpd 3 (this an open source web server for nix systems) then published on the Bugtrag mailing list by Lopatic Thomas. The bug caused the system to crash. The server had MAX_STRING_LEN defined into 256 characters, such that when a user request was larger than 256, the server would crash. In the access process, a user request looked like a normal request and most of the users were not able to detect any error on log file. The bug was later fixed by redefining the MAX_STRING_LEN to a bigger number. In the year 1996, Aleph One a registered Acorn developer best known for producing high speed processor cards, published the ‘ Smashing The Stack The Stack For Fun And Profit’ in Phrack magazine showing the procedure of exploiting the stack based buffer overflow vulnerabilities. Year 2001, a buffer overflow vulnerability was detected in Microsoft IIS 5.0 running on windows 2000 by Eye Digital Security . The vulnerability allowed a remote hacker to execute an arbitrary code on a targeted user by allowing the intruder to have a full administration control of the targeted computer. The gate way for the attackers was the internet printing protocol extension installed in windows 2000. To counteract this, a patch was made by Microsoft allowing windows 2000 users to patch from Microsoft. Another historical buffer overflows happened2003 in Microsoft SQL server 2000 using a “Slammer worm”. In this case an attacker could cause partial memory loss of a system memory by crafting packets onto the SQL server resolution Centre allowing them to execute the attacking code. This caused massive failure of the SQL server service. The vulnerability could be avoided by blocking port 1431 through the systems firewall or by restarting the SQL server on the affected systems (Organick 1983). The latest buffer attack happened in 2004 in Microsoft windows XP 2000 where by, an attacker could send vulnerable message to TCP 139 port or 445 on the targeted computer allowing the attacker to execute arbitrary codes on the system unit. For the Microsoft XP 2000 attack to be successful, an intruder would first code an executable application. The attack was mostly affected the clients systems and the terminal servers. Microsoft resolved this error by upgrading the service pack for Microsoft windows XP. Disadvantages caused by buffer and stack overflow outweigh the advantages. Through buffer attacks, users have gone to extend of spending a lot of money in upgrading the attacked systems. Cases such as the attack of the Microsoft windows XP in 2004, Microsoft fixed the bug by fully upgrading the systems kernel. The only legit advantage from buffer and stack overflow attack is the process can be used to randomly access and alter files if an application malfunctions. In other cases the method of attack can be used by detectives to spoof a suspect data (Patel 2002). Data loss as well as hardware malfunction have resulted due to buffer attacks. A slammer worm that affected the Microsoft SQL caused the affected systems to have a partial or full memory loss depending on the size of the overflow. If a system has experiences cumulated overflow attacks, it may cause the system hard disks to be unreadable as it causes patches on the memory through formatting string. In today’s era various techniques in software development have been used to heighten security of executable programs by detecting buffer and stack overflows. The techniques works by modifying the storage of data in the stack data structure or a run time stack in a subroutine. A system would show overflow when a canary added to the subroutine is destroyed. Various techniques implemented to prevent buffer and stack attacks include; Use of stock guard, a stock guard is compiler that checks activation codes for return address. The technique works by executing small patches that emit code functions through placing a canary word adjacent to the stack return address. In order to prevent forgery of the canary word, the stock guard uses a terminator canary and random canary. An attacker would not be able to use the symbols in the embedded terminator canary, such as the standard string CR, EOF. The copying mechanism of attack will end if an attacker hits the implanted symbols. The random canary uses a 32 bit numbers which are used after the program execution. An attacker would not spoof the numbers as they are stored secretly and hard to guess. Onother method of preventing stack and buffer attack include the use of coded hand stack examining. The stack examines the system unit in order to detect buffer overflows by providing protection in the LIBC codes. This method is not widely used for protection as it does not protect programs that do not use the LIBC vulnerability. Bound checking the compiler is also another way of protecting buffer flow attacks. The technique works through by adding unique information to different memory units then executing the pointers against the runtime. In latest software upgrade in order to prevent attacks, Programmers use the most sophisticated compiler application, the Pro police. This application, re-arranges the local variables in such a way that the CHAR buffers are allocated at the top of the stack then protected by a guard value. However this method is now widely used as it does not run as accordingly with small buffers. (Patel 2002) Tagging technique is also used to detect buffer overflows. Developed in 19th century, the compiler based technique performs by tagging different slots of data in a memory. The latest software to be made available is the stack ghost application coded with java from the Sun Microsystems. The application protects the pointers by detecting any modifications then automatically protects the installed software without the use of source code. Stack ghost is the most widely used technique as the GNU debugger in the application is enabled. Computer users are widely reminded to limit the buffer size. This can be done by never allowing much data to be stored in a buffer against the manufacture’s limit size. Following the advantages and disadvantages of stack and buffer attacks, it can be concluded that buffer overflows constitute most of the vulnerability problems. Combination of different techniques for preventing such attacks would hinder overflow and stack attack, if they were fully implemented. Attacks such as the one used by Morris in 1988 is uncommon and modern attacks and would not be widely prevented using the current methods of protection. Administrators can avoid buffer overflows by taking their time in considering the buffer size and avoid buffer overflow. Software users should take full responsibility of their codes in order to secure a program thus ensuring the production of more and safer programs. Works cited Crispin Cowan, Steve Beattie, John Johansen, and Perry Wagle, “PointGuard: Protecting Pointers From Buffer Overflow Vulnerabilities,” Proceedings of the 12th USENIX Security , 2003 J. Xu, S. Patel, “Architecture Support for Defending Against Buffer Overflow Attacks”, Workshop on Evaluating and Architecting Systems for Dependability .2002 Organick, A programmers View of the Intel 432 System, McGraw York, N.Y 1983 Crispin Cowan, Steve Beattie, “Protecting Systems from Stack Smashing Attacks with StackGuard”. Raleigh, NC, May 1999. C. Cowan et al., “StackGuard: Automatic Adaptive Detec-tion and Prevention of Buffer overrun attacks ”, www.immunix.com/pdfs/usenixsc98.pdf. Proc. Usenix Security Symp. 1998 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Stack and Buffer Attacks in Operating Systems Essay Example | Topics and Well Written Essays - 1250 words, n.d.)
Stack and Buffer Attacks in Operating Systems Essay Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1825582-stack-and-buffer-attacks-in-operating-systems
(Stack and Buffer Attacks in Operating Systems Essay Example | Topics and Well Written Essays - 1250 Words)
Stack and Buffer Attacks in Operating Systems Essay Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1825582-stack-and-buffer-attacks-in-operating-systems.
“Stack and Buffer Attacks in Operating Systems Essay Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1825582-stack-and-buffer-attacks-in-operating-systems.
  • Cited: 0 times

CHECK THESE SAMPLES OF Stack and Buffer Attacks in Operating Systems

Using of Windows 2000

yriad protocols have been developed over the years to protect computing systems that employ commerce transactions and contain highly confidential information.... In order to protect these computing systems, numerous systems have been developed but loopholes still remain.... Table of Contents Abstract 1 Introduction 3 Vulnerabilities in Networks 3 Delineating HTTPS and Port 443 4 Case Study 4 Assumptions 4 Way Forward 5 Analysis of Assumptions 5 Gathering Intel for Attack 5 Accessing the Server 6 Reason for buffer Overflow 8 Securing a Foothold 8 Conclusion 9 Bibliography 10 Introduction Windows 2000 was developed by Microsoft as a business solution to host data and other services....
7 Pages (1750 words) Essay

Cyber/digital Attacks

This paper  ''Cyber/digital attacks'' tells that Cyber-attacks are a deliberate or unintentional unauthorized task, which cannot be avoided or is in avoidable that that is capable of causing a vagary on the cyberspace resources.... There was also a provision of extensive security to media group that gave hand to the police while carrying out the investigation while the vulnerable attacks that were frequent were blacklisted so that more security concern were availed in those areas (Middleton, 2005)....
12 Pages (3000 words) Literature review

Denial of Service Issues and Solutions

Denial of Service attacks I.... (Stallings, 2006) In DoS attacks, attackers hold the data to modify or change it so that the data transfer time will be longer than usual to reach the intended websites or servers.... Purpose The major intention of DoS attacks is to hinder legitimate users from accessing the resources that they should be allowed to.... It has been argued that DoS attacks usually consumes software bugs to crash a service or network resource or even bandwidth limits by flooding attacks to saturate all bandwidth....
19 Pages (4750 words) Dissertation

Establishing the Operations at the International Market

Legal factors Every country has different legal systems from each other.... Thus, different factors contribute to either the success or failure of businesses operating at an international level.... As constitutions govern different countries, the constitution establishes the laws governing businesses operating within its jurisdiction....
4 Pages (1000 words) Essay

Examination of the Technologies Currently Employed for the Detection of a Worm Attack and Its Subsequent Negation

nbsp; Lyle (1997) posits that most attacks fall within one of three main categories: attacks on integrity, attacks on confidentiality or attacks on availability.... If the integrity of a system cannot be maintained, then the attacks on confidentiality and availability are much more likely to succeed.... The motivation for attacks is as varied and numerous as the potential attackers in the world....
36 Pages (9000 words) Term Paper

Windows Server 2008 and Windows 7

It has new optimization tools that assist in decreasing battery… On the other hand, windows 7 has new options that enable an individual to look for keywords in storage devices attached, documents and emails (Krebs, 2009). In addition, this operating system can be Windows Server 2008 and Windows 7 Windows 7 This is one of the greatest desktop operating systems and it is not a Server operating system.... In addition, this operating system can be virtualized and allows several operating systems to be present in a single host machine....
1 Pages (250 words) Essay

Injection attacks

Injection attacks refer to the introduction of malicious codes or scripts into a program or web application from an external source (Patel, Mohammed & Soni, 2011).... An example includes an input field provided by web application to gather input from an end-user. ... ... olhe and… (2014) define SQL injection as a code injection attack involving the insertion of malicious SQL statements into an entry field for subsequent execution so as to attack the database and perform varied forms of database operations, interactions and functions without the This SQL injection would fool the database to be a regular user query and then easily access the system....
3 Pages (750 words) Research Paper

Implementing Database Security

With these features, users of the 2014 MS SQL server will be able to form a database in an SQL Server operating in on-premises or in a computer-generated device in Windows Azure with a developing storage site the users' information in Windows Azure Blob Storage.... I can ensure that the DBMS operating in a consistent overall secure environment by first checking whether DBMS setting on which it is operating is at maximum capacity and output.... C2 Security is important because it must be fixed in the SQL Server in line with the assessed configuration or the user will fail to confirm that he or she is operating a C2-level system (Natan, p....
2 Pages (500 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us