| OverviewWill the Code You Write Today Headline Tomorrow's BugTraq
Mail List?
Includes Numbered-by-Line
Exploit Code Examples That Illustrate the Differences
Between Stack Overflows, Heap Corruption, and Format String
Bugs Provides Case Studies for Most Major
Platforms and Environments, Including Windows, FreeBSD,
FrontPage, and Linux Avoid Worm or Custom Exploits by Analyzing
Your Source Code to Detect Buffer Overflow
Vulnerabilities
Forensic investigations of notorious Internet attacks, such
as the SQL Slammer and Blaster Worms, reveal buffer
overflows to be the sophisticated hacker's "vulnerability of
choice". These worms crippled the Internet and cost billions
of dollars to clean up. Now, even more powerful and
insidious threats have appeared in the form of "custom
exploits". These one-time only exploits are custom crafted
to attack your enterprise, making them even more difficult
to detect and defend. No catchy names, no media coverage;
just your own personal disaster.
James C. Foster's Buffer Overflow
Attacks clearly demonstrates that the only way to
defend against the endless variety of buffer overflow
attacks is to implement a comprehensive design, coding and
test plan for all of your applications. From Dave Aitel's
Foreword through the last appendix, this is the only book
dedicated exclusively to detecting, exploiting, and
preventing buffer overflow attacks.
CONTENTS OF THIS BOOK INCLUDE
Buffer Overflows: The Essentials
Understanding Shellcode
Writing Shellcode
Win32 Assembly
Case Study: FreeBSD NN Exploit Code
Case Study: xlockmore User Supplied Format String
Vulnerability (CVE-2000-0763)
Case Study: FrontPage Denial of Service Utilizing
WinSock
Stack Overflows
Heap Corruption
Format String Attacks
Windows Buffer Overflows
Case Study: cURL buffer overflow on Linux
Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer
Overflow Vulnerability (CAN-2002-0656)
Case Study: X11R6 4.2 XLOCALEDIR Overflow
Case Study: Microsoft MDAC Denial of Service
Case Study: Local UUX Buffer Overflow on HPUX
Finding Buffer Overflows in Source
Case Study: InlineEgg I
Case Study: InlineEgg II
Case Study: Seti@Home Exploit Code
Case Study: Microsoft CodeBlue Exploit Code
The Complete Data Conversion Table
Useful Syscalls
Additional Exploit References Editorial ReviewsProduct DescriptionThe SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.
Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim's machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.
A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.
*Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows.
*None of the current-best selling software security books focus exclusively on buffer overflows.
*This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer. |
Other Readers Also Read | Top Sellers in This Category | Browse Similar Topics | | | Top Level Categories:Sub-Categories: | | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') Average Customer Rating: based on 6 reviews. Full of errors and inconsistencies, 2008-07-29 Reviewer rating: Does Syngress (the publisher) employ proof readers?
I doubt it. This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.
And then there's the confusion of ESP and EIP in several places throughout the book. For a collection of 'expert information' it comes off as a rather amateurish production. Makes you wonder... what else have they got wrong?
You'll notice this is very much the same as the review I've posted for "Sockets, Shellcode, Porting & Coding"... that is because it too is horrendous for errors.
This is 2 books from Syngress I've got that are very poor quality. What's going on guys? | Great book to start with., 2006-09-14 Reviewer rating: This is a great book to start understanding buffer overflows with. You do need some fimiliarity with assembly or you are not going to understand the code that is through out this book, almost every other page.
This gives step by step examples in reading, creating and disassembling shellcode and buffer overflows. I'v read some of the other reviews which suggest their was not much proof reading done it seems like it. I myself found many spelling erros but technical wise I have yet to see any. Maybe my second read I will find some. | Proofread? Editorial and Technical reveiw?...., 2006-03-04 Reviewer rating: For a book dedicated to such an important topic, my experience with this book was at best disappointing. This goes both for the authors (as they are primarily responsible for the material), as well as the publisher (Syngress). One would doubt whether the book has gone through any meaningful editorial review process. The errata posted on Syngress' site (bad site-design with a great deal of broken URLs in the book's relevant-links page by the way, and one "has to" sign up to obtain the errata) are utterly incomplete. The book at the time of this writing lacks an accompanying website (no reference in the errata or in the book itself).
This is an unfortunate development that one certainly notices in the recent publications pertaining to security topic, perhaps as a result of the urge to push content out to satisfy the hot-market demands.
On the technical front, the choice for the topics seems to be reasonably covering most corners; however, throughout the book there's a focus on pre-SP2 release of Microsoft Windows XP; why? If one of the objectives of the authors was to educate the audience on the topics (by providing practical and working examples), wouldn't such choice defeat the purpose?
| Finally a book on BO attacks, 2005-03-30 Reviewer rating: Buffer overflow attacks have been around for over 30 years, finally there is a book on the topic.
this is a valuable title and worth the wait! | Disturbing, 2005-02-27 Reviewer rating: This book upset me. Not really the book itself, that's great, but what it implies: that this type of exploit hasn't gone away. I thought things were getting better, but the author explains that is an illusion: it's just that the reporting slacked off.
It is hard to believe that programmers keep making the same mistakes over and over again. This book shows what those mistakes are and how hackers exploit them. You need a good understanding of assembly language to get much out of this, but if you do have that background, this is a real eye-opener.
Extremely detailed, and some of this is a bit of a reach for me (it's been many a year since I did any C or Assembler), but it is fascinating, though in the same sense that watching a tiger stalk you would be: it's scary.
Certainly recommended for people who are writing code today, and I hope more of them pay attention, though the authors attitude seems to be that these problems will continue to plague us. |
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
