Buffer Overflow Attacks: Detect, Exploit, Prevent eBook / IT (Information Technology) Books
CBT Training IT Training eBook Specialists
 
<!-- function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } //-->
 Buffer Overflow Attacks: Detect, Exploit, Prevent eBook (Prices exclude VAT)
[to previous page]   [other products in "Technical/Computing eBooks (Security)"]
Buffer Overflow Attacks: Detect, Exploit, Prevent eBook or a generic image.
larger image
Product: Buffer Overflow Attacks: Detect, Exploit, Prevent eBook
Price:
  Email or Download    £11.99 
  CD-ROM    £13.99 
 
Jobs:
Description:

Buffer Overflow Attacks: Detect, Exploit, Prevent

By James C. Foster, Foreword by Dave Aitel

HIGHLIGHT
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows.

Date: Jan 2005

Pages: 520 (est.)

User level: Intermediate/Advanced

SAMPLE CHAPTER : Format String Attacks

DESCRIPTION
Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

KEY SELLING POINTS
  • Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows.
  • None of the current-best selling software security books focus exclusively on buffer overflows.
  • This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

MARKET INFORMATION
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. And, the Natioanl Institute of Standards and Technology reports that 23% of all vulnerabilities reported in 2003 were Buffer Overflow attacks, reinforcing how common and dangerous these attacks are.

Competing books provide coverage of buffer overflow attacks along with many other classes of attacks. While the competition does provide adequate coverage, none of these books go into the depths of analysis of code as this book.

ABOUT THE AUTHOR
James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine(acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.

TECHNOLOGY BACKGROUND
A buffer overrun occurs when a program sets aside a certain amount of memory (say 100 bytes) to hold certain data--this is the buffer. But then a user tries to stuff in 200 bytes of input, and like someone attempting to pour a pint of milk into a glass that'll only hold half a pint, the remainder will overflow. The computer equivalent of the milk spilling on the floor is the extra 100 bytes of data overwriting critical values in memory that control a program's path of execution. The results of this "overflow" can be devastating, and can also be spread quickly across the Internet through worms and e-mail attachments. The most destructive buffer overflow attack ever launched was the SQL Slammer worm.


Recent Additions:
Canon G5 Video Manual (DVD)
ECDL - European Computer Drivers License Complete Course
ECSA/LPT: EC-Council Certified Security Analyst/ Licensed Penetration Tester
Exam 70-620 - Configuring Windows Vista Client
MCP 70-442 - Designing and Optimizing Data Access by Using SQL Server 2005
MCP 70-526 - .NET Framework 2.0 - Windows-Based Client Development - For C#
MCP 70-526 - .NET Framework 2.0 - Windows-Based Client Development - For VB
MCP 70-528 - .NET Framework 2.0 - Web-Based Client Development For C#
MCP 70-528 - .NET Framework 2.0 - Web-Based Client Development For VB
MCP 70-551 - UPGRADE MCAD skills to MCPD - For C#
MCP 70-551 - UPGRADE MCAD skills to MCPD - For VB
MCP 70-552 - UPGRADE MCAD Skills to MCPD - For C#
MCP 70-552 - UPGRADE MCAD Skills to MCPD - For VB
MCP 70-553: UPGRADE MCSD .NET to MCPD - For C#
MCP 70-553: UPGRADE MCSD .NET to MCPD - For VB
Microsoft Access 2007 Training Course
Microsoft Excel 2007 Training Course
Microsoft Outlook 2007 Training Course
Microsoft PowerPoint 2003
Microsoft Powerpoint 2007 Training Course
Microsoft Project 2003
Microsoft Visio 2003
Microsoft Word 2007 Training Course
Novell GroupWise 7 Training Course
OpenOffice Calc 2.x Training Course
OpenOffice Impress 2.x Training Course
OpenOffice Writer 2.x Training Course
SUSE Linux Enterprise Desktop 10 (SLED) Training Course
Video Basics - 5 Steps to Video Production (DVD)
VMware ESX Server Training
VMware Virtual Server & Workstation Training

1Gb USB 2.0 Flash Drive on Special Offer.

Paypal, Verified By Visa, Mastercard SecureCode, Cheques or Invoice

RCS Newsletter
*Verify: 1493511

Quick Links
 ***Special offers ***
 Bookmark this Site
 Books / eBooks
 CBT Courses
 Classroom Courses
 CompTIA Courses
 Find A Course
 Distance Courses
 Contact Us
 FAQs
 Jobs
 LMS (Enterprise)
 Online/Web Courses
 **Recent Additions**
 Testimonials
 Terms & Conditions
Recent Pages

Child Care Courses
MCSE Training Courses
Dedicated Servers
Accounting Software
Choosing Software
Backup Software

Settings, Tip & Tricks
ComputerArticles
Biodiesel Energy
Computer Training
PPE Safety Equipment
Copyright 2002-2006 RCS Limited. All rights reserved. More ...
RCS Limited for home study/ self study/home learning/CBT/Computer Based Training SSL