Presentation is loading. Please wait.

Presentation is loading. Please wait.

SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 1 Agenda Last words on buffer overflows Overview.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 1 Agenda Last words on buffer overflows Overview."— Presentation transcript:

1 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 1 Agenda Last words on buffer overflows Overview of a few more techniques Defenses Attacks on network protocols

2 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 2 Stack-based overflow: more techniques Injected code can be in The overflowed buffer itself An environment variable Another buffer (which is not overflowed) Intrusion detection systems Check for non-ASCII bytes in buffers Attackers then use polymorphic shellcodes Non-executable stack “Return to libc” technique Point return address to, say, system(), execve() Feed system() with a string pointing to a shell

3 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 3 Other Overflow Attacks Heap and BSS overflow I need more time on this Use one dynamically allocated variable to overflow another This will change the way the program behaves Format string vulnerabilities Printf() … Off-by-one overflow

4 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 4 Buffer-overflow defenses Write correct code Code auditing (by humans) Static code analysis: quite effective Use fault-injection tools, Non-executable stack Array-bound checking (with compiler) Code pointer integrity checking StackShield, StackGuard, PointGuard Read Phrack Magazine 56 (5), May 2000

5 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 5 Other things Password cracking Dictionary attacks Exhaustive brute-force attacks Hash lookup tables Password probability matrix WEP attacks Offline brute-force attacks Keystream reuse IP redirection Fluhrer, Mantin, and Shamir (FMS) attack

6 SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 6 Some network protocol attacks & techniques SYN-flooding TCP/IP Hijacking RST hijacking The ping of death Ping flooding, amplification attacks Port scanning Stealth SYN scan FIN, X-mas, Null scans Spoofing decoys Idle scanning IP Spoofing and defenses against it

Download ppt "SUNY at Buffalo; Computer Science; CSE620 – Advanced Networking Concepts; Fall 2005; Instructor: Hung Q. Ngo 1 Agenda Last words on buffer overflows Overview."

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Smashing the Stack for Fun and Profit

Smashing the Stack for Fun and Profit
Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.
CIS 193A – Lesson13 Attack and Defense. CIS 193A – Lesson13 Focus Question Describe how Nmap, psad, and iptables work together for playing out attack.

CIS 193A – Lesson13 Attack and Defense. CIS 193A – Lesson13 Focus Question Describe how Nmap, psad, and iptables work together for playing out attack.
SECURITY EVALUATION OF AN ORGANIZATION TA Md Morshedul Islam.

SECURITY EVALUATION OF AN ORGANIZATION TA Md Morshedul Islam.
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.

Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Foundations of Network and Computer Security J J ohn Black Lecture #27 Dec 9 th 2004 CSCI 6268/TLEN 5831, Fall 2004.

Foundations of Network and Computer Security J J ohn Black Lecture #27 Dec 9 th 2004 CSCI 6268/TLEN 5831, Fall 2004.
Yan Chen Dept. of Computer Science Northwestern University Information Security Curriculum Development in Northwestern.

Yan Chen Dept. of Computer Science Northwestern University Information Security Curriculum Development in Northwestern.
1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)
Lecture 16 Buffer Overflow

Lecture 16 Buffer Overflow
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow II: Defense Techniques Cliff Zou Spring 2013.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow II: Defense Techniques Cliff Zou Spring 2013.
Capture The Flag Review Fall 2003 Giovanni Vigna University of California Santa Barbara

Capture The Flag Review Fall 2003 Giovanni Vigna University of California Santa Barbara
Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer Brett Hodges April 8, 2010.

Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer Brett Hodges April 8, 2010.

Similar presentations

Ads by Google