Team 1 Sec1.1

From CyberSecurity
Revision as of 15:05, 23 October 2005 by Ervieitez (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The simulation involved three attacks to a target computer at UC San Diego. The three attacks exploited the buffer overflow vulnerability that allowed to gain root privilege on the machine. We will also refer later to other attack techniques such as worms, botnets, etc. A “buffer overflow” is an anomalous situation where a program writes data beyond the allocated end of a buffer (portion of memory set aside to store data). Buffer overflows arise usually as a consequence of a bug (error in a computer program that causes the program not to work as intended). Particular kinds of bugs lead to security problems for example the buffer overflow bug that may allow a malicious user to execute other programs that are normally not allowed to run.

One consequence of the overflow is that valid data can be overwritten as a result. Buffer overflows are a commonly exploited computer security risk. A program which takes advantage of a vulnerability to compromise another program's security is called an "exploit". A buffer overflow exploit works by feeding the program special input content that is designed to overflow the allocated data storage buffer and change the data that follows the buffer in memory. This has usually serious consequences, since program control data often sits in the memory areas next to data buffers.

Properly written programs should check the length of input data, to ensure that it is not larger than the allocated data buffer, but this is frequently overlooked, especially by unexperienced programmers.

Retrieved from "http://cubist.cs.washington.edu/CyberSecurity/index.php?title=Team_1_Sec1.1&oldid=2121"