|
UnixReview.com
June 2005
Book Review:
Buffer Overflow Attacks: Detect, Exploit, Prevent
Reviewed by
Kristy Westphal
Buffer Overflow Attacks: Detect, Exploit, Prevent
By James C. Foster, Vitaly Osipov, Nish Bhalla, Niels Heinen
Syngress, January 2005
ISBN 1-932266-67-4
497 pages 
After reading Buffer
Overflow Attacks, I found myself highly frustrated at anyone who develops
code and who doesn't check for buffer overflows. If you are one of those people,
and you don't have this book, get a copy. If you don't choose this book, then
find a book somewhere that covers this topic to similar depth. It's important
to understand this topic and how to prevent buffer overflows because they are
one of the oldest and most-used exploits out there.
This book does an excellent job of walking you through the entire process,
from defining buffer overflows to actually writing exploits. It covers Win32
as well as Linux and FreeBSD types of overflows, and deftly points out the differences
between them. Keep in mind that overflows are simple in explanation, but as
they vary from platform to platform, there are many challenges to getting them
right.
Each category of overflow discussed (heap corruption, stack, format strings
and Windows buffer overflows) examines the pertinent issues, applies the overflow
type to the relevant architecture, shows the exact snippets of code needed to
execute a successful exploit, and then analyzes the entire code set. The authors
challenge the reader to write code that might be the next headline, but the
real point is to educate the reader on how these types of exploits occur and,
better yet, how they can be prevented.
|
