Hello,

I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

1) Using course resources and the Internet, please explain a buffer overflow.

Student one:

Good morning everyone,

This week we are discussing a very specific type of vulnerability and attack vector, a buffer overflow. Buffer overflows occur when an area of memory, known as a buffer, is allocated to accept an input of some kind but no restrictions are put on that input (Oriyano, 2014). The data beyond the defined area of the buffer then overflows into other areas of memory (Oryiano, 2014). A clever attacker can use a buffer overflow to inject their own code, thus tricking the remote computer into taking some type of otherwise unintended action (Oryiano, 2014).

Buffer overflows largely became problematic due to the fact that some popular programming languages, namely C and C++, do not boundary check their inputs (Smith, 2016). Some argue that this was due to efficiency at a time when computers were slower however modern programming languages, such as Java, now automatically check for potential buffer overflow issues, thus making them safer for development from a security standpoint (Smith, 2016). Many developers continue to use C and its variants which is fine, but they MUST get into the practice of validating their inputs to prevent potential buffer overflows.

One of the more famous buffer overflow examples is the Morris Worm. The Morris Worm, which launched in 1988, is largely regarded as the first piece of malware to spread through the internet (Seltzer, 2013). The worm used a stack buffer overflow to launch itself, and while it didn’t have a payload, it did cause a large number of systems to crash, making it somewhat of an unintended denial of service attack (Seltzer, 2013).

References:

Oriyano, S. (2014). Hacker Techniques; Tools; and Incident Handling; Second Edition. Jones and Bartlett Learning.

Seltzer, L. (2013, November 04). The Morris Worm: Internet malware turns 25. Retrieved from https://www.zdnet.com/article/the-morris-worm-inte…

Smith, R. E. (2016). Elementary Information Security; Second Edition. Jones and Bartlett Learning.

-Jesse

Student two:

The buffer overflow is one of the oldest and most common security vulnerabilities. This vulnerability occurs in many kids of software due to poor programming. A buffer overflow occurs when a situation arises where a running program attempts to write in a such a way as to circumvent the memory buffer, where data is not intended to be stored. (Hacking Tutorials, 2017) To be clear, the memory buffer is a section of the computers RAM meant for temporary storage. (Hacking Tutorials, 2017) In a basic sense, this attack is carried out by the attacker entering more characters than expected into a certain input field. What will occur ,then, is the pre-determined confines of RAM will be filled, and memory adjacent to the buffer will be overwritten. (Radware, 2019) By doing so, it allows malicious code throughout the application. (Kim & Solomon, 2014)

Some of the risks of a buffer overflow attack range from compromising data integrity, allowing access to other files on the network, manipulation of programming, or the deletion of important data. (Young, 2018) This attack can allow for much more though.. as the idea is to inject code into the memory buffers and get it to execute.. so whatever the attacker can come up with for code is his only limit. This could result in privilege escalation and inevitably complete control of a system.

Certain countermeasures that can be taken against this type of attack can range from programming non-executable buffers, pay close attention when writing code and the use of array bounds checking. The programming aspect may be the most important, as this is not really a reactive countermeasure so much as it is a proactive countermeasure. If the vulnerability doesn’t exist in the first place, then obviously the attack is rendered fruitless.

Nick

Hacking Tutorials. (2017). Buffer overflow explained: The basics. Retrieved from https://www.hackingtutorials.org/exploit-tutorials…

Kim, D., & Solomon, M. (2014). Fundamentals of information systems security(2nd ed.). Burlington, MA: Jones & Bartlett Learning.

Radware. (2019). DDoS Attack Definitions – DDoSPedia. Retrieved from https://security.radware.com/ddos-knowledge-center…

Young, E. (2018). Understanding the Dangers of Buffer Overflow Attacks. Retrieved from https://www.excelsior.edu/article/understanding-th…