04-10-2010, 11:21 AM
Buffer Overflow.ppt (Size: 389 KB / Downloads: 52)
Buffer Overflow , Virus & Worms and The “stacheldraht” service attack tool
abstract
over flow
A process in memory:
- text (Program code; marked
read-only, so any attempts to
write to it will result in
segmentation fault)
- data segment (Global and
static variables)
- stack (Dynamic variables)
The process is blocked and is rescheduled to run again with a larger memory space if the user attack exhausts available memory.
worm and virus
parasitic programs which are designed to alter the way a computer operates without the permission or knowledge of the user.
-must meet two criteria:
-must execute itself. it will often place its own code in the
path of execution of another program.
- must replicate itself.
- require infected host file, but worms don't.
- they incorporate themselves within executable program files.
- some infects in files such as MS-Word and MS-Excel (because we could put strings of program commands (called "macros") in the data files)
- some attach themselves to boot records.
- they infects in files until the layload