Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Computer Learning -- Ignore unavailable to you. Want to Upgrade?

To: Gottfried who wrote (20917)	6/22/2001 1:23:35 PM
From: Bicycle	Read Replies (1) \| Respond to of 110652

I came across #reply-15980390 on the Microsoft thread and thought it would be useful here, so through the magic of cut-and-paste, here it is... Buffer overrun explanation: It happens, when a programmer reserves a number of bytes in memory to receive incoming data, and there are more incoming data than the programmer reserved, and the programmer didn't make a check to find out. A program normally places data adjacent to each other, and the result of a buffer overrun is that the incoming data will override some other data (sometimes program data or stack), with erroneous values. If a buffer overrun happens by accident, the program typically becomes unstable. A hacker can exploit a buffer overrun by carefully selecting the values that he sends to the program. A simple, yet unrealistic example would be that the receive buffer is followed by a password buffer. By sending too much data, the receive buffer is filled and the password buffer is written to, also. If the data sent was ending with "house", the password will be set to "house", and the hacker can afterwards log in with the password "house", because that's what the password buffer contains. A realistic example is much more complicated and depends very much on the specific case. The remedies are simple: Check how much data is coming in, and accept only as much data as there can be in the buffer. But this requires redistributing and installing software. Buffer overruns happen in all operating systems where C and C++ programming languages are used. In order to make life safe, following has to be done: 1) Break-ins must be detected. The *nix world uses tools like tripwire for this - a database over all system files placed on a hacking-proof, read-only medium like a CD-R. 2) When buffer overruns have been detected, patches must be made quickly and made public. Microsoft is getting better and better at this. 3) Users must have means and interest in applying the patches as quickly as possible. Red Hat has a subscription service that automatically applies important patches, and Windows XP also gets that according to Microsoft information. The biggest problem for all OS vendors is that many server operators don't apply patches when they appear. Lars. Just a comment... The last line about server operators may apply to home users too. Bye4Now, FD.