Some software isn't effective because it proves unable to prevent the propagation of worms, but this guide examines where security holes come from, how to discover them, how to protect systems, and how to do away with security holes altogether.
How hackers, viruses, and worms attack computers from the Internet and exploit security holes in software is explained in this outline of antivirus software, patches, and firewalls that try in vain to withstand the storm of attacks. Some software's effectiveness exists only in the imaginations of its developers because they prove unable to prevent the propagation of worms, but this guide examines where security holes come from, how to discover them, how to protect systems (both Windows and Unix), and how to do away with security holes altogether. Unpublished advanced exploits and techniques in both C and Assembly languages are included.
We are living in a harsh and cruel world. Popular software that runs on millions of machines all over the world contains security holes, most of which are critical. Hackers, viruses and worms actively exploit these holes, attacking from all corners of the Net. The vast majority of remote attacks are carried out by exploiting buffer overflow, the particular case of which is stack overflow. Those who have mastered the techniques of exploiting buffer overflow errors rule the world. If you need a guide to navigate the world of buffers subject to overflow supplied with the detailed survival guide, then this book is for you. Just open the door and enter the wonderful world hidden behind the facade of programming in high-level programming languages. This is where the gears that set everything else in motion are working.
Why are overflow errors so fundamental? What can you do using them? How do you find a vulnerable buffer? What limitations do such buffers imply on the shellcode? How do you overcome these limitations? What tools should you use to compile shellcode? How do you send this code to remote host yet remain unnoticed? How do you bypass a firewall? How do you detect and analyze shell-code written by someone else? And how do you protect your programs against overflow errors?
That the antiviral industry is a kind of a club for a limited community is not a secret to anyone. This community is closed and is not too willing to accept new members. It owns information intended for insiders only. This is partially because of security considerations, but this is also due to the pernicious effects of competition. This book partially discloses the secrets.