View Larger Image	James C. Foster, Vitaly Osipov, Nish Bhalla, Niels Heinen Syngress, Paperback, Published February 2005, 497 pages, ISBN 1932266674
	List Price: $34.95 Our Price: $25.50 You Save: $9.45 (27% Off)
	Availability: Out-Of-Stock

Write a Review and tell the world about this title!

People who purchase this book frequently purchase:

• Sockets, Shellcode, Porting, and Coding; James C. Foster, $35.50, 29% Off!
• The Art of Computer Virus Research and Defense; Peter Szor, $29.95, 46% Off!
• Intrusion Prevention and Active Response; Michael Rash, et al, $27.50, 45% Off!
• Rootkits: Subverting the Windows Kernel; Greg Hoglund, et al, $29.95, 46% Off!

• Enterprise Computing : Security

• Syngress

· Includes Numbered-by-Line Exploit Code Examples That Illustrate the Differences Between Stack Overflows, Heap Corruption, and Format String Bugs

· Provides Case Studies for Most Major Platforms and Environments, Including Windows, FreeBSD, FrontPage, and Linux,

· Avoid Worm or Custom Exploits by Analyzing Your Source Code to Detect Buffer Overflow Vulnerabilities

Forensic investigations of notorious Internet attacks, such as the SQL Slammer and Blaster Worms, reveal buffer overflows to be the sophisticated hacker’s “vulnerability of choice”. These worms crippled the Internet and cost billions of dollars to clean up. Now, even more powerful and insidious threats have appeared in the form of “custom exploits”. These one-time only exploits are custom crafted to attack your enterprise, making them even more difficult to detect and defend. No catchy names, no media coverage; just your own personal disaster.

James C. Foster’s Buffer Overflow Attacks clearly demonstrates that the only way to defend against the endless variety of buffer overflow attacks is to implement a comprehensive design, coding and test plan for all of your applications. From Dave Aitel’s Foreword through the last appendix, this is the only book dedicated exclusively to detecting, exploiting, and preventing buffer overflow attacks.

Table of Contents

Buffer Overflows: The Essentials

Understanding Shellcode

Writing Shellcode

Win32 Assembly

Case Study: FreeBSD NN Exploit Code

Case Study: xlockmore User Supplied Format String Vulnerability (CVE-2000-0763)

Case Study: FrontPage Denial of Service Utilizing WinSock

Stack Overflows

Heap Corruption

Format String Attacks

Windows Buffer Overflows

Case Study: cURL buffer overflow on Linux

Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (CAN-2002-0656)

Case Study: X11R6 4.2 XLOCALEDIR Overflow

Case Study: Microsoft MDAC Denial of Service

Case Study: Local UUX Buffer Overflow on HPUX

Finding Buffer Overflows in Source

Case Study: InlineEgg I

Case Study: InlineEgg II

Case Study: Seti@Home Exploit Code

Case Study: Microsoft CodeBlue Exploit Code

The Complete Data Conversion Table

Useful Syscalls

Additional Exploit References

Your Solutions Membership Gives You Access to:

Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page

“From the Author” Forum where the authors post timely updates and links to related sites

The complete code listings from the book

Downloadable chapters from the following best sellers:

Stealing the Network: How to Own a Continent

Google Hacking for Penetration Testers

Hacking the Code: ASP.NET Web Application Security

Nessus Network Auditing

About the Authors

James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine(acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.

Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania’s Wharton School of Business.

Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress Publishing, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, and the forthcoming Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1) .

Vitaly Osipov (CISSP, CISA) is currently managing intrusion detection systems for a Big 5 global investment bank from Sydney, Australia. He previously worked as a security specialist for several European companies in Dublin, Prague and Moscow. Vitaly has co-authored books on firewalls, IDS and security, including Special Ops: Host and Network Security for Microsoft, UNIX and Oracle (ISBN 1-931836-69-8) and Snort 2.0: Intrusion Detection (ISBN 1-931836-74-4). Vitaly’s background includes a long history of designing and implementing information security systems for financial, ISPs, telecoms and consultancies. He is currently studying for his second postgraduate degree in mathematics. He would like to thank his colleagues at work for the wonderful bunch of geeks they are.

Jan 22, 2005     Book Reader from New York
excellent book
This book sets the outline to help better understand buffer overflows from every aspect by not only taking real world examples but also by introducing basic concepts of writing exploits. This is done using examples which can work on practically every version of the OS.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account