لطفا منتظر باشید ...
My Buffer Overflow-eth
One of the most popular methods that hackers use to break in to computers is via buffer overflows. The buffer overflow technique attempts to feed crazy streams of data to programs in order to make them behave in ways their designers never intended. (A detailed description of what a queue does is beyond the scope of this book. Suffice it to say that Linux uses a queue to store instructions and addresses for later use.) The result of the buffer overflow is that sometimes the program provides the hacker with a shell or other open door when it fails.The shell created by a buffer overflow is an open door to your computer. Sometimes, the shell has root (superuser) privileges, and then the hacker owns your system.Here are some simple techniques you can use to minimize buffer overflows:The first line of defense is simply to minimize the number of services you run. You run zero risk of compromise from a buffer overflow vulnerability in Service A if you don’t run that service.For example, the Lion worm wreaked havoc in spring 2001. Lion exercised vulnerability in the Linux sendmail and lpd printer services. Computers that didn’t run those services weren’t vulnerable to the Lion worm.
The second line of defense is to update your Red Hat Linux computer as often as possible. Red Hat posts package updates, as they become available, that fix vulnerabilities. Buffer overflow fixes comprise many of the package updates. Updating your system fixes many buffer overflow vulnerabilities.
