Newsletter   Secure Checkout   View Cart (0 items)  
Search:    Welcome Guest! Save up to 30-40% on most items with our awesome everyday discounts!

Buffer Overflow Attacks [Paperback]

By James C. Foster (Editor)
Our Price $ 25.87  
Retail Value $ 36.95  
You Save $ 11.09  (30%)  
Item Number 255922  
Buy New $25.87
Out Of Stock!
Currently Out Of Stock
Currently unavailable...

Item description for Buffer Overflow Attacks by James C. Foster...

Will the Code You Write Today Headline Tomorrow's BugTraq Mail List?
  • Includes Numbered-by-Line Exploit Code Examples That Illustrate the Differences Between Stack Overflows, Heap Corruption, and Format String Bugs
  • Provides Case Studies for Most Major Platforms and Environments, Including Windows, FreeBSD, FrontPage, and Linux
  • Avoid Worm or Custom Exploits by Analyzing Your Source Code to Detect Buffer Overflow Vulnerabilities
Forensic investigations of notorious Internet attacks, such as the SQL Slammer and Blaster Worms, reveal buffer overflows to be the sophisticated hacker's "vulnerability of choice". These worms crippled the Internet and cost billions of dollars to clean up. Now, even more powerful and insidious threats have appeared in the form of "custom exploits". These one-time only exploits are custom crafted to attack your enterprise, making them even more difficult to detect and defend. No catchy names, no media coverage; just your own personal disaster. James C. Foster's Buffer Overflow Attacks clearly demonstrates that the only way to defend against the endless variety of buffer overflow attacks is to implement a comprehensive design, coding and test plan for all of your applications. From Dave Aitel's Foreword through the last appendix, this is the only book dedicated exclusively to detecting, exploiting, and preventing buffer overflow attacks. CONTENTS OF THIS BOOK INCLUDEBuffer Overflows: The EssentialsUnderstanding ShellcodeWriting ShellcodeWin32 AssemblyCase Study: FreeBSD NN Exploit CodeCase Study: xlockmore User Supplied Format String Vulnerability (CVE-2000-0763)Case Study: FrontPage Denial of Service Utilizing WinSockStack OverflowsHeap CorruptionFormat String AttacksWindows Buffer OverflowsCase Study: cURL buffer overflow on LinuxCase Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (CAN-2002-0656)Case Study: X11R6 4.2 XLOCALEDIR OverflowCase Study: Microsoft MDAC Denial of ServiceCase Study: Local UUX Buffer Overflow on HPUXFinding Buffer Overflows in SourceCase Study: InlineEgg ICase Study: InlineEgg IICase Study: Seti@Home Exploit CodeCase Study: Microsoft CodeBlue Exploit Code The Complete Data Conversion TableUseful SyscallsAdditional Exploit References

Promise Angels is dedicated to bringing you great books at great prices. Whether you read for entertainment, to learn, or for literacy - you will find what you want at!

Item Specifications...

Pages   497
Est. Packaging Dimensions:   Length: 1.25" Width: 6" Height: 8.75"
Weight:   1.5 lbs.
Binding  Softcover
Release Date   Feb 1, 2005
Publisher   Syngress
ISBN  1932266674  
ISBN13  9781932266672  

Availability  0 units.

More About James C. Foster

Register your artisan biography and upload your photo! Foster is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions.

Are You The Artisan or Author behind this product?
Improve our customers experience by registering for an Artisan Biography Center Homepage.

Product Categories

1Books > Subjects > Computers & Internet > Digital Business & Culture > Privacy
2Books > Subjects > Computers & Internet > General
3Books > Subjects > Computers & Internet > Networking > Networks, Protocols & API's > General
4Books > Subjects > Computers & Internet > Networking > Networks, Protocols & API's > Network Security
5Books > Subjects > Law > General
6Books > Subjects > Professional & Technical > Law > General

Reviews - What do customers think about Buffer Overflow Attacks?

Full of errors and inconsistencies  Jul 29, 2008
Does Syngress (the publisher) employ proof readers?

I doubt it. This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.

And then there's the confusion of ESP and EIP in several places throughout the book. For a collection of 'expert information' it comes off as a rather amateurish production. Makes you wonder... what else have they got wrong?

You'll notice this is very much the same as the review I've posted for "Sockets, Shellcode, Porting & Coding"... that is because it too is horrendous for errors.

This is 2 books from Syngress I've got that are very poor quality. What's going on guys?
Great book to start with.  Sep 14, 2006
This is a great book to start understanding buffer overflows with. You do need some fimiliarity with assembly or you are not going to understand the code that is through out this book, almost every other page.

This gives step by step examples in reading, creating and disassembling shellcode and buffer overflows. I'v read some of the other reviews which suggest their was not much proof reading done it seems like it. I myself found many spelling erros but technical wise I have yet to see any. Maybe my second read I will find some.
Proofread? Editorial and Technical reveiw?....  Mar 4, 2006
For a book dedicated to such an important topic, my experience with this book was at best disappointing. This goes both for the authors (as they are primarily responsible for the material), as well as the publisher (Syngress). One would doubt whether the book has gone through any meaningful editorial review process. The errata posted on Syngress' site (bad site-design with a great deal of broken URLs in the book's relevant-links page by the way, and one "has to" sign up to obtain the errata) are utterly incomplete. The book at the time of this writing lacks an accompanying website (no reference in the errata or in the book itself).

This is an unfortunate development that one certainly notices in the recent publications pertaining to security topic, perhaps as a result of the urge to push content out to satisfy the hot-market demands.

On the technical front, the choice for the topics seems to be reasonably covering most corners; however, throughout the book there's a focus on pre-SP2 release of Microsoft Windows XP; why? If one of the objectives of the authors was to educate the audience on the topics (by providing practical and working examples), wouldn't such choice defeat the purpose?
Finally a book on BO attacks  Mar 30, 2005
Buffer overflow attacks have been around for over 30 years, finally there is a book on the topic.

this is a valuable title and worth the wait!
Disturbing  Feb 27, 2005
This book upset me. Not really the book itself, that's great, but what it implies: that this type of exploit hasn't gone away. I thought things were getting better, but the author explains that is an illusion: it's just that the reporting slacked off.

It is hard to believe that programmers keep making the same mistakes over and over again. This book shows what those mistakes are and how hackers exploit them. You need a good understanding of assembly language to get much out of this, but if you do have that background, this is a real eye-opener.

Extremely detailed, and some of this is a bit of a reach for me (it's been many a year since I did any C or Assembler), but it is fascinating, though in the same sense that watching a tiger stalk you would be: it's scary.

Certainly recommended for people who are writing code today, and I hope more of them pay attention, though the authors attitude seems to be that these problems will continue to plague us.

Write your own review about Buffer Overflow Attacks

Ask A Question or Provide Feedback regarding Buffer Overflow Attacks

Item Feedback and Product Questions
For immediate assistance call 888.395.0572 during the hours of 10am thru 8pm EST Monday thru Friday and a customer care representative will be happy to help you!

Help us continuously improve our service by reporting your feedback or questions below:

I have a question regarding this product
The information above is incorrect or conflicting
The page has misspellings or incorrect grammar
The page did not load correctly in my browser or created an error.

Email Address:
Anti Spam Question. To combat spammers we require that you answer a simple question.
What color is the sky?
Leave This Blank :
Do Not Change This Text :

Add This Product Widget To Your Website

Looking to add this information to your own website? Then use our Product Widget to allow you to display product information in a frame that is 120 pixels wide by 240 pixels high.

    Copy and paste the following HTML into your website and enjoy!

Order toll-free weekdays 10am thru 10pm EST by phone: 1-888-395-0572 (Lines are closed on holidays & weekends.)
Customer Service | My Account | Track My Orders | Return Policy | Request Free Catalog | Email Newsletter

Gift Certificates
RSS Feeds
About Us
Contact Us
Terms Of Use
Privacy Policy