Evading Firewalls, IDS, and Honeypots

Buffer Overflows

• C programs are especially susceptible to buffer overflow attacks.
• Buffer overflows occur when a program puts more data into a buffer than it can hold.
• A heap is a memory space that is dynamically allocated. Heap-based buffer overflows are different from stack-based buffer overflows in that the stack-based buffer overflow depends on overflowing a fixed length buffer.
• A range of software products can be used to defend against buffer overflows, including Return Address Defender (RAD), StackGuard, and Immunix.