XXX+Security+DDOS+Webpage.+Susan+Woo

toc =Stack-based buffer overflow = A stack-based buffer overflow is when a program writes to a full stack without first popping any data off to create space causing an overflow from fixed space in the memory of a system. This causes an overflow as the data has nowhere to go other than to overwrite data that is still in use or to spill out of the stack into unallocated space. When this happens accidentally it causes the program to crash and can lead to vulnerabilities in a system as adjacent data is corrupted. If the program is running with special privileges or accepting connections from untrusted sources a security vulnerability can arise. Data can be corrupted to allow injected code to be executed into the program.

Twilight Princess Exploit
The popular video game The Legend of Zelda:Twilight Princess was used as a way to circumvent the Nintendo Wii video game console’s security. The exploit allowed “homebrew” software to be run on the system. The way it worked was by naming the player’s horse with an unexpectedly long name. This caused a stack-based buffer overflow which lead to game data stored in memory to be overwritten and allowed people to load the “homebrewed” software from an external storage device.

Preventative Measures
Over the years a number of schemes have been developed to inhibit malicious stack buffer overflow exploitation. These may usually be classified into three categories:
 * Detect that a stack buffer overflow has occurred and thus prevent redirection of the instruction pointer to malicious code.
 * Prevent the execution of malicious code from the stack without directly detecting the stack buffer overflow.
 * Randomize the memory space such that finding executable code becomes unreliable.

=SYN Flood = When a client first wants to request a page from a server it will send it a SYN (synchronize) message. The server then sends the client back a SYN-ACK message to acknowledge the connection, finally the client sends back an ACK message to establish the connection. In an SYN flood the attacker will not send back an ACK message. An attacker may use different methods to attack, they are:
 * A SYN Flood is a form of DoS attack that consists of an attacker that sends a rapid succession of SYN requests to a server to try and consume all of its resources so that it will not be able to respond to any legitimate clients requests.
 * Direct Attack - when the attacker sends request directly from his own computer without spoofing his own IP address.
 * Spoofing-Based Attack - similar to direct attacks but the attacker will spoof his IP address so that it becomes harder to shutdown connections based on certain IPs and it is harder to locate where the attacker is.
 * Distributed Attack - when an attacker uses a bot network to flood the server. || [[image:http://upload.wikimedia.org/wikipedia/commons/9/94/Tcp_synflood.png width="229" height="286" align="center"]] ||

Countermeasures

 * Monitoring IP addresses
 * Increasing the backlog
 * Shortening SYN-Received time, so connections are cut faster if an ACK message is not sent back
 * Monitoring the ports that connections are coming through. In some SYN Floods the attacker may only use one specific port so it is easy to stop the attack by ignoring connections from that port.
 * Both SYN cache and SYN cookies are effective ways of preventing SYN Floods as they operate by reducing the resources (almost to nothing) used by a network while waiting for a confirmation ACK.

=Links=

__[] __

[|__http://en.wikipedia.org/wiki/SYN_flood__] [|__http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-4/syn_flooding_attacks.html__]