Lesson 10

Date: 4/2/2014

Basics of Linux Security

Linux for Engineering and IT Applications

Stack overflow example

A buffer overflow is the result of stuffing more data into a buffer than it can handle.

In the example, the program has a function with a typical buffer overflow coding error.

Dangerous functions for stack overflow (don't check the string boundaries): strcat(), strcpy(), sprintf(), vsprintf(), gets(), scanf().

To exploit such flaw, an attacker would need to give a specially crafted encoded input. It can be done localy by using a rootkit or over a network by sending a packet with improperly advertised lengths.


#include <string.h>

void function(char *str) {

char buffer[16];

strcpy(buffer,str);
}


int main() {
char large_string[256];
int i;

for( i = 0; i < 255; i++)
large_string[i] = 'A';

function(large_string);
}

Fundamentals of Linux security
How systems get compromised
Trojan script exercise
Stack overflow
Package upgrades and verification
Open Ports List exercise
Closing Ports
TCP Wrappers exercise
IP filtering firewalls (iptables)
Building iptables rules
Simple iptables script
NAT table
NAT script
Exercises with iptables
Port scanning exercises
GNU Privacy Guard
GPG exercises
Logs
System Integrity checks
GNUtar exercises
References
Take me to the Course Website