Buffer overflow protection

Discussion in 'other anti-malware software' started by rav1, May 3, 2005.

Thread Status:
Not open for further replies.
  1. rav1

    rav1 Guest

    I've found some buffer overflow protection software (DefencePlus) under Windows. Is this software really as good as it described on it's site (www.softsphere.com)? Or it's fake?
     
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi rav1,

    For a single computer on a Windows system, StackDefender is the reference aginst Buffer Overflow attack/exploit.

    By following the next linked thread, take a look at the paper that i'd linked (which is an overview and comparison of Buffer Overflow protections):

    https://www.wilderssecurity.com/showthread.php?t=75388

    In any case, i don't think that's it's necessary to have this kind of product on his line defense.
    Buffer/heap overflow are advaned attacks and are really not frequent on a home computer.

    It's better to have a PC with a 64 bit processor for instance.

    If the software that you've linked was the solution, then why Buffer overflow exploits are published each day?

    Hope this helps,

    Regards
     
  3. rav1

    rav1 Guest

    I was reading the document you referenced. It said that StackDefender is bad solution against buffer overflow. That is why I ask about DefencePlus- I've found nothing about this software.

    Maybe, because many people thinks, that they don't need protection against buffer overflow threats? As you are, for instance.....

    Negative.
     
  4. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    Firstly i hope that you have any kind of relation with the product you had linked.

    In any case:

    -Anyone has his own and personal opinion: it's our privacy.

    -Taking time for answering you could not be really considered as Negative.

    -An user has statistically more chance to be infected by a spyware, virus or a trojan that to be the victim of a Buffer Overflow exploit.

    And yes, i don't need to have a protection against this attack: i know that it's impossible for a home user to have a protection against all threats (rootkits, worms, stealth network backdoors, virus etc) and Attacks (DOS, DDOS, Buffer/heap overflow, web application attacks and so on) like those ones:

    http://www.netcontinuum.com/securityCentral/TopThreatTypes/index.cfm

    -If you know this product, then just tells us how it works and how efficient it is.

    Then now i stop my post because polemics are always a waste of time.

    Regards
     
  5. rav1

    rav1 Guest

    Yes, I know the man who programmed it.

    The developer have told me, that it is based on non-executeble stack and heap. Is it effective?
     
  6. Ianb

    Ianb Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    232
    Location:
    UK
    From the website ....... It provides a level of defense that is not provided by anti-virus and firewall software.

    Not stictly true as I know VSE 8.0i has built in protection. Anyway keeping up to date with windows update should be more than enough protection for a home user.

    and Program doesn't work with Kaspersky Antivirus 5.x. :rolleyes:
     
  7. rav1

    rav1 Guest

    I asked DefencePlus programmer about KAV compatibility. He've told me that KAV programmers are idiots. Thay take off supervisor bit from their driver's page and use direct jump from ring3 code into some function inside it. I'm in shock.
     
Loading...
Thread Status:
Not open for further replies.