Buffer overflow protection

I've found some buffer overflow protection software (DefencePlus) under Windows. Is this software really as good as it described on it's site (www.softsphere.com)? Or it's fake?

 

Hi rav1,

For a single computer on a Windows system, StackDefender is the reference aginst Buffer Overflow attack/exploit.

By following the next linked thread, take a look at the paper that i'd linked (which is an overview and comparison of Buffer Overflow protections):

https://www.wilderssecurity.com/showthread.php?t=75388

In any case, i don't think that's it's necessary to have this kind of product on his line defense.
Buffer/heap overflow are advaned attacks and are really not frequent on a home computer.

It's better to have a PC with a 64 bit processor for instance.

If the software that you've linked was the solution, then why Buffer overflow exploits are published each day?

Hope this helps,

Regards

 

I was reading the document you referenced. It said that StackDefender is bad solution against buffer overflow. That is why I ask about DefencePlus- I've found nothing about this software.

Maybe, because many people thinks, that they don't need protection against buffer overflow threats? As you are, for instance.....

Negative.

 

Hi,

Firstly i hope that you have any kind of relation with the product you had linked.

In any case:

-Anyone has his own and personal opinion: it's our privacy.

-Taking time for answering you could not be really considered as Negative.

-An user has statistically more chance to be infected by a spyware, virus or a trojan that to be the victim of a Buffer Overflow exploit.

And yes, i don't need to have a protection against this attack: i know that it's impossible for a home user to have a protection against all threats (rootkits, worms, stealth network backdoors, virus etc) and Attacks (DOS, DDOS, Buffer/heap overflow, web application attacks and so on) like those ones:

http://www.netcontinuum.com/securityCentral/TopThreatTypes/index.cfm

-If you know this product, then just tells us how it works and how efficient it is.

Then now i stop my post because polemics are always a waste of time.

Regards

 

Yes, I know the man who programmed it.

The developer have told me, that it is based on non-executeble stack and heap. Is it effective?

 

From the website ....... It provides a level of defense that is not provided by anti-virus and firewall software.

Not stictly true as I know VSE 8.0i has built in protection. Anyway keeping up to date with windows update should be more than enough protection for a home user.

and Program doesn't work with Kaspersky Antivirus 5.x.

 

I asked DefencePlus programmer about KAV compatibility. He've told me that KAV programmers are idiots. Thay take off supervisor bit from their driver's page and use direct jump from ring3 code into some function inside it. I'm in shock.