Mitigating Attack Types Part 1

  • Buffer overflows

    • Buffer - A placeholder in memory where you intend to store some data

    • Overflow – Store more data than the buffer can handle.

Diagram Description automatically generated

  • How to mitigate buffer overflows

    • Safer functions and programming languages

    • ASLR = Address Space Layout Randomization

    • Stack canary

    • DEP = Data Execution Prevention

  • Race Conditions – Inconsistent system state due to timing of operations

    • Time of check / Time of use (TOC/TOU)

    • Transactions at the same time.

    • Mitigate with locks of some kind.

  • Improper Error Hangling

    • Handle errors, don’t just crash!

    • Deallocate memory. Hide sensitive info.

  • Software Design Issues

    • Insecure components: careful when reusing code

    • Insufficient logging and monitoring

    • Weak or default configurations

    • Broken authentication

    • Dereferencing

PreviousSoftware Assessment and Code ReviewNextMitigating Attack Types Part 2

Last updated