contents

software
 
Comodo Launches a Set of Free Diagnostic Tests

Comodo has announced an important set of free diagnostic tests that will help users understand how vulnerable their computers are to buffer overflow attacks. Buffer overflow attacks can take many forms, including stack attacks, heap attacks and ret2libc attacks. In each case, the goal is to destabilize or crash a computer system by deliberately causing a buffer overflow - creating the opportunity for the hacker to then run malicious code and even gain control of the entire operating system.

Buffer overflow attacks are emerging as one of the Internet's most sinister mechanisms for injecting malware onto a user's computer. New "drive by download" attacks occur when a visitor navigates to a site that injects malware onto the PC, often by exploiting the vulnerability operative in the memory buffer. In fact, according toSecunia.com- a security information resource, 3 of the top 10 most searched threats are related to buffer overflow attacks.

From a technical perspective, there are three variants of buffer overflow attacks that are very prevalent on the Internet today:
- Stack overflow: A stack overflow attack occurs when too much memory is used on the call stack, the limited amount of memory used to run many program functions.
- Heap Overflow: Heap overflow is another type of buffer overflow attack that occurs when the dynamic memory allocation needed by the application is flooded causing a crash.
- Ret2libc Attacks: A return-to-libc attack is an attack usually starting with a buffer overflow, in which the return address on the stack is replaced by the address of another function in the program and the correct portion of the stack is overwritten. This attack is one of the most difficult to detect and, hence to defend against.

Comodo created its free diagnostic tests to help users understand how well prepared they are to defend against these types of attacks. Each test is a small non-destructive program that deliberately attempts to by-pass the current measures of existing security software. Based on the results of these tests, users can then take remedial action including downloading Comodo's free solutions such as its award winning Comodo Firewall Pro and Comodo Memory Guardian, a new solution (now in beta) effective at stopping 90%+ of buffer overflow attacks in both 32 bit and 64 bit environments.

To download these tests,click here(please note that free registration to the Comodo Forum is required to get these downloads if one is not currently a member). To download Comodo's free firewall, visitthis page. To download the beta version of Comodo Memory Guardian,click here.



write your comments about the article :: © 2007 Computing News :: home page