Orange County Computer Consultant

My photo
Orange County Computer Consultant helps small businesses with networking, installations and small business software.

Sunday, July 31, 2005

Buffer Overflows

Buffer Overflows tend to happen in C or C++ when a program writes data beyond the allocated space of a buffer in memory. The system can then be used to execute malicious code. To prevent this use software that utilizes bounds checking.
Java manages memory automatically it is nearly impossible to code a overflow for Java.There are a couple of security patches for Linux distributions such as exec-shield and PaX. OpenBSD comes with kernel and memory security enabled. There are also practically no remote exploits for OpenBSD.
I love Open Source for the fact that you can read the source code, therefore find these exploits and bugs and communicate with a community of developers that can create a solution instead of ignoring the problem. I dont feel I should have to get Service Packs every time a hole is found in Windows, let alone pay for such security-prone software.