Firewall and AntiVirus Free Software Download from Comodo
Rated • 1 review • freeware, security, buffer overflow • comodo.com
Buffer overflow protection by Comodo Memory firewall... My pick with reservations
Exploits using Buffer overflow attacks are a very common method used to attack machines. The holy grail in Buffer overflow attacks are ones that result in
"remote execution of arbitrary code", which in layperson speak means the attacker can run whatever code he wants on your machine, without you having to do anything.
Needless to say they are a great danger. Vista users are more protected than XP users because of ASLR and other extra features. XP users might have DEP but this is not a complete defense.
Most HIPS with the exception of Threatfire and Prevx do not directly address Buffer overflows but block/reduce the damage further downstream.
For instance, if you are hit by a buffer overflow, it usually downloads from the net a dropper (malware program) and tries to run it, but when this new program tries to start, your HIPs will warn you and stop it from starting. Sandbox type HIPS will similarly protect you because any thing that runs will be restricted from doing any non-reversal damage etc.
That said it is theortically possible for shell code in buffer overflow attacks to cause damage directly.
There are few freeware specific anti-buffer-overflow protection apps.
Comodo memory firewall is one of them! It has recently moved out of beta.
Exploits using Buffer overflow attacks are a very common method used to attack machines. The holy grail in Buffer overflow attacks are ones that result in
"remote execution of arbitrary code", which in layperson speak means the attacker can run whatever code he wants on your machine, without you having to do anything.
Needless to say they are a great danger. Vista users are more protected than XP users because of ASLR and other extra features. XP users might have DEP but this is not a complete defense.
Most HIPS with the exception of Threatfire and Prevx do not directly address Buffer overflows but block/reduce the damage further downstream.
For instance, if you are hit by a buffer overflow, it usually downloads from the net a dropper (malware program) and tries to run it, but when this new program tries to start, your HIPs will warn you and stop it from starting. Sandbox type HIPS will similarly protect you because any thing that runs will be restricted from doing any non-reversal damage etc.
That said it is theortically possible for shell code in buffer overflow attacks to cause damage directly.
There are few freeware specific anti-buffer-overflow protection apps.
Comodo memory firewall is one of them! It has recently moved out of beta.
