Day 4: Conferences: Protecting Systems from Stack Smashing Attacks with StackGuard



Stackguard was developped in a university by students. Crispin Cowan explained how it works and how effective it is.

[picture]

Stackguard will not stop 100% of exploits (one with SuperProbe and one with Perl 5.003). It can stop attacks that Solar Designer's non executable patch don't stop and the opposite is also true. Crispin said that there is no reason not to run both at the same time.

On microbenchmarks, stackguard does add some noticeable overhead to function calls, but in real life with daemons like ssh or apache, there is no measurable slowdown.

You can find more information by looking at his slides, which are in the middle of the picture library, or you can also download and view the PDF version that was sent to me by Crispin.

Here is also a link to a demo he made of a program crashing with and without crashguard (1280x960)

[library] Picture library [back] Back to Main Page [next] Next page


[ms free site] Email
Link to Home Page

99/05/24 (22:13): Version 1.0
99/05/30 (11:12): Version 1.1. Added pdf of slides sent to me by Crispin Cowan