Ethical Hacking: Buffer Overflow
by James D. Murray
Pluralsight is not an official partner or accredited training center of
EC-Council. Understanding buffer overflows can be difficult unless you know the basics. This course teaches the basics by not assuming you are a programmer or computer scientist.
What you'll learn
Pluralsight is not an official partner or accredited training center of
EC-Council. Buffer overflow is a topic that only software developers using low-level programming languages really get an opportunity to fully understand. However, IT security professionals are increasingly called upon to better understand how vulnerabilities created by poor software design and implementation practices can be exploited to create security issues in systems and networks. The problem is that most IT professionals do not have the extensive software development background needed to tackle the subject of buffer overflow. This course breaks down the technical subjects of computer memory management, controlling code, and data inside of a running program, and exploiting poor quality software into terms that IT people with no software development experience can understand. Also examined are ways to prevent buffer overflow conditions and minimize the impact of buffer overflows that do happen. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
About the author
James D. Murray is an active information security professional and a deprecated software engineer. Mr. Murray started thinking about programming in 1978 when he wrote his first BASIC program on a Commodore PET computer. His first job was building printed circuit boards for the Apple ][ and original IBM PC computers, but he didn't really consider programming as a possible profession until 1981 after "finding" access to several UNIX systems with C compilers and connected to ARPAnet and BITNET. (Pl... moreaying computer games were also discovered to a severe distraction at this time as well.)
Mr. Murray worked professionally as a software developer for over 25 years at companies with businesses ranging from computer gaming to cyberdefense contracting, to telecommunications, to R&D. He also worked for the publisher O’Reilly & Associates writing computer books as a staff writer. Mr. Murray currently teaches information security courses at Stanbridge College in Southern California and works as a network security analyst for a Fortune 20 company.
Mr. Murray has as Masters Degree in MSIT Information Security from Capella University and has been awarded many IT certifications, including CISSP, SSCP, GSEC, CEH, EnCE, CWSP, Security+, and CCNA. He is also a co-administrator of the IT certifications Web site, www.TechExams.Net, where he answers all manner of questions from people regarding IT certifications.