Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Operating system tools
Examples: Intrusion detection,
disabling execution of code where there shouldn’t
be code
Pros:
•Disabling
the execution of code where there shouldn’t be code usually has a negligible performance cost
•Intrusion
detection systems can detect unknown attacks by monitoring user behavior for anomalies or likely attack
patterns
Cons:
•Neither
of these will prevent every kind of buffer overflow attack
•Intrusion
detection is a developing technology and is not perfect