dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1
share rss forum feed

scottp99

join:2010-12-11
reply to Rebirth

Re: Buffer Overflow blocked by AV, what should I do?

@NetFixer

Well, I am very security cautious when it comes to IS Security.
I am indeed very happy that my AV blocked it, but most security experts say that even though AV blocks the nasty stuff out there, still, one should reimage or reinstall the OS because now days, most of these malicuous code can be so hooked deep inside of your system that we really should not assume that it has been blocked or removed by AV.

I did all the searches on Buffer Overflows, but has been very techy for me. Are these more dangerous than an ordinary infection by a trojan or a worm or a virus? I dont quite understand.

But in any case, I did restore my clean OS image just in case.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by scottp99:

@NetFixer

Well, I am very security cautious when it comes to IS Security.
I am indeed very happy that my AV blocked it, but most security experts say that even though AV blocks the nasty stuff out there, still, one should reimage or reinstall the OS because now days, most of these malicuous code can be so hooked deep inside of your system that we really should not assume that it has been blocked or removed by AV.

But in any case, I did restore my clean OS image just in case.

You should always do whatever makes you feel comfortable and safe (my previous post was simply my own viewpoint). FWIW, if I did not trust the security software that was on a system under my control, I would also look into replacing it with something that I did trust after a secure reformat of the HDD and reinstalling the OS.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

3 edits

1 recommendation

reply to scottp99
said by scottp99:

... Are these more dangerous than an ordinary infection by a trojan or a worm or a virus? I dont quite understand. ...

No... a buffer overflow is a description of a system's legitimate software's flaw or weakness that may be attacked by an infection to get into the computer, not a measure of the infection seriousness itself, once it has gotten in. An infection is an infection, by whatever means of arrival. Once safely inside, an initial infector may invite any number of nasty friends in from outside or it may self-contain any manner of malicious "payloads"... it all depends on the coding attached to the initial infector.

However, an exploitable buffer overflow is a weakness existing within a legitimate piece of software installed on your system, and that is grounds for continuing concern. It raises the chances for the same or some other exploit to attack that same vulnerability in some future encounter. So, if possible, you really should identify and plug that security hole, either by updating/patching the vulnerable software (preferred solution), by blocking the attack point within that software using some settings option in the software or the OS, or by making use of external protective software that responds to this kind of threat... or some combination of these.
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville