$38.95

FREE International Returns

No Import Fees Deposit & $17.95 Shipping to Finland Details

Delivery Friday, July 26. Order within 22 hrs 30 mins

Or fastest delivery Friday, July 12

Deliver to Finland

In Stock

$$38.95 () Includes selected options. Includes initial monthly payment and selected options. Details

Ships from

Amazon.com

Ships from

Amazon.com

Sold by

Amazon.com

Sold by

Amazon.com

Returns

Eligible for Return, Refund or Replacement within 30 days of receipt

Returnable	Yes
Resolutions	Eligible for refund or replacement
Return Window	30 days from delivery
Refund Timelines	Typically, an advance refund will be issued within 24 hours of a drop-off or pick-up. For returns that require physical verification, refund issuance may take up to 30 days after drop-off or pick up. Where an advance refund is issued, we will re-charge your payment method if we do not receive the correct item in original condition. See details here.
Late fee	A late fee of 20% of the item price will apply if you complete the drop off or pick up after the ‘Return By Date’.
Restocking fee	A restocking fee may apply if the item is not returned in original condition and original packaging, or is damaged or missing parts for reasons not due to Amazon or seller error. See details here.

Returns

Eligible for Return, Refund or Replacement within 30 days of receipt

Returnable	Yes
Resolutions	Eligible for refund or replacement
Return Window	30 days from delivery
Refund Timelines	Typically, an advance refund will be issued within 24 hours of a drop-off or pick-up. For returns that require physical verification, refund issuance may take up to 30 days after drop-off or pick up. Where an advance refund is issued, we will re-charge your payment method if we do not receive the correct item in original condition. See details here.
Late fee	A late fee of 20% of the item price will apply if you complete the drop off or pick up after the ‘Return By Date’.
Restocking fee	A restocking fee may apply if the item is not returned in original condition and original packaging, or is damaged or missing parts for reasons not due to Amazon or seller error. See details here.

Return instructions

Item must be in original condition and packaging along with tag, accessories, manuals, and inserts. Unlock any electronic device, delete your account and remove all personal information.

Read full return policy

Payment

Secure transaction

Payment

Secure transaction

We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more

Details

Add a gift receipt for easy returns

$16.99

FREE International Returns

Cover is clean/shows minor shelfwear, binding is excellent, pages are clean/unmarked. Cover is clean/shows minor shelfwear, binding is excellent, pages are clean/unmarked. See less

Delivery July 22 - 31

Or fastest delivery July 10 - 22

Deliver to Finland

In Stock

$$38.95 () Includes selected options. Includes initial monthly payment and selected options. Details

Access codes and supplements are not guaranteed with used items.

Enhancements you chose aren't available for this seller. Details

${cardName} not available for the seller you chose

${cardName} unavailable for quantities greater than ${maxQuantity}.

Sold by usedbooks2ya and Fulfilled by Amazon.

Other sellers on Amazon

New & Used (13) from $2.39

Follow the author

Vitaly Osipov

Follow

Buffer Overflow Attacks: Detect, Exploit, Prevent 1st Edition

by Jason Deckard (Author)

4.2 23 ratings

See all formats and editions

{"desktop_buybox_group_1":[{"displayPrice":"$38.95","priceAmount":38.95,"currencySymbol":"$","integerValue":"38","decimalSeparator":".","fractionalValue":"95","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"ANPyoLwvK1F4FW%2FYbWvMxNDHfBNmuLtVICXoqB7FI%2Fnk0oXpyha8EylX%2BK3HDPE7lp051dYex6fqzYCKpVZyjwofnFNHEpdi%2B5tTF22xJYZmmgV5V%2BcWaKa3ABeXeReZaFafhX4OaCE%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$16.99","priceAmount":16.99,"currencySymbol":"$","integerValue":"16","decimalSeparator":".","fractionalValue":"99","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"ANPyoLwvK1F4FW%2FYbWvMxNDHfBNmuLtVjQUxdZL3yqQwd2Yl5qWmNttymShLaCxylcMRF90uSsN2DaA54fpQ4SEkesx8haT%2Ftln8LNE9KMeEkhibIEpZA3lMUV5PAElCkuQC11HFE6FM4o5iCtPEdq2tlQ0ygoWxRi%2FVCkEBSHdBvuamOXiKx0pVGqY9%2F3qZ","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows.
None of the current-best selling software security books focus exclusively on buffer overflows.
This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

ISBN-10

1932266674
ISBN-13

978-1932266672
Edition

1st
Publisher

Syngress
Publication date

March 7, 2005
Language

English
Dimensions

6.06 x 1.38 x 9.02 inches
Print length

304 pages
See all details

Ben Clark
521
Paperback
$13.41
$15.20 shipping
James Forshaw
228
Paperback
$33.97
$16.97 shipping
Only 20 left in stock (more on the way).
Chris Anley
189
Paperback
$35.52
$19.40 shipping

Product details

Publisher ‏ : ‎ Syngress; 1st edition (March 7, 2005)
Language ‏ : ‎ English
Paperback ‏ : ‎ 304 pages
ISBN-10 ‏ : ‎ 1932266674
ISBN-13 ‏ : ‎ 978-1932266672
Item Weight ‏ : ‎ 1.37 pounds
Dimensions ‏ : ‎ 6.06 x 1.38 x 9.02 inches

Best Sellers Rank: #3,368,086 in Books (See Top 100 in Books)
- #4,475 in Software Development (Books)
- #8,107 in Computer Security & Encryption (Books)
- #55,288 in Law (Books)

Customer Reviews:
4.2 23 ratings

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Videos

Help others learn more about this product by uploading a video!

Upload your video

About the author

Follow authors to get new release updates, plus improved recommendations.

Vitaly Osipov

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Vitaly Osipov was born in Soviet Union when it still was a thing. He spent 20 years living working in information security (which is called "cyber" nowadays) in five countries all over the globe. He is currently enjoying his early (40s) retirement.

He either has an encyclopedic set of interests or simply suffers from an attention span of a goldfish, he has not decided that yet.

Customer reviews

4.2 out of 5

23 global ratings

How customer reviews and ratings work

Sort reviews by

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

Yeoun Jae Kim

Clearly explains the internals of Buffer overflow attacks

Reviewed in the United States on November 13, 2013

Verified Purchase

I have not finished this book yet(still reading). But this book clearly explains the basics of stack overflow, off by one, heap overflow and string format attacks. The writing style is very good and if you have some knowledge of assembly language and want to write buffer overflow attack code from grounds up, spanning from Linux, freeBSD to Windows, this book is for you. One flaw of this book is some mistyping.

Reviewed in the United States on September 3, 2015

Verified Purchase

Great!!!!
As advertised...

Reviewed in the United States on January 19, 2021

Verified Purchase

Good high level topics but definitely some topics are out of date

Reviewed in the United States on July 20, 2015

nice book

Finally a book on BO attacks

Reviewed in the United States on March 30, 2005

Buffer overflow attacks have been around for over 30 years, finally there is a book on the topic.

this is a valuable title and worth the wait!

2 people found this helpful

Helpful

Byron Sonne

Full of errors and inconsistencies

Reviewed in the United States on July 29, 2008

Does Syngress (the publisher) employ proof readers?

I doubt it. This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.

And then there's the confusion of ESP and EIP in several places throughout the book. For a collection of 'expert information' it comes off as a rather amateurish production. Makes you wonder... what else have they got wrong?

You'll notice this is very much the same as the review I've posted for "Sockets, Shellcode, Porting & Coding"... that is because it too is horrendous for errors.

This is 2 books from Syngress I've got that are very poor quality. What's going on guys?

5 people found this helpful

Helpful

Anthony Lawrence

Disturbing

Reviewed in the United States on February 26, 2005

This book upset me. Not really the book itself, that's great, but what it implies: that this type of exploit hasn't gone away. I thought things were getting better, but the author explains that is an illusion: it's just that the reporting slacked off.

It is hard to believe that programmers keep making the same mistakes over and over again. This book shows what those mistakes are and how hackers exploit them. You need a good understanding of assembly language to get much out of this, but if you do have that background, this is a real eye-opener.

Extremely detailed, and some of this is a bit of a reach for me (it's been many a year since I did any C or Assembler), but it is fascinating, though in the same sense that watching a tiger stalk you would be: it's scary.

Certainly recommended for people who are writing code today, and I hope more of them pay attention, though the authors attitude seems to be that these problems will continue to plague us.

4 people found this helpful

Helpful

Richard Bejtlich

Better books are now available

Reviewed in the United States on July 28, 2011

I read "Buffer Overflow Attacks" as part of a collection of books on writing exploit code (reviewed separately). I have to give credit to the author team for writing one of the first books on this subject; Syngress published BOA in 2005, when the subject received less published coverage. However, better books are available now if you want to learn the sort of material found in BOA.

I'd like to offer a few reasons for a two star review. First, the book is published in a weird format -- 8.8 x 6 x 1.3 inches. I don't know why the publisher produced such a physically small but thick book. Second, this book suffers from too many authors addressing the same issues. BOA is disorganized and internally repetitive. There's no consistent style; some chapters prefer to show memory as a line of characters, others show hex dumps, while others show screen captures. Third, in many sections the writing style is too difficult to follow. Often code is listed for the reader, followed by page upon page of "Analysis." It's tough to match the explanation with the code. Furthermore, many of these Analysis sections have mistakes or look incomplete. Finally, the material itself isn't very compelling. For example, the "introduction to assembly" in chapter 2 is weak, and the book doesn't mention the differences between Intel and AT&T syntax until p 179!

One other point -- if you have the Syngress book Writing Security Tools and Exploits (WSTAE), you already have most of BOA. Ch 1 and Ch 2 appears to be the same in both books. Ch 3 in BOA is Ch 5 in WSTAE, 4 in BOA is 6 in WSTAE, 5 in BOA is 7 in WSTAE, and so on. Duplication of chapters was a problem for Syngress in the mid-2000s, unfortunately.

Thankfully, Syngress and others are publishing much better offensive security books now. I recommend checking for newer resources.

9 people found this helpful

Helpful

Top reviews from other countries

Yay!!

Old but classic

Reviewed in the United Kingdom on May 30, 2014

Verified Purchase

This is old, but don't let that put you off. It's a classic book, with great indepth knowledge of how c fails to bound check a buffer, and how that overflows into the stack. Why the EIP is the target of the overflow, to redirect the flow of the program and gain control.

It's in depth, and if you need to understand the stack, registers in addition to buffer overflows, you can't go wrong. It's a brilliant book.

Daniel

Good while it lasted.

Reviewed in the United Kingdom on December 19, 2016

Verified Purchase

Seemed like a good book, until i left it in the front seat on a flight. Doh!

See more reviews

Price		$38.95
AmazonGlobal Shipping		$17.95
Estimated Import Fees Deposit		$0.00

Total		$56.90

Return this item for free

Shipping & Fee Details

Return instructions

Return instructions

Return this item for free

Image Unavailable

Follow the author