heya... i think this would be the best spot to post this, so here i am.
OK:
my question is about hackers/hacking and buffer overflows.
how does this work? alot of security notices i have seen (regardless of system/os) are related to buffer/integer overflows, and they say that it can lead to remote execution of arbitrary code, usually.
so for example... in some c program, say its a simple console app' and it is asking for a input of a name. the program internally has a string (character array) with max length of 10 characters.. if i enter an 11-character name, this can somehow be accomplished? (i know thats very simple example) or in what-case scenarios?
how is the remote code executed and where is it stored? is the code some command-line statement? or is the code a call to some function in the source code file it resides in, with the supplied paramaters?
just in general.. i have been wondering how this works. if someone could share their knowledge on this, or point me to a good link about it (not one intended for someone with a phD, however).. that would be appreciated.
NOTE:
this post is strictly for informational purposes... i do _not_ intend to go 'leet haxor' into someones computer with any knowledge i gain from this. in fact, it could only benefit me for future programming too
(writing safer code). if this post is inapproprite on this site, i understand and apologize.
BTW..
i would say im still very new to linux (i guess it isnt really a linux-directed question though), and i use ubuntu whenever i have spare time to fool around and break stuff
, all other times i run xp pro. i am just finishing 2nd year of college for computer programming, so i do have knowledge in programming.