The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the Ask the Author form.

Q: What are some of the weaknesses in DNS and how are they exploited?

A: DNS does not have any built-in authentication or integrity-checking mechanisms, which leaves it susceptible to a variety of attacks, such as DNS cache spoofing and DNS MITM attacks. DNS can also be used to obtain detailed information about a network s layout.

Q: What are buffer overflows and how are they exploited?

A: A buffer overflow occurs when a program copies more data into a buffer than it can hold. As a result, memory beyond the bounds of the buffer is overwritten. By overwriting certain types of memory, attackers can point the program s execution at the code that they supply.

Q: How can I protect against buffer overflows?

A: Eliminating software vulnerabilities such as buffer overflows is something that needs to be addressed during the software development process.To mitigate the risk of such vulnerabilities, it is important to keep up-to-date on patches, and to harden systems in a way that makes exploitation of vulnerabilities more difficult.

Q: What is reverse engineering? How is it useful from...