Part 1 Describe in about a paragraph at least one defense ag

Part 1: Describe, in about a paragraph, at least one defense against buffer overflow attacks. Your description should tell why the defense is effective. A single sentence will not do as an answer.
:In a separate paragraph, explain why buffer overflow vulnerabilities remain common. Give at least two reasons.

Solution

Buffer vulnerability attacks:
   Buffer overflows have been the most common form of security vulnerability for the last ten years. More over, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated.

Defending Against Buffer Overflows:
   There are four basic mechanisms of defense against buffer overflow attacks: writing correct programs; enlisting the help of the operating system to make storage areas for buffers non-executable; enhanced compilers that perform bounds checking; and performing integrity checks on code pointers before dereferencing them.

   If we take Code pointer integrity checking seeks to detect that a code pointer has been corrupted before it is dereferenced (and thus prevent the pointer from being used).Code pointer integrity checking has the disadvantage relative to bounds checking that it does not perfectly solve the buffer overflow problem; overflows that affect program state components other than code pointers will still succeed. However, it has substantial advantages in terms of performance, compatibility with existing code, and implementation effort.
   The buffer overflow remains the crown jewel of attacks, and it is likely to remain so for years to come. Part of this has to do with the common existence of vulnerabilities leading to buffer overflow. If holes are there, thewill be exploited. Languages that have out-of-date memory management capability such as C and C++ make buffer overflows more common than they should be.As long as developers remain unaware of the security ramifications of using certain everyday library functions and system calls, the
buffer overflow vulnerabilities remain common.