Previous Topic: Disable CA ControlMinder Kernel InterceptionsNext Topic: Enable STOP


Stack Overflow Protection

Stack Overflow Protection (STOP) is a feature that prevents hackers from creating and exploiting stack overflow to break into systems. Stack overflow enables hackers to execute arbitrary commands on remote or local systems, many times as the administrator. They do this by exploiting bugs in the operating system or other programs. These special types of bugs permit users to overwrite the program stack, changing the next command to be executed.

STOP works by intercepting crucial operating system calls to each application on the computer. Each call is then given an initial analysis before being sent for further analysis if it is seems suspicious. Further analysis is performed using data from the STOP configuration and signature files.