VSP memory inline protection provides the ability to stop a Buffer Error (BE) attack prior to its execution at the Probe itself. Inline protection for binary applications ensures that the errant instruction does not jump to the desired destination address, thereby, completely stopping the BE attack. In order to enable inline protection, follow the steps below:

  1. During Step 2 of Application creation/modification, when the Process Type is Binary and Buffer Error is selected, VSP provides an option to enable inline protection

    Picture 1073742273

  2. The protection mode can be Protect or Detect

    Picture 1073742276

  3. Detect – Detect only; do not perform any inline protection action

  4. Protect – After detection; stop the process PRIOR to the execution of the errant command

  5. There are two protection actions available:

    1. Kill Process – The process is killed upon BE detection

    2. Restart Process (Linux ONLY) – The process is restarted upon BE detection