Forwarded by my friends at Galos (http://www.galois.com), here is a nice blog entry on various kinds of mitigations for common operating systems attacks. I was familiar with several of them (stack canaries, hardware productions and address space layout randomization), but this article does a great job of outlining these techniques in just a page or two.

In the article you’ll also find a link to an article entitled Smashing The Stack For Fun And Profit (http://insecure.org/stf/smashstack.html) that is a nice view from the “other side”. Lots of nifty code in there with significant detail on how stack-based attacks are perpetrated. Of course I don’t condone this kind of thing, but you have to know what the bad guys are doing if you’re going to stop them.