The following is reproduced here from Addison Wesley's website:
|
"Both novice and seasoned readers will come away with an
increased understanding of how Web hacking occurs and enhanced skill at
developing defenses against such Web attacks. Technologies covered
include Web languages and protocols, Web and database servers, payment
systems and shopping carts, and critical vulnerabilities associated
with URLs. This book is a virtual battle plan that will help you
identify and eliminate threats that could take your Web site off
line..."
--From the Foreword by William C. Boni, Chief Information Security Officer, Motorola
"Just because you have a firewall and IDS sensor does not mean you aresecure;
this book shows you why."
--Lance Spitzner, Founder, The Honeynet Project
|
Whether it's petty defacing or full-scale cyber robbery, hackers are
moving to the Web along with everyone else. Organizations using
Web-based business applications are increasingly at risk. Web Hacking: Attacks and Defense is a powerful guide to the latest information on Web attacks and defense. Security experts Stuart McClure (lead author of Hacking Exposed), Saumil Shah, and Shreeraj Shah present a broad range of Web attacks and defense.
Features include:
- Overview of the Web and what hackers go after
- Complete Web application security methodologies
- Detailed analysis of hack techniques
- Countermeasures
- What to do at development time to eliminate vulnerabilities
- New case studies and eye-opening attack scenarios
- Advanced Web hacking concepts, methodologies, and tools
"How Do They Do It?" sections show how and why different attacks succeed, including:
- Cyber graffiti and Web site defacements
- e-Shoplifting
- Database access and Web applications
- Java™
application servers;
how to harden your Java™
Web Server
- Impersonation and session hijacking
- Buffer overflows, the most wicked of attacks
- Automated attack tools and worms
Appendices include a listing of Web and database ports, cheat sheets
for remote command execution, and source code disclosure techniques.
Web Hacking informs from the trenches. Experts show you
how to connect the dots--how to put the stages of a Web hack together
so you can best defend against them. Written for maximum brain
absorption with unparalleled technical content and battle-tested
analysis, Web Hacking will help you combat potentially costly security threats and attacks.
Other Reviews:
|
