Web Hacking: Attacks and Defense

 
9780201761764: Web Hacking: Attacks and Defense

Whether it's petty defacing or full-scale cyber-robbery, hackers are moving to the web along with everyone else. In this text, security experts Stuart McClure co-author of Hacking Exposed, Saumil Shah and Shreeraj Shah uncover the latest web attacks and defences.

Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

From the Back Cover:

"Both novice and seasoned readers will come away with an increased understanding of how Web hacking occurs and enhanced skill at developing defenses against such Web attacks. Technologies covered include Web languages and protocols, Web and database servers, payment systems and shopping carts, and critical vulnerabilities associated with URLs. This book is a virtual battle plan that will help you identify and eliminate threats that could take your Web site off line..."
--From the Foreword by William C. Boni, Chief Information Security Officer, Motorola
"Just because you have a firewall and IDS sensor does not mean you aresecure; this book shows you why."
--Lance Spitzner, Founder, The Honeynet Project
Whether it's petty defacing or full-scale cyber robbery, hackers are moving to the Web along with everyone else. Organizations using Web-based business applications are increasingly at risk. Web Hacking: Attacks and Defense is a powerful guide to the latest information on Web attacks and defense. Security experts Stuart McClure (lead author of Hacking Exposed), Saumil Shah, and Shreeraj Shah present a broad range of Web attacks and defense.

Features include:

  • Overview of the Web and what hackers go after
  • Complete Web application security methodologies
  • Detailed analysis of hack techniques
  • Countermeasures
  • What to do at development time to eliminate vulnerabilities
  • New case studies and eye-opening attack scenarios
  • Advanced Web hacking concepts, methodologies, and tools

"How Do They Do It?" sections show how and why different attacks succeed, including:

  • Cyber graffiti and Web site defacements
  • e-Shoplifting
  • Database access and Web applications
  • Java™ application servers; how to harden your Java™ Web Server
  • Impersonation and session hijacking
  • Buffer overflows, the most wicked of attacks
  • Automated attack tools and worms

Appendices include a listing of Web and database ports, cheat sheets for remote command execution, and source code disclosure techniques.

Web Hacking informs from the trenches. Experts show you how to connect the dots--how to put the stages of a Web hack together so you can best defend against them. Written for maximum brain absorption with unparalleled technical content and battle-tested analysis, Web Hacking will help you combat potentially costly security threats and attacks.



0201761769B07192002

About the Author:

Stuart McClure, President/CTO, Foundstone, Inc., brings over 12 years of IT and security experience to Foundstone. Stuart is a successful security author, speaker, and teacher whose writings have been translated into dozens of languages around the world.

Stuart is the lead author of the best-selling security book Hacking Exposed: Network Security Secrets and Solutions, which has been translated into 19 languages, and has received critical acclaim around the world. In addition, it was ranked the #4 computer book sold on Amazon in 2001, positioning it as the best selling security book ever sold.

Prior to co-founding Foundstone, Stuart was a Senior Manager with Ernst & Young's National Security Profiling Team responsible for project management, attack and penetration reviews, and security technology evaluations. Prior to Ernst & Young, Stuart was a Security Analyst for the InfoWorld Test Center where he covered the security industry and evaluated over 100 network and security products specializing in firewalls, security auditing, intrusion detection, and public key infrastructure (PKI). Prior to InfoWorld, Stuart was the IT manager for State and Local Governments, supporting Novell, NT, Solaris, AIX, and AS/400 platforms.

Stuart holds a B.A. degree from the University of Colorado, Boulder and numerous certifications including ISC2's CISSP, Novell's CNE, and Check Point's CCSE.

Saumil continues to lead the efforts in e-commerce security research at Net-Square. His focus is on researching vulnerabilities with various e-commerce and Web-based application systems. Saumil also provides information security consulting services to Net-Square clients, specializing in ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than eight years experience with system administration, network architecture, integrating heterogenous platforms and information security, and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Saumil is a regular speaker at security conferences such as BlackHat, RSA, etc.

Previously, Saumil was the Director of Indian Operations for Foundstone Inc, where he was instrumental in developing their Web application security assessment methodology, the Web assessment component of FoundScan--Foundstone's Managed Security Services software and was instrumental in pioneering Foundstone's Ultimate Web Hacking training class.

Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young, where he was responsible for the company's ethical hacking and security architecture solutions. Saumil has also worked at the Indian Institute of Management, Ahmedabad, as a research assistant and is currently a visiting faculty member there.

Saumil graduated from Purdue University with a master's degree in computer science and a strong research background in operating systems, networking, information security, and cryptography. At Purdue, he was a research assistant in the COAST (Computer Operations, Audit and Security Technology) laboratory. He got his undergraduate degree in computer engineering from Gujarat University, India. Saumil is also the author of The Anti-Virus Book (Tata McGraw-Hill, 1996).

Shreeraj leads the software development and research arm of Net-Square. His role is to develop new methodologies for Web application security assessment and defense. In the past, he has been involved in several Web application assessment projects, protocol analysis, code reviews, ethical Web hacking, etc. He has also been a speaker at RSA and BlackHat.

Shreeraj has vast experience in the fields of security, application development, and network administration in addition to his strong technical background, client management skills, project management, and research methodologies. He was a member of the core development team for the Web application assessment engine at Foundstone. Shreeraj also worked with Chase Manhattan Bank in their middleware application division. Prior to joining Chase, Shreeraj worked with IBM's Domino Application Server team.

Shreeraj graduated from Marist College with a master's degree in computer science. He received his MBA at the Nirma Institute of Managment, India. He got his bachelor's degree in instrumentation and controls engineering from Gujarat University, India. Shreeraj has also authored quite a few white papers during his academic period both in India and USA.



0201761769AB04252003

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

1.

McClure, Stuart; Shah, Saumil; Shah, Shreeraj
Editore: Addison-Wesley Professional
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi PAPERBACK Quantità: 1
Da
Your Online Bookstore
(Houston, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional. PAPERBACK. Condizione libro: New. 0201761769 Ships promptly. Codice libro della libreria HGT3657EGIF080616H0350A

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 6,86
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 4,20
Da: U.S.A. a: Italia
Destinazione, tempi e costi

2.

Stuart McClure, Shah Saumil, Shah Shreeraj
Editore: Pearson Education (US), United States (2002)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Paperback Quantità: 1
Da
The Book Depository
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2002. Paperback. Condizione libro: New. Language: English . Brand New Book. In the evolution of hacking, firewalls are a mere speed bump. Hacking continues to develop, becoming ever more sophisticated, adapting and growing in ingenuity as well as in the damage that results. Web attacks running over web ports strike with enormous impact. Stuart McClure s new book focuses on Web hacking, an area where organizations are particularly vulnerable. The material covers the web commerce playground , describing web languages and protocols, web and database servers, and payment systems. The authors bring unparalleled insight to both well- known and lesser known web vulnerabilities. They show the dangerous range of the many different attacks web hackers harbor in their bag of tricks -- including buffer overflows, the most wicked of attacks, plus other advanced attacks. The book features complete methodologies, including techniques and attacks, countermeasures, tools, plus case studies and web attack scenarios showing how different attacks work and why they work. Codice libro della libreria AAS9780201761764

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 32,85
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: Italia
Destinazione, tempi e costi

3.

Stuart McClure, Shah Saumil, Shah Shreeraj
Editore: Pearson Education (US), United States (2002)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Paperback Quantità: 1
Da
The Book Depository US
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2002. Paperback. Condizione libro: New. Language: English . Brand New Book. In the evolution of hacking, firewalls are a mere speed bump. Hacking continues to develop, becoming ever more sophisticated, adapting and growing in ingenuity as well as in the damage that results. Web attacks running over web ports strike with enormous impact. Stuart McClure s new book focuses on Web hacking, an area where organizations are particularly vulnerable. The material covers the web commerce playground , describing web languages and protocols, web and database servers, and payment systems. The authors bring unparalleled insight to both well- known and lesser known web vulnerabilities. They show the dangerous range of the many different attacks web hackers harbor in their bag of tricks -- including buffer overflows, the most wicked of attacks, plus other advanced attacks. The book features complete methodologies, including techniques and attacks, countermeasures, tools, plus case studies and web attack scenarios showing how different attacks work and why they work. Codice libro della libreria AAS9780201761764

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 33,06
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: Italia
Destinazione, tempi e costi

4.

Stuart McClure, Shreeraj Shah and Saumil Shah
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Quantità: 1
Da
Castle Rock
(Pittsford, NY, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Condizione libro: Brand New. Book Condition: Brand New. Codice libro della libreria 97802017617641.0

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 12,96
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 21,23
Da: U.S.A. a: Italia
Destinazione, tempi e costi

5.

Stuart McClure; Saumil Shah; Shreeraj Shah
Editore: Addison-Wesley Professional (2002)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Paperback Prima edizione Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2002. Paperback. Condizione libro: New. book. Codice libro della libreria M0201761769

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 24,42
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 10,19
Da: U.S.A. a: Italia
Destinazione, tempi e costi

6.

McClure, Stuart
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Quantità: 1
Da
Paperbackshop-US
(Wood Dale, IL, U.S.A.)
Valutazione libreria
[?]

Descrizione libro 2002. PAP. Condizione libro: New. New Book. Shipped from US within 10 to 14 business days. Established seller since 2000. Codice libro della libreria KB-9780201761764

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 23,79
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 12,74
Da: U.S.A. a: Italia
Destinazione, tempi e costi

7.

Stuart McClure, Saumil Shah, Shreeraj Shah
Editore: Pearson Education 2002-08-08, Boston, Mass. |London (2002)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi paperback Quantità: 1
Da
Blackwell's
(Oxford, OX, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education 2002-08-08, Boston, Mass. |London, 2002. paperback. Condizione libro: New. Codice libro della libreria 9780201761764

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 33,82
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 4,38
Da: Regno Unito a: Italia
Destinazione, tempi e costi

8.

Stuart McClure, Shah Saumil, Shah Shreeraj, Saumil Shah, Shreeraj Shah
Editore: Pearson Education (US)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Paperback Quantità: 7
Da
THE SAINT BOOKSTORE
(Southport, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US). Paperback. Condizione libro: new. BRAND NEW, Web Hacking: Attacks and Defense, Stuart McClure, Shah Saumil, Shah Shreeraj, Saumil Shah, Shreeraj Shah, In the evolution of hacking, firewalls are a mere speed bump. Hacking continues to develop, becoming ever more sophisticated, adapting and growing in ingenuity as well as in the damage that results. Web attacks running over web ports strike with enormous impact. Stuart McClure's new book focuses on Web hacking, an area where organizations are particularly vulnerable. The material covers the web commerce "playground', describing web languages and protocols, web and database servers, and payment systems. The authors bring unparalleled insight to both well- known and lesser known web vulnerabilities. They show the dangerous range of the many different attacks web hackers harbor in their bag of tricks -- including buffer overflows, the most wicked of attacks, plus other advanced attacks. The book features complete methodologies, including techniques and attacks, countermeasures, tools, plus case studies and web attack scenarios showing how different attacks work and why they work. Codice libro della libreria B9780201761764

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 32,71
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 6,51
Da: Regno Unito a: Italia
Destinazione, tempi e costi

9.

McClure, StuartShah, SaumilShah, Shreeraj
Editore: Prentice Hall
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Quantità: > 20
Da
INDOO
(Avenel, NJ, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Prentice Hall. Condizione libro: New. Brand New. Codice libro della libreria 0201761769

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 27,35
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 15,29
Da: U.S.A. a: Italia
Destinazione, tempi e costi

10.

McClure, Stuart, Shah, Saumil, Shah, Shr
Editore: Addison-Wesley Professional (2002)
ISBN 10: 0201761769 ISBN 13: 9780201761764
Nuovi Paperback Quantità: 2
Da
Murray Media
(North Miami Beach, FL, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2002. Paperback. Condizione libro: New. Never used!. Codice libro della libreria P110201761769

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 28,50
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 16,98
Da: U.S.A. a: Italia
Destinazione, tempi e costi

Vedi altre copie di questo libro

Vedi tutti i risultati per questo libro