Client-Side Attacks and Defense

Couverture
Newnes, 28 sept. 2012 - 296 pages
Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education. The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security. This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors.
  • Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors
  • Learn how to strengthen your network's host- and network-based defense against attackers' number one remote exploit—the client-side attack
  • Defend your network against attacks that target your company's most vulnerable asset—the end user
 

Pages sélectionnées

Table des matières

ClientSide Attacks Defined
1
Dissection of a ClientSide Attack
25
Protecting Web Browsers
49
Security Issues with Web Browsers
91
Advanced Web Attacks
107
Advanced Web Browser Defenses
129
Messaging Attacks and Defense
165
Web Application Attacks
195
Mobile Attacks
223
Securing Against ClientSide Attack
243
Index
269
Droits d'auteur

Autres éditions - Tout afficher

Client-Side Attacks and Defense
Sean-Philip Oriyano,Robert Shimonski
Aperçu limité - 2012

Expressions et termes fréquents

active content ActiveX controls Add-ons Adobe Flash allow anti-virus Apple Safari applets applications browser browsing certificates chapter client system client-side attacks common configure consider cookies cross-site scripting defenses designed desktop digital signature dynamic content email client encryption end user environment example execute exploited files Firefox functionality Google Chrome host index.dat interaction Internet Explorer iPhone Java JavaScript known Mac OS X malicious code malware Microsoft mitigate mobile devices Mozilla Mozilla Firefox NOTE operating system passwords patches phishing platform plug-ins potential present privacy mode problem protect protocols sandboxing scripting language security features security flaws security professional security settings seen in Figure server server-side Silverlight spam specific SQL injections stored target threats Thunderbird types of attacks updated user’s VBScript vendors victim virus vulnerabilities web applications Windows XAML

À propos de l'auteur (2012)

Sean-Philip Oriyano (CISSP, CNDA, CEH, MCSE) is a veteran of the Information Teechnology and engineering fields, working with a wide variety of organizations to deliver unique and innovative solutions. He has spent his time in the field working with nearly all aspects of IT and management with special emphasis on Information Security concepts, techniques, and practices. Sean is an advocate of strong security knowledge and practices, has workd with clients such as the U.S. Air Force, U.S. Navy, U.S. Army, and has been sought out to instruct at locations such as the U.S. Air Force Academy and Naval War College.Sean is an experienced content developer and technical writer who has published articles on the IT and Information Security fields. Sean counts IBM, Amazon, Autodesk, and Microsoft among his clients. Sean publishes content regularly and publishes this information on his web site at www.oriyano.com and shares his knowledge in his classes and lectures.Sean is a member of EC-Council, InfraGard, and BECCA.

Robert Shimonski is a technology executive specializing in healthcare IT for one of the largest health systems in America. In his role at Northwell Health, Rob is a decision maker and strategy planner for information systems operations and technology services. In his current role, Rob is responsible for bringing operational support into the future with the help of new technologies such as cloud and Artificial Intelligence. He is a best-selling author and editor with over 15 years’ experience developing, producing, and distributing print media in the form of books, magazines, and periodicals. Rob’s professional experience includes work for CompTIA, Entrepreneur Magazine, Microsoft, McGraw-Hill Education, Cisco, the US National Security Agency, and Digidesign. Rob has a diverse background in the publishing, including roles such as author, co-author, technical editor, copy editor, and developmental editor. Since print media shifted to the digital domain, Rob has focused the past decade on developing the needed skills to produce professional audio and video media. His research interests are focused on innovation and developing new solutions to create efficiency and bringing forth better outcomes through technology solutions. Rob has a master’s degree in IT Management and a master’s degree in Industrial Psychology. He is author of Cyber Reconnaissance, Surveillance and Defense, Introduction to Microsoft Certification and Study Skills, and MCSA Windows Server 2003 Upgrade to Server 2008 Technology Specialist Exam Prep from Syngress/Elsevier.

Informations bibliographiques

TitreClient-Side Attacks and Defense
AuteursSean-Philip Oriyano, Robert Shimonski
ÉditeurNewnes, 2012
ISBN1597495913, 9781597495912
Longueur296 pages
  
Exporter la citationBiBTeX EndNote RefMan