Web Hacking: Attacks and Defense (Anglais) Broché – 8 août 2002
Rentrée scolaire 2017 : livres, fournitures, cartables, ordinateurs, vêtements ...
|Neuf à partir de||Occasion à partir de|
- Choisissez parmi 17 000 points de collecte en France
- Les membres du programme Amazon Prime bénéficient de livraison gratuites illimitées
- Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
- Sélectionnez cette adresse lors de votre commande
Description du produit
Présentation de l'éditeur
In the evolution of hacking, firewalls are a mere speed bump. Hacking continues to develop, becoming ever more sophisticated, adapting and growing in ingenuity as well as in the damage that results. Web attacks running over web ports strike with enormous impact. Stuart McClure's new book focuses on Web hacking, an area where organizations are particularly vulnerable. The material covers the web commerce "playground', describing web languages and protocols, web and database servers, and payment systems. The authors bring unparalleled insight to both well- known and lesser known web vulnerabilities. They show the dangerous range of the many different attacks web hackers harbor in their bag of tricks -- including buffer overflows, the most wicked of attacks, plus other advanced attacks. The book features complete methodologies, including techniques and attacks, countermeasures, tools, plus case studies and web attack scenarios showing how different attacks work and why they work.
Quatrième de couverture
--From the Foreword by William C. Boni, Chief Information Security Officer, Motorola"Just because you have a firewall and IDS sensor does not mean you aresecure; this book shows you why."
--Lance Spitzner, Founder, The Honeynet ProjectWhether it's petty defacing or full-scale cyber robbery, hackers are moving to the Web along with everyone else. Organizations using Web-based business applications are increasingly at risk. Web Hacking: Attacks and Defense is a powerful guide to the latest information on Web attacks and defense. Security experts Stuart McClure (lead author of Hacking Exposed), Saumil Shah, and Shreeraj Shah present a broad range of Web attacks and defense.
- Overview of the Web and what hackers go after
- Complete Web application security methodologies
- Detailed analysis of hack techniques
- What to do at development time to eliminate vulnerabilities
- New case studies and eye-opening attack scenarios
- Advanced Web hacking concepts, methodologies, and tools
"How Do They Do It?" sections show how and why different attacks succeed, including:
- Cyber graffiti and Web site defacements
- Database access and Web applications
- Java™ application servers; how to harden your Java™ Web Server
- Impersonation and session hijacking
- Buffer overflows, the most wicked of attacks
- Automated attack tools and worms
Appendices include a listing of Web and database ports, cheat sheets for remote command execution, and source code disclosure techniques.
Web Hacking informs from the trenches. Experts show you how to connect the dots--how to put the stages of a Web hack together so you can best defend against them. Written for maximum brain absorption with unparalleled technical content and battle-tested analysis, Web Hacking will help you combat potentially costly security threats and attacks.
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.
Détails sur le produit
Si vous vendez ce produit, souhaitez-vous suggérer des mises à jour par l'intermédiaire du support vendeur ?
Commentaires client les plus utiles sur Amazon.com
Well, if you think about the web as an e-commerce platform, then just Buy 'Web Security, Privacy & Commerce' by Garfinkel and Spafford, an excellent and classic book.
Are you interested in 'pure hacking'? I mean 'perl scripts', cross site and traversal attacks, hackers jargon, and all the related issues..... then buy 'Hacking Web Applications Exposed' by Scambray and Shema. Excellent book too, and excellent authors. But beware, it is not for newbies. You MUST have a lot of background to fully understand the attacks.
Now, what about an easier generic book, covering the same issues as the others but in a step by step and kinder way.? A book to start from zero, but leading to understand all the currently related themes. Well, if this is what you want, then 'Web Hacking' is your book. It covers all that need to be covered in this area. In an easy and well structured way. The reading is very light and the authors 'break down' of the matter, makes the contents very intuitive.
The book is structured into four main sections (covering the same areas as the previously referred books) :
** The E-commerce Playground
** URLs Unraveled
** How Do They Do It?
** Advanced Web Kung Fu
It includes also, several interesting appendixes (specially useful the 'cheat sheet' appendix).
A lot of simple case studies (of the kind 'Bob and Alice') are presented as well as some more technical analyses (Code Red, Nimda etc.)
If I were to select a book as a reference for a first course on web security, 'Web Hacking' would be my choise. Definitively.
This is not the book for the serious IT professional, you would do better to look elsewhere for security insights.
The book is also well written, and easy and fun to read. The writers do a good job of making the content fun and entertaining. You won't be disapointed with this book unless you are already very familiar with many different types of web attacks.
Both Hacking Exposed Web Applications and Web Hacking: Attacks and Defense will clearly open one's eyes to the risks of web hacking. Forgetting for a minute the myriad vulnerabilities that effect many software products (including Windows, Apache, ColdFusion, and more), both books show how poorly written software, and misconfigured web servers make the penetration of web servers child's play.
Both books provide step-by-step instructions in a easy to read style for hardening web servers against attack. For those that have read previous and are comfortable with books in the Hacking Exposed serious, Hacking Exposed Web Applications uses the same easy to read and well organized style. Web Hacking: Attacks and Defense has almost the same amount of content, but is written in a slightly more technical manner.
Both books clearly explain how hackers gather information, acquire targets, gain control, and afterwards cover their track. Anyone interested in ensuring their web servers are secured should definitely read these books.
Both books have a lot of value even for those who are not so security conscious. For those with an interest in security, one's eyes will be open to the myriad places where vulnerabilities lie, from software, to scripts, mark-up files, and more. Anyone concerned with web server security should definitely read these books, or at least ensure their system administrators do.
Rechercher des articles similaires par rubrique