Résumé
This book goes a long way in making the Web a safer place to do business. -- Mark Curphey, Chair of the Open Web Application Security Project.
Unleash the hackers arsenal to secure your Web applications.
In todays world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how to defend against the latest Web-based attacks by understanding the hackers devious methods and thought processes. Discover how intruders gather information, acquire targets, identify weak spots, gain control, and cover their tracks. Youll get in-depth coverage of real-world hacks--both simple and sophisticated--and detailed countermeasures to protect against them.
What youll learn:
- The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
- How attackers identify potential weaknesses in Web application components
- What devastating vulnerabilities exist within Web server platforms such as Apache, Microsofts Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
- How to survey Web applications for potential vulnerabilities --including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
- Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
- Most common input validation attacks--crafted input, command execution characters, and buffer overflows
- Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
- XML Web services vulnerabilities and best practices
- Tools and techniques used to hack Web clients--including cross-site scripting, active content attacks and cookie manipulation
- Valuable checklists and tips on hardening Web applications and clients based on the authors consulting experiences
Contents
- Web Applications Security Overview
- Profiling
- Hacking Web Servers
- Surveying the Application
- Attacking Web Authentication
- Web Application Hacking
- Attacking Web Datastores
- Attacking Web Application Management Interfaces
- Hacking Web Clients
- Web Denial of Services Attacks
L'auteur - Joel Scambray
Joel Scambray is Senior Director of Security for Microsofts MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of Hacking Exposed as well as Hacking Exposed Windows 2000.
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Mc Graw Hill |
| Auteur(s) | Joel Scambray, Mike Shema |
| Parution | 08/07/2002 |
| Nb. de pages | 386 |
| Format | 19 x 23,5 |
| Couverture | Broché |
| Poids | 823g |
| Intérieur | Noir et Blanc |
| EAN13 | 9780072224382 |
Avantages Eyrolles.com
Nouveautés "Sécurité internet"
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Informatique d'entreprise Sécurité
- Informatique Réseaux et télecommunications Ouvrages généraux
- Informatique Réseaux et télecommunications Protocoles et standards
- Informatique Réseaux et télecommunications Administration réseau
- Informatique Réseaux et télecommunications Sécurité réseau Sécurité internet
