UID:
almahu_9948026563302882
Format:
1 online resource (293 p.)
Edition:
1st edition
ISBN:
1-283-63469-4
,
1-59749-591-3
Content:
Individuals wishing to attack a company's network have found a new path of least resistance-the end user. A client- side attack is one that uses the inexperience of the end user to create a foothold in the user's machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible. The most current attacks are discuss
Note:
Includes index.
,
Front cover; Client-Side Attacks and Defense; Copyright; Dedication; Biography; Contents; Client-Side Attacks Defined; Client-Side Attacks: An Overview; Why Are Client-Side Attacks Successful?; Motivations Behind Client-Side Attacks; Types of Client-Side Attacks; Confidentiality Impact; Cookies; AutoComplete and Browser History; Clipboard Attacks; Social Engineering; Client Scanning; Integrity Impact; Cross-Site/Domain/Zone Scripting; Drive-by-Pharming; Malware; Availability Impact; Denial-of-Service (DoS); Pop-Ups and Pop-Unders; Image Flooding; Summary; Dissection of a Client-Side Attack
,
What Constitutes a Client-Side Attack?Initiating an Attack: A Look at Cross-Site Scripting (XSS); The Net Result; The Threats of Cross-Site Scripting; Planning the Attack; Anatomy of Some Potential Attacks; Theft of Information in User Cookies; Sending an Unauthorized or Unknown Request; Other Client-Side Attacks; Vulnerabilities that Lead to Client-Side Attacks; Summary; Reference; Protecting Web Browsers; Common Functions of a Web Browser; Features of Modern Browsers; Microsoft Internet Explorer; Features; Security; Add-ons and Other Features; Known Security Flaws in Internet Explorer
,
Mozilla FirefoxFeatures; Platform Support; Security; Add-ons and Other Features; Known Security Flaws in Firefox; Google Chrome; Features; Security; Add-ons and Other Features; Known Security Flaws in Google Chrome; Apple Safari; Features; Security; Add-ons and Other Features; Known Security Flaws in Apple Safari; Opera; Features; Security; Add-ons and Other Features; Known Security Flaws in Opera; Web Browsers as a Target; Selecting a Safe Web Browser; Summary; Security Issues with Web Browsers; What is Being Exposed?; Many Features, Many Risks; Exploiting Confidential Information
,
JavaScriptCascading Style Sheets (CSS); Exploiting what is Stored; Exploiting Internet Explorer (IE); Exploiting Firefox; Limits on Browsing History; Tabnapping; Is Private Really Private?; Summary; Advanced Web Attacks; What is Active Content?; A Mix of Active Technologies; Java and ActiveX Controls; A Closer Look at Active Content Types; Microsoft Silverlight; ActiveX; Java; JavaScript; VBScript; HTML 5; Summary; Advanced Web Browser Defenses; A Mix of Protective Measures; A Mix of Potential Threats; Locking Down the Web Browser; A Review of Browser Features and Security Risks
,
ActiveX Related RisksSecuring ActiveX; Oracle Java Related Risks; Java's Security Model; Securing Java; JavaScript Related Risks; Securing JavaScript; Adobe Flash Related Risks; Securing Adobe Flash; VBScript Related Risks; Securing VBScript; Browser-Based Defenses; Internet Explorer; Sandboxing; Privacy Settings; Automatic Crash Recovery; SmartScreen Filter; Cross-Site Scripting Filter; Certificate Support; InPrivate Browsing; Security zones; Content Advisor; Mozilla Firefox; Sandboxing; Crash Protection; Instant Web Site ID; Improved Phishing Prevention; Improved Malware Protection
,
Forget this Site
,
English
Additional Edition:
ISBN 1-59749-590-5
Language:
English
Bookmarklink