My Account Log in

1 option

Client-side attacks and defense / Robert Shimonski, Sean-Philip Oriyano.

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Shimonski, Robert.
Contributor:
Oriyano, Sean-Philip.
Language:
English
Subjects (All):
Computer networks--Security measures.
Computer networks.
Hacktivism.
Physical Description:
1 online resource (293 p.)
Edition:
1st edition
Place of Publication:
Waltham, Mass. : Elsevier, 2012.
Language Note:
English
System Details:
text file
Summary:
Individuals wishing to attack a company's network have found a new path of least resistance-the end user. A client- side attack is one that uses the inexperience of the end user to create a foothold in the user's machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible. The most current attacks are discuss
Contents:
Front cover; Client-Side Attacks and Defense; Copyright; Dedication; Biography; Contents; Client-Side Attacks Defined; Client-Side Attacks: An Overview; Why Are Client-Side Attacks Successful?; Motivations Behind Client-Side Attacks; Types of Client-Side Attacks; Confidentiality Impact; Cookies; AutoComplete and Browser History; Clipboard Attacks; Social Engineering; Client Scanning; Integrity Impact; Cross-Site/Domain/Zone Scripting; Drive-by-Pharming; Malware; Availability Impact; Denial-of-Service (DoS); Pop-Ups and Pop-Unders; Image Flooding; Summary; Dissection of a Client-Side Attack
What Constitutes a Client-Side Attack?Initiating an Attack: A Look at Cross-Site Scripting (XSS); The Net Result; The Threats of Cross-Site Scripting; Planning the Attack; Anatomy of Some Potential Attacks; Theft of Information in User Cookies; Sending an Unauthorized or Unknown Request; Other Client-Side Attacks; Vulnerabilities that Lead to Client-Side Attacks; Summary; Reference; Protecting Web Browsers; Common Functions of a Web Browser; Features of Modern Browsers; Microsoft Internet Explorer; Features; Security; Add-ons and Other Features; Known Security Flaws in Internet Explorer
Mozilla FirefoxFeatures; Platform Support; Security; Add-ons and Other Features; Known Security Flaws in Firefox; Google Chrome; Features; Security; Add-ons and Other Features; Known Security Flaws in Google Chrome; Apple Safari; Features; Security; Add-ons and Other Features; Known Security Flaws in Apple Safari; Opera; Features; Security; Add-ons and Other Features; Known Security Flaws in Opera; Web Browsers as a Target; Selecting a Safe Web Browser; Summary; Security Issues with Web Browsers; What is Being Exposed?; Many Features, Many Risks; Exploiting Confidential Information
JavaScriptCascading Style Sheets (CSS); Exploiting what is Stored; Exploiting Internet Explorer (IE); Exploiting Firefox; Limits on Browsing History; Tabnapping; Is Private Really Private?; Summary; Advanced Web Attacks; What is Active Content?; A Mix of Active Technologies; Java and ActiveX Controls; A Closer Look at Active Content Types; Microsoft Silverlight; ActiveX; Java; JavaScript; VBScript; HTML 5; Summary; Advanced Web Browser Defenses; A Mix of Protective Measures; A Mix of Potential Threats; Locking Down the Web Browser; A Review of Browser Features and Security Risks
ActiveX Related RisksSecuring ActiveX; Oracle Java Related Risks; Java's Security Model; Securing Java; JavaScript Related Risks; Securing JavaScript; Adobe Flash Related Risks; Securing Adobe Flash; VBScript Related Risks; Securing VBScript; Browser-Based Defenses; Internet Explorer; Sandboxing; Privacy Settings; Automatic Crash Recovery; SmartScreen Filter; Cross-Site Scripting Filter; Certificate Support; InPrivate Browsing; Security zones; Content Advisor; Mozilla Firefox; Sandboxing; Crash Protection; Instant Web Site ID; Improved Phishing Prevention; Improved Malware Protection
Forget this Site
Notes:
Includes index.
Includes bibliographical references and index.
ISBN:
9781283634694
1283634694
9781597495912
1597495913
OCLC:
818816886

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account