Read more
Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education. The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security. This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors.
- Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors
- Learn how to strengthen your network's host- and network-based defense against attackers' number one remote exploit-the client-side attack
- Defend your network against attacks that target your company's most vulnerable asset-the end user
List of contents
Introduction
Chapter 1: Background on Attacks
Chapter 2: A Closer Look at Client-Side Attacks
Chapter 3: A History of Web Browsers
Chapter 4: The Problem with Browsers
Chapter 5: Exploring and Exploiting Active Content
Chapter 6: Browser Defenses
Chapter 7: E-mail Client Attacks
Chapter 8: E-mail Client Defenses
Chapter 9: Web Applications
Chapter 10: Web Applications and Client Defenses
Chapter 11: Other Client-Side Attack Targets
Chapter 12: Malware
Chapter 13: Client-Side Countermeasures
Chapter 14: The Road Ahead
About the author
Sean Philip-Oriyano , CISSP, CNDA, CEH, CHFI, CEI, SCNP, MCT, CompTIA Security+, CompTIA Network+, is a 20-year veteran of the information technology field. He has created and delivered innovative training solutions for clients that include the US Air Force, US Navy, and US Army, and was hosted as a trainer at both the US Air Force Academy and Naval War College. Sean is also an experienced content developer, including textbooks, e-learning courses, test prep materials, study guides, video content, and has published on topics that include hacking and incident handling, client-side attacks, Steganography, and web application security for clients that include IBM, Amazon.com, Autodesk, Microsoft, J&B Learning, and Syngress.
Robert Shimonski is an industry expert with two decades of experience in information technology. His expertise lies in the area of cloud computing and his experience with cloud computing scales multiple industries and has touched on all three cloud computing models. Rob currently works for one of the largest healthcare providers of outsourced applications that keep large scale hospitals operational. He is the author and editor of over 100 printed books.
Summary
Presents a framework for defending your network against attacks in an environment where it might seem impossible. This title discusses along with their delivery methods, such as browser exploitation, use of rich Internet applications, and file format vulnerabilities. It includes antivirus and anti-spyware, intrusion detection systems.
