Region: Worldwide excl. Europe   Change Region
Home   |   About Us   |   Contact Us   |  

Home > Hacking and Penetration Testing > Client-Side Attacks and Defense

Client-Side Attacks and Defense

ISBN: 9781597495905
Pages: 324
Trim: 7.5 in x 9.25 in
Publication Date: May 2012

Region: Worldwide excl. Europe - $USD
Change Region »

Paperback:
$ 49.95 USD

Client-Side Attacks and Defense

By Sean-Philip Oriyano

Description

Individuals wishing to attack a company's network have found a new path of least resistance-the end-user. A client- side attack is one that uses the inexperience of the end-user to create a foothold in the user's machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible.

The most current attacks are discussed along with their delivery methods, such as browser exploitation, use of rich Internet applications, and file format vulnerabilities. The severity of these attacks is examined along with defenses against them, including antivirus and anti-spyware, intrusion detection systems, and end-user education.




  • Design and implement your own attack and test methodologies derived from the approach and framework presented by the author

  • Learn how to strengthen your network's host- and network-based defense against attackers' number one remote exploit-the client-side attack

  • Defend your network against attacks that target your company's most vulnerable asset-the end-user

About the Authors

Sean-Philip Oriyano
CISSP, CNDA, CEH, MCSE

Contents

  • Introduction
    Chapter 1: Background on Attacks
    Chapter 2: A Closer Look at Client-Side Attacks
    Chapter 3: A History of Web Browsers
    Chapter 4: The Problem with Browsers
    Chapter 5: Exploring and Exploiting Active Content
    Chapter 6: Browser Defenses
    Chapter 7: E-mail Client Attacks
    Chapter 8: E-mail Client Defenses
    Chapter 9: Web Applications
    Chapter 10: Web Applications and Client Defenses
    Chapter 11: Other Client-Side Attack Targets
    Chapter 12: Malware
    Chapter 13: Client-Side Countermeasures
    Chapter 14: The Road Ahead