Book Description
Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education.
The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security.
This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors.- Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors
- Learn how to strengthen your network's host- and network-based defense against attackers' number one remote exploit—the client-side attack
- Defend your network against attacks that target your company's most vulnerable asset—the end user
Table of Contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication and Thanks
- Biography
- Chapter 1. Client-Side Attacks Defined
- Client-Side Attacks: An Overview
- Types of Client-Side Attacks
- Summary
- Chapter 2. Dissection of a Client-Side Attack
- What Constitutes a Client-Side Attack?
- Summary
- Reference
- Chapter 3. Protecting Web Browsers
- Common Functions of a Web Browser
- Microsoft Internet Explorer
- Mozilla Firefox
- Google Chrome
- Apple Safari
- Opera
- Web Browsers as a Target
- Summary
- Chapter 4. Security Issues with Web Browsers
- What is Being Exposed?
- Summary
- Chapter 5. Advanced Web Attacks
- What is Active Content?
- A Closer Look at Active Content Types
- Summary
- Chapter 6. Advanced Web Browser Defenses
- A Mix of Protective Measures
- Summary
- Chapter 7. Messaging Attacks and Defense
- Evolution of the Email Client
- Messaging Attacks and Defense
- Summary
- Chapter 8. Web Application Attacks
- Understanding Web Applications
- Web Application Attacks and Defense
- What’s the Target?
- Summary
- Chapter 9. Mobile Attacks
- Mobile Devices and Client-Side Attacks
- Summary
- Chapter 10. Securing Against Client-Side Attack
- Security Planning
- Securing Applications and Infrastructure
- Securing Clients
- Summary
- Index