Client-side attacks and defense

Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education. The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security. This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors.

Author Notes

Sean-Philip Oriyano (CISSP, CNDA, CEH, MCSE) is a veteran of the Information Teechnology and engineering fields, working with a wide variety of organizations to deliver unique and innovative solutions. He has spent his time in the field working with nearly all aspects of IT and management with special emphasis on Information Security concepts, techniques, and practices. Sean is an advocate of strong security knowledge and practices, has workd with clients such as the U.S. Air Force, U.S. Navy, U.S. Army, and has been sought out to instruct at locations such as the U.S. Air Force Academy and Naval War College.

Sean is an experienced content developer and technical writer who has published articles on the IT and Information Security fields. Sean counts IBM, Amazon, Autodesk, and Microsoft among his clients. Sean publishes content regularly and publishes this information on his web site at www.oriyano.com and shares his knowledge in his classes and lectures.

Sean is a member of EC-Council, InfraGard, and BECCA.

Rob Shimonski (www.shimonski.com) is an experienced entrepreneur and an active participant in the business community. Rob is a best-selling author and editor with over 15 years experience developing, producing and distributing print media in the form of books, magazines and periodicals. To date, Rob has successfully created over 100 books that are currently in circulation. Rob has worked for countless companies to include CompTIA, Entrepreneur Magazine, Microsoft, McGraw Hill Education, Cisco, the National Security Agency and Digidesign. Rob has an extremely diverse background in the print media industry filling roles such as author, co-author, technical editor, copy editor and developmental editor. Since print media shifted to the digital domain, Rob has focused the past decade on developing all of the needed skills to produce professional audio and video media. An expert in Digital Audio Workstation (DAW) design and video production, Rob has created over 500 different media packages to include commercials for TV, online advertising clips, audio podcasts and much more. Rob started to train others while in the US Marine Corps. Since, Rob has held a NY State teaching certificate as well as multiple trainer roles in colleges and trade schools across the world.

Introduction

Chapter 1 Background on Attacks

Chapter 2 A Closer Look at Client-Side Attacks

Chapter 3 A History of Web Browsers

Chapter 4 The Problem with Browsers

Chapter 5 Exploring and Exploiting Active Content

Chapter 6 Browser Defenses

Chapter 7 E-mail Client Attacks

Chapter 8 E-mail Client Defenses

Chapter 9 Web Applications

Chapter 10 Web Applications and Client Defenses

Chapter 11 Other Client-Side Attack Targets

Chapter 12 Malware

Chapter 13 Client-Side Countermeasures

Chapter 14 The Road Ahead

Available:*

On Order

Summary

Summary

Author Notes

Table of Contents