Client-Side Attacks and Defense
By- Sean-Philip Oriyano, CISSP, CNDA, CEH, MCSE
- Robert Shimonski, Networking, Security, Systems, Servers, Storage, Cloud and Management
Individuals wishing to attack a companys network have found a new path of least resistance-the end user. A client- side attack is one that uses the inexperience of the end user to create a foothold in the users machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible.
The most current attacks are discussed along with their delivery methods, such as browser exploitation, use of rich Internet applications, and file format vulnerabilities. The severity of these attacks is examined along with defences against them, including antivirus and anti-spyware, intrusion detection systems, and end-user education.
Audience
Penetration Testers; Security Consultants; System and Network Administrators; IT Auditors
Paperback, 296 Pages
Published: October 2012
Imprint: Syngress
ISBN: 978-1-59749-590-5
Contents
Introduction
Chapter 1: Background on Attacks
Chapter 2: A Closer Look at Client-Side Attacks
Chapter 3: A History of Web Browsers
Chapter 4: The Problem with Browsers
Chapter 5: Exploring and Exploiting Active Content
Chapter 6: Browser Defenses
Chapter 7: E-mail Client Attacks
Chapter 8: E-mail Client Defenses
Chapter 9: Web Applications
Chapter 10: Web Applications and Client Defenses
Chapter 11: Other Client-Side Attack Targets
Chapter 12: Malware
Chapter 13: Client-Side Countermeasures
Chapter 14: The Road Ahead
