InfoSecurity 2008 Threat Analysis book cover

InfoSecurity 2008 Threat Analysis

Paperback, 480 Pages

Published: October 2007

Imprint: Syngress

ISBN: 978-1-59749-224-9

Contents


  • Foreword

    Part I: Botnets

    Chapter 1 Botnets: A Call to Action

    Introduction

    The Killer Web App

    How Big is the Problem?

    The Industry Responds

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 2 Botnets Overview

    What is a Botnet?

    The Botnet Life Cycle

    What Does a Botnet Do?

    Botnet Economic

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Part II Cross Site Scripting Attacks

    Chapter 3 Cross-site Scripting Fundamentals

    Introduction

    Web Application Security

    XML and AJAX Introduction

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 XSS Theory

    Introduction

    Getting XSS'ed

    DOM-based XSS in Detail

    Redirection

    CSRF

    Flash, QuickTime, PDF, Oh My

    HTTP Response Injection

    Source vs. DHTML Reality

    Bypassing XSS Length Limitations

    XSS Filter Evasion

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 XSS Attack Methods

    Introduction

    History Stealing

    Intranet Hacking

    XSS Defacements

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    References

    Part III Physical and Logical Security Convergence

    Chapter 6 Protecting Critical

    Infrastructure: Process Control and SCADA

    Introduction

    Technology Background: Process Control Systems

    Why Convergence?

    Threats and Challenges

    Conclusion

    Chapter 7 Final Thought

    Introduction

    Final Thoughts from William Crower

    Final Thoughts from Dan Dunkel

    Final Thoughts from Brian Contos

    Final Thoughts from Colby DeRodeoff

    Part IV PCI Compliance

    Chapter 8 Why PCi is Important

    Introduction

    What is PCI?

    Overview of PCI Requirements

    Risks and Consequences

    Benefits of Compliance

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Protect Cardholder Data

    Protecting Cardholder Data

    PCI Requirement 3: Protect Stored Cardholder Data

    PCI Requirement 4~Encrypt Transmission of Cardholder Data Across Open, Public Networks

    Using Compensating Controls

    Mapping Out a Strategy

    The Absolute Essentials

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Part V Asterisk and VolP Hacking

    Chapter 10 Understanding and Taking Advantage of VolP Protocols

    Introduction

    Your Voice to Data

    Making Your Voice Smaller

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 11 Asterisk Hardware Ninjutsu

    Introduction

    Serial

    Motion

    Modems

    Fun with Dialing

    Legalities and Tips

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Part VI Hack the Stack

    Chapter 12 Social Engineering

    Introduction

    Attacking the People Layer

    Defending the People Layer

    Making the Case for Stronger Security

    People Layer Security Project

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Index


Advertisement

advert image