From the authors of the bestselling Hack Proofing Your Network! OPEC, Amazon, Yahoo! and E-bay: If these large, well-established and security-conscious web sites have problems, how can anyone be safe? How can any programmer expect to develop web applications that are secure? Hack Proofing Your Web Applications is the only book specifically written for application developers and webmasters who write programs that are used on web sites. It covers Java applications, XML, ColdFusion, and other database applications. Most hacking books focus on catching the hackers once they've entered the site; this one shows programmers how to design tight code that will deter hackers from the word go. Comes with up-to-the-minute web based support and a CD-ROM containing source codes and sample testing programs Unique approach: Unlike most hacking books this one is written for the application developer to help them build less vulnerable programs

Table of Contents

Foreword Chapter 1 Hacking Methodology Introduction Understanding the Terms A Brief History of Hacking Phone System Hacking Computer Hacking What Motivates a Hacker Ethical Hacking versus Malicious Hacking Working with Security Professionals Understanding Current Attack Types DoS/DDoS Virus Hacking Stealing Recognizing Web Application Security Threats Hidden Manipulation Parameter Tampering Cross-Site Scripting Buffer Overflow Cookie Poisoning Preventing Break-Ins by Thinking Like a Hacker Summary Solutions Fast Track Frequently Asked Questions Chapter 2 How to Avoid Becoming a “Code Grinder” Introduction What Is a Code Grinder Following the Rules Thinking Creatively When Coding Allowing for Thought Security from the Perspective of a Code Grinder Coding in a Vacuum Building Functional and Secure Web Applications But My Code Is Functional Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Understanding the Risks Associated with Mobile Code Introduction Recognizing the Impact of Mobile Code Attacks Browser Attacks Mail Client Attacks Malicious Scripts or Macros Identifying Common Forms of Mobile Code Macro Languages:Visual Basic for Applications (VBA) JavaScript VBScript Java Applets ActiveX Controls E-Mail Attachments and Downloaded Executables Protecting Your System from Mobile Code Attacks Security Applications Web-Based Tools Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Vulnerable CGI Scripts Introduction What Is


No. of pages:
© 2001
Electronic ISBN:
Print ISBN:

About the author