An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking. Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.

Key Features

* Provides IT Security Professionals with a first look at likely new threats to their enterprise * Includes real-world examples of system intrusions and compromised data * Provides techniques and strategies to detect, prevent, and recover * Includes coverage of PCI, VoIP, XSS, Asterisk, Social Engineering, Botnets, and Convergence


* Co-branded Syngress and Infosecurity Magazine and featuring best of breed writers from both * Featured placement on, ads in Infosecurity print magazine (25K circ, 10K in U.S.), and in e-newsletter (15K circ) * Featured at Infosecurity booth at high traffic shows such as Infosecurity US, Infosecurity Canada, and Infosecurity Europe

Table of Contents

Foreword Part I: Botnets Chapter 1 Botnets: A Call to Action Introduction The Killer Web App How Big is the Problem? The Industry Responds Summary Solutions Fast Track Frequently Asked Questions Chapter 2 Botnets Overview What is a Botnet? The Botnet Life Cycle What Does a Botnet Do? Botnet Economic Summary Solutions Fast Track Frequently Asked Questions Part II Cross Site Scripting Attacks Chapter 3 Cross-site Scripting Fundamentals Introduction Web Application Security XML and AJAX Introduction Summary Solutions Fast Track Frequently Asked Questions Chapter 4 XSS Theory Introduction Getting XSS'ed DOM-based XSS in Detail Redirection CSRF Flash, QuickTime, PDF, Oh My HTTP Response Injection Source vs. DHTML Reality Bypassing XSS Length Limitations XSS Filter Evasion Summary Solutions Fast Track Frequently Asked Questions Chapter 5 XSS Attack Methods Introduction History Stealing Intranet Hacking XSS Defacements Summary Solutions Fast Track Frequently Asked Questions References Part III Physical and Logical Security Convergence Chapter 6 Protecting Critical Infrastructure: Process Control and SCADA Introduction Technology Background: Process Control Systems Why Convergence? Threats and Challenges Conclusion Chapter 7 Final Thought Introduction Final Thoughts from William Crower Final Thoughts from Dan Dunkel Final Thoughts from Brian Contos Final Thoughts fro


No. of pages:
© 2008
Print ISBN:
Electronic ISBN: