Overview

Written for Web site administrators, developers, and end users, this book is a readable, real-world guide to securing your Web site with the latest in security technology, techniques, and tools. Lincoln D. Stein, keeper of the official Web Security FAQ, addresses your most pressing concerns and tells you exactly what you need to know to make your site more secure. He offers concise explanations of essential theory; helps you analyze and evaluate the risks that threaten your site and the privacy of your clients; and provides concrete, step-by-step solutions, checklists of do's and don'ts, on-line and off-line resources, and hardware and software tools that guard your site against security breaches. Web Security approaches the topic from three different points of view--protecting the end user's confidentiality and the integrity of his or her machine, protecting the Web site from intrusion and sabotage, and protecting both from third-party eavesdropping and tampering. You will learn about *securing credit card transactions with the SET protocol *document encryption with the SSL protocol *how to guard end users against the dangers of active content and cookies *monitoring and log tools *controlling access with passwords, client certificates, and advanced login protocols *remote authoring *firewalls In addition, the book offers practical advice on configuring the operating system securely and eliminating unnecessary features that increase vulnerability. CGI scripts introduce many of the security problems that plague the Web, and this book shows how to avoid these breaches with safe CGI-scripting techniques. You will also learn how to avoid denial-of-service attacks and prevent LAN break-ins through the Web server. After reading this book, you will have the practical knowledge you need to ensure that your Web site, and your clients' interests, are safe from attack. 0201634899B04062001

Full Product Details

Author:   Lincoln D. Stein
Publisher:   Pearson Education (US)
Imprint:   Addison Wesley
Dimensions:   Width: 23.60cm , Height: 2.00cm , Length: 18.70cm
Weight:   0.726kg
ISBN:  

9780201634891

ISBN 10:   0201634899
Pages:   448
Publication Date:   14 January 1998
Audience:   College/higher education ,  Tertiary & Higher Education
Format:   Paperback
Publisher's Status:   Out of Print
Availability:   Out of stock  

Table of Contents

Preface. 1. What Is Web Security? The Three Parts of Web Security. Risks. The Layout of This Book. I. DOCUMENT CONFIDENTIALITY. 2. Basic Cryptography. How Cryptography Works. Symmetric Cryptography. Public Key Cryptography. Online Resources. Printed Resources. 3. SSL, SET, and Digital Payment Systems. Secure Sockets Layer. SET and Other Digital Payment Systems. Checklist. Online Resources. SET and Other Digital Money Systems. II. CLIENT-SIDE SECURITY. 4. Using SSL. SSL at Work. Personal Certificates. Checklist. Online Resources. Printed Resources. 5. Active Content . Bad by Design or Bad by Accident? . Traditional Threats . Helper Applications and Plug-Ins . Java . ActiveX. JavaScript and VBScript. The Browser as a Security Hole. Exotic Technologies. What Can You Do? Changing Active Content Settings. Checklist. Resources. 6. Web Privacy. What Web Surfing Reveals. Server Logs. Cookies. PICS. Advice for Users. Advice for Webmasters. Policy Initiatives. Checklist. Resources. III. SERVER-SIDE SECURITY. 7. Server Security. Why Are Websites Vulnerable? Frequently Asked Questions about Web Server Security. Overview: Steps to Securing a Website. Online Resources. 8. UNIX Web Servers. Hardening a UNIX Web Server. Configuring the Web Server. Monitoring Logs. Monitor the Integrity of System Files and Binaries. Back Up Your System. Checklist. Online Resources. Printed Resources. 9. Windows NT Web Servers. NT Security Concepts. Windows NT Security Risks. Securing a Windows NT Web Server. Configuring the Web Server. Checklist. Online Resources. Printed Resources. 10. Access Control. Types of Access Control. Access Control Based on IP Address or Host Name. Access Control Based on User Name and Password. Other Types of Access Control. Access Control and CGI Scripts. Checklist. Online Resources. 11. Encryption and Certificate-Based Access Control. SSL-Enabled Web Servers. Using Client Certificates for Access Control. Using Client Certificates for Web Server Access Control. Becoming Your Own Certifying Authority. Final Words. Checklist. Online Resources. Printed Resources. 12. Safe CGI Scripting. Introduction to CGI Scripts and Server Modules. Common Failure Modes. Other Advice. Safe Scripting in Perl. CGI Wrappers. Checklist. Online Resources. Printed Resources. 13. Remote Authoring and Administration. Degrees of Trust. Controlling Access to the Web Server Host. Remote Authoring Via FTP. Microsoft FrontPage. The HTTP PUT Protocol. An Upload Staging Area. Administering the Web Server Remotely. Access to the Server for Web Developers. Checklist. Online Resources. Printed Resources. 14. Web Servers and Firewalls. What Is a Firewall? Selecting a Firewall System. Configuring a Firewall. Automatic Proxy Configuration for Browsers. Examining Firewall Logs for Signs of Server Compromise. Checklist. Online Resources. Printed Resources. Bibliography. Index.

Reviews

Author Information

Lincoln Stein has an M.D. and is a scientist at Cold Spring Harbor Laboratory. When the Web first emerged, he created and maintained one of the earliest Internet sites for distribution of Human Genome Project data and has since become an acknowledged expert in Web, network, and Perl programming. Known for his exceptional ability to synthesize and present complex information, he writes for The Perl Journal and Web Techniques magazines and is the author of four other books. 0201634899AB04062001

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions