Web Security - Lincoln D. Stein

Web Security

A Step-by-Step Reference Guide
Buch | Softcover
448 Seiten
1998
Addison Wesley (Verlag)
978-0-201-63489-1 (ISBN)
32,95 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
Intended for Web site administrators, developers, and end users, this book provides information on securing your Web site with the security technology, techniques, and tools. It offers explanations of essential theory; helps analyze and evaluate the risks that threaten your site; and provides solutions, checklists of do's and don'ts; and more.
Web Security eschews lengthy discussions of security theory in favor of a practical step-by-step approach. Each section is built around a "checklist" of items that readers can use to evaluate the security of their existing Web site and take action to improve it. In addition to protecting against intruders, readers will learn how to protect a Web site from other hostile Web sites. Readers will learn which resources require protection, and how they may currently be at risk. Stein explains basic strategies for protecting an existing Web site with as little cost and disruption as possible. Also covered are the risks and security solutions associated with implementing Internet services on a Web site - including http, conferencing, email, ftp, and news gateways.

Lincoln Stein has an M.D. and is a scientist at Cold Spring Harbor Laboratory. When the Web first emerged, he created and maintained one of the earliest Internet sites for distribution of Human Genome Project data and has since become an acknowledged expert in Web, network, and Perl programming. Known for his exceptional ability to synthesize and present complex information, he writes for The Perl Journal and Web Techniques magazines and is the author of four other books. 0201634899AB04062001

Preface.


1. What Is Web Security?


The Three Parts of Web Security.



Risks.



The Layout of This Book.

I. DOCUMENT CONFIDENTIALITY.

2. Basic Cryptography.


How Cryptography Works.



Symmetric Cryptography.



Public Key Cryptography.



Online Resources.



Printed Resources.

3. SSL, SET, and Digital Payment Systems.


Secure Sockets Layer.



SET and Other Digital Payment Systems.



Checklist.



Online Resources.



SET and Other Digital Money Systems.

II. CLIENT-SIDE SECURITY.

4. Using SSL.


SSL at Work.



Personal Certificates.



Checklist.



Online Resources.



Printed Resources.

5. Active Content .


Bad by Design or Bad by Accident? .



Traditional Threats .



Helper Applications and Plug-Ins .



Java .



ActiveX.



JavaScript and VBScript.



The Browser as a Security Hole.



Exotic Technologies.



What Can You Do?



Changing Active Content Settings.



Checklist.



Resources.

6. Web Privacy.


What Web Surfing Reveals.



Server Logs.



Cookies.



PICS.



Advice for Users.



Advice for Webmasters.



Policy Initiatives.



Checklist.



Resources.

III. SERVER-SIDE SECURITY.

7. Server Security.


Why Are Websites Vulnerable?



Frequently Asked Questions about Web Server Security.



Overview: Steps to Securing a Website.



Online Resources.

8. UNIX Web Servers.


Hardening a UNIX Web Server.



Configuring the Web Server.



Monitoring Logs.



Monitor the Integrity of System Files and Binaries.



Back Up Your System.



Checklist.



Online Resources.



Printed Resources.

9. Windows NT Web Servers.


NT Security Concepts.



Windows NT Security Risks.



Securing a Windows NT Web Server.



Configuring the Web Server.



Checklist.



Online Resources.



Printed Resources.

10. Access Control.


Types of Access Control.



Access Control Based on IP Address or Host Name.



Access Control Based on User Name and Password.



Other Types of Access Control.



Access Control and CGI Scripts.



Checklist.



Online Resources.

11. Encryption and Certificate-Based Access Control.


SSL-Enabled Web Servers.



Using Client Certificates for Access Control.



Using Client Certificates for Web Server Access Control.



Becoming Your Own Certifying Authority.



Final Words.



Checklist.



Online Resources.



Printed Resources.

12. Safe CGI Scripting.


Introduction to CGI Scripts and Server Modules.



Common Failure Modes.



Other Advice.



Safe Scripting in Perl.



CGI Wrappers.



Checklist.



Online Resources.



Printed Resources.

13. Remote Authoring and Administration.


Degrees of Trust.



Controlling Access to the Web Server Host.



Remote Authoring Via FTP.



Microsoft FrontPage.



The HTTP PUT Protocol.



An Upload Staging Area.



Administering the Web Server Remotely.



Access to the Server for Web Developers.



Checklist.



Online Resources.



Printed Resources.

14. Web Servers and Firewalls.


What Is a Firewall?



Selecting a Firewall System.



Configuring a Firewall.



Automatic Proxy Configuration for Browsers.



Examining Firewall Logs for Signs of Server Compromise.



Checklist.



Online Resources.



Printed Resources.

Bibliography.
Index.

Erscheint lt. Verlag 14.1.1998
Verlagsort Boston
Sprache englisch
Maße 236 x 187 mm
Gewicht 726 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
Mathematik / Informatik Informatik Web / Internet
ISBN-10 0-201-63489-9 / 0201634899
ISBN-13 978-0-201-63489-1 / 9780201634891
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00