Bulletproof SSL and TLS - Ivan Ristic

Bulletproof SSL and TLS

Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

(Autor)

Buch | Softcover
528 Seiten
2014
Feisty Duck Ltd (Verlag)
978-1-907117-04-6 (ISBN)
55,90 inkl. MwSt
  • Titel nicht im Sortiment
  • Artikel merken
Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.
In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done: Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version For IT security professionals, help to understand the risks For system administrators, help to deploy systems securely For developers, help to design and implement secure web applications Practical and concise, with added depth when details are relevant Introduction to cryptography and the latest TLS protocol version Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority Guide to using OpenSSL to test servers for vulnerabilities Practical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and Tomcat

Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site. He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. He's currently Director of Application Security Research at Qualys.

Preface Part I: SSL/TLS and PKI 1. SSL, TLS, and Cryptography 2. Protocol 3. Public Key Infrastructure 4. Attacks against PKI 5. HTTP and Browser Issues 6. Implementation Issues 7. Protocol Attacks Part II: Deployment and Development 8. Deployment 9. Performance Optimization 10. HSTS, CSP and Pinning Part III: Practical Configuration 11. OpenSSL Cookbook 12. Testing with OpenSSL 13. Configuring Apache 14. Configuring Java and Tomcat 15. Configuring Microsoft Windows and IIS 16. Configuring Nginx

Erscheint lt. Verlag 31.7.2014
Verlagsort London
Sprache englisch
Maße 191 x 235 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 1-907117-04-0 / 1907117040
ISBN-13 978-1-907117-04-6 / 9781907117046
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00