Web Security A Step By Step Reference - Couverture souple

Quatrième de couverture

Written for Web site administrators, developers, and end users, this book is a readable, real-world guide to securing your Web site with the latest in security technology, techniques, and tools. Lincoln D. Stein, keeper of the official Web Security FAQ, addresses your most pressing concerns and tells you exactly what you need to know to make your site more secure. He offers concise explanations of essential theory; helps you analyze and evaluate the risks that threaten your site and the privacy of your clients; and provides concrete, step-by-step solutions, checklists of do's and don'ts, on-line and off-line resources, and hardware and software tools that guard your site against security breaches.

Web Security approaches the topic from three different points of view--protecting the end user's confidentiality and the integrity of his or her machine, protecting the Web site from intrusion and sabotage, and protecting both from third-party eavesdropping and tampering.

You will learn about

• securing credit card transactions with the SET protocol
• document encryption with the SSL protocol
• how to guard end users against the dangers of active content and cookies
• monitoring and log tools
• controlling access with passwords, client certificates, and advanced login protocols
• remote authoring
• firewalls

In addition, the book offers practical advice on configuring the operating system securely and eliminating unnecessary features that increase vulnerability. CGI scripts introduce many of the security problems that plague the Web, and this book shows how to avoid these breaches with safe CGI-scripting techniques. You will also learn how to avoid denial-of-service attacks and prevent LAN break-ins through the Web server.

After reading this book, you will have the practical knowledge you need to ensure that your Web site, and your clients' interests, are safe from attack.

Présentation de l'éditeur

Web Security eschews lengthy discussions of security theory in favor of a practical step-by-step approach. Each section is built around a "checklist" of items that readers can use to evaluate the security of their existing Web site and take action to improve it. In addition to protecting against intruders, readers will learn how to protect a Web site from other hostile Web sites. Readers will learn which resources require protection, and how they may currently be at risk. Stein explains basic strategies for protecting an existing Web site with as little cost and disruption as possible. Also covered are the risks and security solutions associated with implementing Internet services on a Web site - including http, conferencing, email, ftp, and news gateways.