Titel: | Vulnerability analysis and defense for the Internet |
Mitwirkende: | Singh, Abhishek [Hrsg.] |
| Singh, Baibhav |
| Joseph, Hirosh |
Verf.angabe: | by Abhishek Singh (ed.) ... |
Verlagsort: | New York, NY |
Verlag: | Springer |
Jahr: | 2008 |
Umfang: | XVI, 254 S. |
Illustrationen: | 20 schw.-w. Ill |
Format: | 235 mm x 155 mm |
Gesamttitel/Reihe: | Advances in information security ; 37 |
Fussnoten: | Bandzählung laut Vorlage |
Inhalt: | Cover -- TOC Table of Contents -- CH 1.0 Wireless Security -- 1.1 Introduction -- 1.2 Wired Equivalent Privacy protocol -- 1.2.1 Analysis of WEP flaws -- 1.2.2 Key Stream Reuse -- 1.2.3 Message Modification -- 1.2.4 Message Injection -- 1.2.5 Authentication Spoofing -- 1.2.6 IP Redirection -- 1.2.7 Wireless Frame Generation -- 1.2.8 Encryption Cracking Tools -- 1.2.9 Retrieving the WEP keys from Client Host -- 1.2.10 Traffic Inection Tools -- 1.2.11 802.1x Cracking Tools -- 1.2.12 Wireless DoS Attacks -- 1.2.13 Attack against the 802.11i implementations -- 1.3 Prevention and Modifications -- 1.3.1 TKIP: temporal Key Integrity Protocol -- 1.3.2 AES - CCMP -- 1.4 Prevention Method using Detection Devices -- 1.5 Conclusion -- CH 2.0 Vulnerability Analysis for Mail Protocols -- 2.1 Introduction -- 2.2 Format String Specifiers -- 2.2.1 Format String Vulnerability -- 2.2.1.1 Format String Denial of Service Attack -- 2.2.1.2 Format String Vulnerability Reading Attack -- 2.2.1.3 Format String Vulnerability Writing Attack -- 2.2.1.4 Preventive Measures for Format String vulnerability -- 2.3 Buffer Overflow Attack -- 2.3.1 Buffer Overflow Prevention -- 2.4 Directory Traversal Attacks -- 2.4.1 Remote Detection -- 2.5 False Positive in Remote Detection for Mail Traffic -- 2.5.1 False Positive in case of SMTP Traffic -- 2.5.2 False Positive in case of IMAP Traffic -- 2.6 Conclusion -- CH 3.0 Vulnerability Analysis for FTP and TFTP -- 3.1 Introduction -- 3.1.1 Buffer Overflow in FTP -- 3.1.2 Directory Traversal Attack in FTP -- 3.2 TFTP Vulnerability Analysis -- 3.2.1 Vulnerability Analysis -- 3.3 Conclusion -- CH 4.0 Vulnerability Analysis for HTTP -- 4.1 Introduction -- 4.2 XSS Attack -- 4.2.1 Prevention against Cross Site Scripting Attacks -- 4.3 SQL Injection Attacks -- 4.3.1 SQL Injection Case Study -- 4.3.2 Preventive Measures -- 4.3.3 Other Preventive Measures -- 4.4 MS DoS Device Name Vulnerability -- 4.4.1 Prevention from DoS Device Name Vulnerability -- 4.5 False Positive in HTTP -- 4.6 Evasion of HTTP Signatures -- 4.7 Conclusion -- CH 5.0 Vulnerability Analysis for DNS and DHCP -- 5.1 Introduction of DNS Protocol -- 5.1.1 Vulnerabilities in a DNS Protocol -- 5.1.2 False Positives in a DNS Protocol -- 5.2 Introduction of DHCP -- 5.2.1 Vulnerabilities in DHCP -- 5.2.2 False Positive in DHCP -- 5.3 Conclusion -- CH 6.0 Vulnerability Analysis for LDAP and SNMP -- 6.1 Introduction -- 6.2 ASN and BER Encoding -- 6.3 BER implementation for LDAP -- 6.3.1 Threat Analysis for Directory Services -- 6.4 SNMP -- 6.4.1 Vulnerability Analysis for SNMP -- 6.5 Conclusion -- CH 7.0 Vulnerability Analysis for RPC -- 7.1 Introduction -- 7.2 RPC Message Protocol -- 7.3 NDR Format -- 7.4 Port Mapper -- 7.5 False Positive for SMB RPC Protocol -- 7.6 Evasion in RPC -- 7. |
ISBN: | 978-0-387-74389-9 |
| 0-387-74389-8 |
| 978-0-387-74390-5 |
Bestellnr.: | 12091188 |
URL: | Cover: https://swbplus.bsz-bw.de/bsz277192897cov.jpg |
| Einführung/Vorwort: https://swbplus.bsz-bw.de/bsz277192897vor.htm |
| Inhaltsverzeichnis ; Verlag: https://swbplus.bsz-bw.de/bsz277192897inh.htm |
| Inhaltstext: https://zbmath.org/?q=an:1147.68378 |
Schlagwörter: | (s)Drahtloses lokales Netz / (s)DoS-Attacke / (s)Zugriffskontrolle |
Sprache: | eng |
Reproduktion: | Online-Ausg.: Vulnerability Analysis and Defense for the Internet. - Boston, MA: Springer US, 2008. - Online-Ressource (digital) |
Sonstige Nr.: | Best.-Nr.: 12091188 |
RVK-Notation: | ST 277 |
K10plus-PPN: | 538641606 |
Verknüpfungen: | → Übergeordnete Aufnahme |
978-0-387-74389-9,0-387-74389-8,978-0-387-74390-5
Vulnerability analysis and defense for the Internet / Singh, Abhishek [Hrsg.]; 2008
66481851