Titel:	Vulnerability analysis and defense for the Internet
Mitwirkende:	Singh, Abhishek [Hrsg.]
	Singh, Baibhav
	Joseph, Hirosh
Verf.angabe:	by Abhishek Singh (ed.) ...
Verlagsort:	New York, NY
Verlag:	Springer
Jahr:	2008
Umfang:	XVI, 254 S.
Illustrationen:	20 schw.-w. Ill
Format:	235 mm x 155 mm
Gesamttitel/Reihe:	Advances in information security ; 37
Fussnoten:	Bandzählung laut Vorlage
Inhalt:	Cover -- TOC Table of Contents -- CH 1.0 Wireless Security -- 1.1 Introduction -- 1.2 Wired Equivalent Privacy protocol -- 1.2.1 Analysis of WEP flaws -- 1.2.2 Key Stream Reuse -- 1.2.3 Message Modification -- 1.2.4 Message Injection -- 1.2.5 Authentication Spoofing -- 1.2.6 IP Redirection -- 1.2.7 Wireless Frame Generation -- 1.2.8 Encryption Cracking Tools -- 1.2.9 Retrieving the WEP keys from Client Host -- 1.2.10 Traffic Inection Tools -- 1.2.11 802.1x Cracking Tools -- 1.2.12 Wireless DoS Attacks -- 1.2.13 Attack against the 802.11i implementations -- 1.3 Prevention and Modifications -- 1.3.1 TKIP: temporal Key Integrity Protocol -- 1.3.2 AES - CCMP -- 1.4 Prevention Method using Detection Devices -- 1.5 Conclusion -- CH 2.0 Vulnerability Analysis for Mail Protocols -- 2.1 Introduction -- 2.2 Format String Specifiers -- 2.2.1 Format String Vulnerability -- 2.2.1.1 Format String Denial of Service Attack -- 2.2.1.2 Format String Vulnerability Reading Attack -- 2.2.1.3 Format String Vulnerability Writing Attack -- 2.2.1.4 Preventive Measures for Format String vulnerability -- 2.3 Buffer Overflow Attack -- 2.3.1 Buffer Overflow Prevention -- 2.4 Directory Traversal Attacks -- 2.4.1 Remote Detection -- 2.5 False Positive in Remote Detection for Mail Traffic -- 2.5.1 False Positive in case of SMTP Traffic -- 2.5.2 False Positive in case of IMAP Traffic -- 2.6 Conclusion -- CH 3.0 Vulnerability Analysis for FTP and TFTP -- 3.1 Introduction -- 3.1.1 Buffer Overflow in FTP -- 3.1.2 Directory Traversal Attack in FTP -- 3.2 TFTP Vulnerability Analysis -- 3.2.1 Vulnerability Analysis -- 3.3 Conclusion -- CH 4.0 Vulnerability Analysis for HTTP -- 4.1 Introduction -- 4.2 XSS Attack -- 4.2.1 Prevention against Cross Site Scripting Attacks -- 4.3 SQL Injection Attacks -- 4.3.1 SQL Injection Case Study -- 4.3.2 Preventive Measures -- 4.3.3 Other Preventive Measures -- 4.4 MS DoS Device Name Vulnerability -- 4.4.1 Prevention from DoS Device Name Vulnerability -- 4.5 False Positive in HTTP -- 4.6 Evasion of HTTP Signatures -- 4.7 Conclusion -- CH 5.0 Vulnerability Analysis for DNS and DHCP -- 5.1 Introduction of DNS Protocol -- 5.1.1 Vulnerabilities in a DNS Protocol -- 5.1.2 False Positives in a DNS Protocol -- 5.2 Introduction of DHCP -- 5.2.1 Vulnerabilities in DHCP -- 5.2.2 False Positive in DHCP -- 5.3 Conclusion -- CH 6.0 Vulnerability Analysis for LDAP and SNMP -- 6.1 Introduction -- 6.2 ASN and BER Encoding -- 6.3 BER implementation for LDAP -- 6.3.1 Threat Analysis for Directory Services -- 6.4 SNMP -- 6.4.1 Vulnerability Analysis for SNMP -- 6.5 Conclusion -- CH 7.0 Vulnerability Analysis for RPC -- 7.1 Introduction -- 7.2 RPC Message Protocol -- 7.3 NDR Format -- 7.4 Port Mapper -- 7.5 False Positive for SMB RPC Protocol -- 7.6 Evasion in RPC -- 7.
ISBN:	978-0-387-74389-9
	0-387-74389-8
	978-0-387-74390-5
Bestellnr.:	12091188
URL:	Cover: https://swbplus.bsz-bw.de/bsz277192897cov.jpg
	Einführung/Vorwort: https://swbplus.bsz-bw.de/bsz277192897vor.htm
	Inhaltsverzeichnis ; Verlag: https://swbplus.bsz-bw.de/bsz277192897inh.htm
	Inhaltstext: https://zbmath.org/?q=an:1147.68378
Schlagwörter:	(s)Drahtloses lokales Netz    / (s)DoS-Attacke    / (s)Zugriffskontrolle
Sprache:	eng
Reproduktion:	Online-Ausg.: Vulnerability Analysis and Defense for the Internet. - Boston, MA: Springer US, 2008. - Online-Ressource (digital)
Sonstige Nr.:	Best.-Nr.: 12091188
RVK-Notation:	ST 277
K10plus-PPN:	538641606
Verknüpfungen:	→ Übergeordnete Aufnahme