Web security : a step-by-step reference guide / Lincoln D. Stein.
By: Stein, Lincoln D.
Material type: BookPublisher: Reading, Mass. : Addison-Wesley, c1998Description: ix, 436 p. : ill. ; 24 cm. + pbk.ISBN: 0201634899 .Subject(s): Computer networks -- Security measures | World Wide Web -- Security measures | Web sites -- Security measuresDDC classification: 005.8Item type | Current library | Call number | Copy number | Status | Date due | Barcode | Item holds |
---|---|---|---|---|---|---|---|
General Lending | MTU Bishopstown Library Lending | 005.8 (Browse shelf(Opens below)) | 1 | Available | 00069055 | ||
General Lending | MTU Bishopstown Library Lending | 005.8 (Browse shelf(Opens below)) | 1 | Available | 00086011 |
Enhanced descriptions from Syndetics:
This is a practical reference with a checklist approach to evaluate the security level of a web site. This book is a result of a surge of interest in the subject due to high-visiblity break-ins at the Department of Justice, CIA, and Microsoft. Appendixes include complete resource listing of security vendors and tools, firewall solutions and resellers.
Bibliography: (pages 421-422) and index.
What is Web Security? -- Part I: Document Confidentiality -- Basic Cryptography -- SSL, SET and Digital Payment Systems -- Part II: Client-Side Security -- Using SSL -- Active Content -- Web Privacy -- Part III: Server-Side Security -- Server Security -- UNIX Web Servers -- Windows NT Web Servers -- Access Control -- Encryption and Certificate-Based Access Control -- Safe CGI Scripting -- Remote Authoring and Administration -- Web Servers and Firewalls.
Table of contents provided by Syndetics
- Preface
- 1 What Is Web Security?
- The Three Parts of Web Security
- Risks
- The Layout of This Book
- I Document Confidentiality
- 2 Basic Cryptography
- How Cryptography Works
- Symmetric Cryptography
- Public Key Cryptography
- Online Resources
- Printed Resources
- 3 SSL, SET, and Digital Payment Systems
- Secure Sockets Layer
- SET and Other Digital Payment Systems
- Checklist
- Online Resources
- SET and Other Digital Money Systems
- II Client-Side Security
- 4 Using SSL
- SSL at Work
- Personal Certificates
- Checklist
- Online Resources
- Printed Resources
- 5 Active Content
- Bad by Design or Bad by Accident?
- Traditional Threats
- Helper Applications and Plug-Ins
- Java
- ActiveX
- JavaScript and VBScript
- The Browser as a Security Hole
- Exotic Technologies
- What Can You Do?
- Changing Active Content Settings
- Checklist
- Resources
- 6 Web Privacy
- What Web Surfing Reveals
- Server Logs
- Cookies
- PICS
- Advice for Users
- Advice for Webmasters
- Policy Initiatives
- Checklist
- Resources
- III Server-Side Security
- 7 Server Security
- Why Are Websites Vulnerable?
- Frequently Asked Questions about Web Server Security
- Overview: Steps to Securing a Website
- Online Resources
- 8 UNIX Web Servers
- Hardening a UNIX Web Server
- Configuring the Web Server
- Monitoring Logs
- Monitor the Integrity of System Files and Binaries
- Back Up Your System
- Checklist
- Online Resources
- Printed Resources
- 9 Windows NT Web Servers
- NT Security Concepts
- Windows NT Security Risks
- Securing a Windows NT Web Server
- Configuring the Web Server
- Checklist
- Online Resources
- Printed Resources
- 10 Access Control
- Types of Access Control
- Access Control Based on IP Address or Host Name
- Access Control Based on User Name and Password
- Other Types of Access Control
- Access Control and CGI Scripts
- Checklist
- Online Resources
- 11 Encryption and Certificate-Based Access Control
- SSL-Enabled Web Servers
- Using Client Certificates for Access Control
- Using Client Certificates for Web Server Access Control
- Becoming Your Own Certifying Authority
- Final Words
- Checklist
- Online Resources
- Printed Resources
- 12 Safe CGI Scripting
- Introduction to CGI Scripts and Server Modules
- Common Failure Modes
- Other Advice
- Safe Scripting in Perl
- CGI Wrappers
- Checklist
- Online Resources
- Printed Resources
- 13 Remote Authoring and Administration
- Degrees of Trust
- Controlling Access to the Web Server Host
- Remote Authoring Via FTP
- Microsoft FrontPage
- The HTTP PUT Protocol
- An Upload Staging Area
- Administering the Web Server Remotely
- Access to the Server for Web Developers
- Checklist
- Online Resources
- Printed
Excerpt provided by Syndetics
Author notes provided by Syndetics
Lincoln Stein has an M.D. and is a scientist at Cold Spring Harbor Laboratory. When the Web first emerged, he created and maintained one of the earliest Internet sites for distribution of Human Genome Project data and has since become an acknowledged expert in Web, network, and Perl programming. Known for his exceptional ability to synthesize and present complex information, he writes for The Perl Journal and Web Techniques magazines and is the author of four other books.
0201634899AB04062001