Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Advanced penetration testing for highly-secured environments [[electronic resource] ] : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen
| Advanced penetration testing for highly-secured environments [[electronic resource] ] : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen |
| Autore | Allen Lee (Information security specialist) |
| Pubbl/distr/stampa | Birmingham, U.K., : Packt Pub., 2012 |
| Descrizione fisica | 1 online resource (414 p.) |
| Disciplina | 005.8 |
| Collana | Open source : community experience distilled |
| Soggetto topico |
Computer security - Testing
Penetration testing (Computer security) Computer networks - Security measures Computer networks |
| Soggetto genere / forma | Electronic books. |
| ISBN |
1-62198-905-4
1-280-67747-3 9786613654403 1-84951-775-4 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Planning and Scoping for a Successful Penetration Test; Introduction to advanced penetration testing; Vulnerability assessments; Penetration testing; Advanced penetration testing; Before testing begins; Determining scope; Setting limits - nothing lasts forever; Rules of engagement documentation; Planning for action; Installing VirtualBox; Installing your BackTrack virtual machine; Preparing the virtual guest machine for BackTrack
Installing BackTrack on the virtual disk imageExploring BackTrack; Logging in; Changing the default password; Updating the applications and operating system; Installing OpenOffice; Effectively manage your test results; Introduction to MagicTree; Starting MagicTree; Adding nodes; Data collection; Report generation; Introduction to the Dradis Framework; Exporting a project template; Importing a project template; Preparing sample data for import; Importing your Nmap data; Exporting data into HTML; Dradis Category field; Changing the default HTML template; Summary Chapter 2: Advanced Reconnaissance TechniquesIntroduction to reconnaissance; Reconnaissance workflow; DNS recon; Nslookup - it's there when you need it; Default output; Changing nameservers; Creating an automation script; What did we learn?; Domain Information Groper (Dig); Default output; Zone transfers using Dig; Advanced features of Dig; DNS brute forcing with fierce; Default command usage; Creating a custom wordlist; Gathering and validating domain and IP information; Gathering information with whois; Specifying which registrar to use; Where in the world is this IP?; Defensive measures Using search engines to do your job for youSHODAN; Filters; Understanding banners; Finding specific assets; Finding people (and their documents) on the web; Google hacking database; Metagoofil; Searching the Internet for clues; Metadata collection; Extracting metadata from photos using exiftool; Summary; Chapter 3: Enumeration: Choosing Your Targets Wisely; Adding another virtual machine to our lab; Configuring and testing our Vlab_1 clients; BackTrack - Manual ifconfig; Ubuntu - Manual ifconfig; Verifying connectivity; Maintaining IP settings after reboot; Nmap - getting to know you Commonly seen Nmap scan types and optionsBasic scans - warming up; Other Nmap techniques; Remaining stealthy; Shifting blame - the zombies did it!; IDS rules, how to avoid them; Using decoys; Adding custom Nmap scripts to your arsenal; How to decide if a script is right for you; Adding a new script to the database; SNMP: A goldmine of information just waiting to be discovered; SNMPEnum; SNMPCheck; When the SNMP community string is NOT ""public""; Creating network baselines with scanPBNJ; Setting up MySQL for PBNJ; Starting MySQL; Preparing the PBNJ database; First scan; Reviewing the data Enumeration avoidance techniques |
| Record Nr. | UNINA-9910451850903321 |
Allen Lee (Information security specialist)
|
||
| Birmingham, U.K., : Packt Pub., 2012 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advanced penetration testing for highly-secured environments [[electronic resource] ] : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen
| Advanced penetration testing for highly-secured environments [[electronic resource] ] : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen |
| Autore | Allen Lee (Information security specialist) |
| Pubbl/distr/stampa | Birmingham, U.K., : Packt Pub., 2012 |
| Descrizione fisica | 1 online resource (414 p.) |
| Disciplina | 005.8 |
| Collana | Open source : community experience distilled |
| Soggetto topico |
Computer security - Testing
Penetration testing (Computer security) Computer networks - Security measures Computer networks |
| ISBN |
1-62198-905-4
1-280-67747-3 9786613654403 1-84951-775-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Planning and Scoping for a Successful Penetration Test; Introduction to advanced penetration testing; Vulnerability assessments; Penetration testing; Advanced penetration testing; Before testing begins; Determining scope; Setting limits - nothing lasts forever; Rules of engagement documentation; Planning for action; Installing VirtualBox; Installing your BackTrack virtual machine; Preparing the virtual guest machine for BackTrack
Installing BackTrack on the virtual disk imageExploring BackTrack; Logging in; Changing the default password; Updating the applications and operating system; Installing OpenOffice; Effectively manage your test results; Introduction to MagicTree; Starting MagicTree; Adding nodes; Data collection; Report generation; Introduction to the Dradis Framework; Exporting a project template; Importing a project template; Preparing sample data for import; Importing your Nmap data; Exporting data into HTML; Dradis Category field; Changing the default HTML template; Summary Chapter 2: Advanced Reconnaissance TechniquesIntroduction to reconnaissance; Reconnaissance workflow; DNS recon; Nslookup - it's there when you need it; Default output; Changing nameservers; Creating an automation script; What did we learn?; Domain Information Groper (Dig); Default output; Zone transfers using Dig; Advanced features of Dig; DNS brute forcing with fierce; Default command usage; Creating a custom wordlist; Gathering and validating domain and IP information; Gathering information with whois; Specifying which registrar to use; Where in the world is this IP?; Defensive measures Using search engines to do your job for youSHODAN; Filters; Understanding banners; Finding specific assets; Finding people (and their documents) on the web; Google hacking database; Metagoofil; Searching the Internet for clues; Metadata collection; Extracting metadata from photos using exiftool; Summary; Chapter 3: Enumeration: Choosing Your Targets Wisely; Adding another virtual machine to our lab; Configuring and testing our Vlab_1 clients; BackTrack - Manual ifconfig; Ubuntu - Manual ifconfig; Verifying connectivity; Maintaining IP settings after reboot; Nmap - getting to know you Commonly seen Nmap scan types and optionsBasic scans - warming up; Other Nmap techniques; Remaining stealthy; Shifting blame - the zombies did it!; IDS rules, how to avoid them; Using decoys; Adding custom Nmap scripts to your arsenal; How to decide if a script is right for you; Adding a new script to the database; SNMP: A goldmine of information just waiting to be discovered; SNMPEnum; SNMPCheck; When the SNMP community string is NOT ""public""; Creating network baselines with scanPBNJ; Setting up MySQL for PBNJ; Starting MySQL; Preparing the PBNJ database; First scan; Reviewing the data Enumeration avoidance techniques |
| Record Nr. | UNINA-9910779275503321 |
|
Allen Lee (Information security specialist)
|
||
| Birmingham, U.K., : Packt Pub., 2012 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advanced penetration testing for highly-secured environments : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen
| Advanced penetration testing for highly-secured environments : the ultimate security guide : learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide / / Lee Allen |
| Autore | Allen Lee (Information security specialist) |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Birmingham, U.K., : Packt Pub., 2012 |
| Descrizione fisica | 1 online resource (414 p.) |
| Disciplina | 005.8 |
| Collana | Open source : community experience distilled |
| Soggetto topico |
Computer security - Testing
Penetration testing (Computer security) Computer networks - Security measures Computer networks |
| ISBN |
1-62198-905-4
1-280-67747-3 9786613654403 1-84951-775-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Planning and Scoping for a Successful Penetration Test; Introduction to advanced penetration testing; Vulnerability assessments; Penetration testing; Advanced penetration testing; Before testing begins; Determining scope; Setting limits - nothing lasts forever; Rules of engagement documentation; Planning for action; Installing VirtualBox; Installing your BackTrack virtual machine; Preparing the virtual guest machine for BackTrack
Installing BackTrack on the virtual disk imageExploring BackTrack; Logging in; Changing the default password; Updating the applications and operating system; Installing OpenOffice; Effectively manage your test results; Introduction to MagicTree; Starting MagicTree; Adding nodes; Data collection; Report generation; Introduction to the Dradis Framework; Exporting a project template; Importing a project template; Preparing sample data for import; Importing your Nmap data; Exporting data into HTML; Dradis Category field; Changing the default HTML template; Summary Chapter 2: Advanced Reconnaissance TechniquesIntroduction to reconnaissance; Reconnaissance workflow; DNS recon; Nslookup - it's there when you need it; Default output; Changing nameservers; Creating an automation script; What did we learn?; Domain Information Groper (Dig); Default output; Zone transfers using Dig; Advanced features of Dig; DNS brute forcing with fierce; Default command usage; Creating a custom wordlist; Gathering and validating domain and IP information; Gathering information with whois; Specifying which registrar to use; Where in the world is this IP?; Defensive measures Using search engines to do your job for youSHODAN; Filters; Understanding banners; Finding specific assets; Finding people (and their documents) on the web; Google hacking database; Metagoofil; Searching the Internet for clues; Metadata collection; Extracting metadata from photos using exiftool; Summary; Chapter 3: Enumeration: Choosing Your Targets Wisely; Adding another virtual machine to our lab; Configuring and testing our Vlab_1 clients; BackTrack - Manual ifconfig; Ubuntu - Manual ifconfig; Verifying connectivity; Maintaining IP settings after reboot; Nmap - getting to know you Commonly seen Nmap scan types and optionsBasic scans - warming up; Other Nmap techniques; Remaining stealthy; Shifting blame - the zombies did it!; IDS rules, how to avoid them; Using decoys; Adding custom Nmap scripts to your arsenal; How to decide if a script is right for you; Adding a new script to the database; SNMP: A goldmine of information just waiting to be discovered; SNMPEnum; SNMPCheck; When the SNMP community string is NOT ""public""; Creating network baselines with scanPBNJ; Setting up MySQL for PBNJ; Starting MySQL; Preparing the PBNJ database; First scan; Reviewing the data Enumeration avoidance techniques |
| Record Nr. | UNINA-9910820448403321 |
|
Allen Lee (Information security specialist)
|
||
| Birmingham, U.K., : Packt Pub., 2012 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Building virtual pentesting labs for advanced penetration testing : learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it / / Kevin Cardwell
| Building virtual pentesting labs for advanced penetration testing : learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it / / Kevin Cardwell |
| Autore | Cardwell Kevin |
| Edizione | [Second edition.] |
| Pubbl/distr/stampa | Birmingham, England ; ; Mumbai, India : , : Packt Publishing, , 2016 |
| Descrizione fisica | 1 online resource (518 pages) |
| Disciplina | 005.8 |
| Collana | Community Experience Distilled |
| Soggetto topico |
Computer security - Testing
Computer networks - Security measures Computers - Access control |
| ISBN | 1-78588-495-6 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910798777903321 |
|
Cardwell Kevin
|
||
| Birmingham, England ; ; Mumbai, India : , : Packt Publishing, , 2016 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Building virtual pentesting labs for advanced penetration testing : learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it / / Kevin Cardwell
| Building virtual pentesting labs for advanced penetration testing : learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it / / Kevin Cardwell |
| Autore | Cardwell Kevin |
| Edizione | [Second edition.] |
| Pubbl/distr/stampa | Birmingham, England ; ; Mumbai, India : , : Packt Publishing, , 2016 |
| Descrizione fisica | 1 online resource (518 pages) |
| Disciplina | 005.8 |
| Collana | Community Experience Distilled |
| Soggetto topico |
Computer security - Testing
Computer networks - Security measures Computers - Access control |
| ISBN | 1-78588-495-6 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910822503303321 |
|
Cardwell Kevin
|
||
| Birmingham, England ; ; Mumbai, India : , : Packt Publishing, , 2016 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi
| Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi |
| Autore | Cardwell Kevin |
| Pubbl/distr/stampa | Birmingham, [England] : , : Packt Publishing, , 2014 |
| Descrizione fisica | 1 online resource (430 p.) |
| Disciplina | 005.8 |
| Collana | Community Experience Distilled |
| Soggetto topico |
Computer networks - Security measures
Computer security - Testing Computers - Access control |
| Soggetto genere / forma | Electronic books. |
| ISBN | 1-78328-478-1 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introducing Penetration Testing; Security testing; Authentication; Authorization; Confidentiality; Integrity; Availability; Non-repudiation; Abstract testing methodology; Planning; Nonintrusive target search; Intrusive target search; Data analysis; Reporting; Myths and misconceptions of pen testing; Summary; Chapter 2: Choosing the Virtual Environment; Open source and free environments; VMware Player; VirtualBox; Xen; Hyper-V; vSphere Hypervisor; Commercial environments
vSphereVMware Player Plus; XenServer; VMware Workstation; Image conversion; Converting from a physical to virtual environment; Summary; Chapter 3: Planning a Range; Planning; What are we trying to accomplish?; By when do we have to accomplish it?; Identifying vulnerabilities; Vulnerability sites; Vendor sites; Summary; Chapter 4: Identifying Range Architecture; Building the machines; Building new machines; Conversion; Cloning a virtual machine; Selecting network connections; The bridged setting; Network Address Translation; The host-only switch; The custom settings; Choosing range components The attacker machineRouter; Firewall; Web server; Summary; Chapter 5: Identifying a Methodology; The OSSTMM; The Posture Review; Logistics; Active detection verification; Visibility Audit; Access verification; Trust verification; Control verification; Process verification; Configuration verification; Property validation; Segregation review; Exposure verification; Competitive intelligence scouting; Quarantine verification; Privileges audit; Survivability validation; Alert and log review; CHECK; NIST SP-800-115; The information security assessment methodology; Technical assessment techniques Comparing tests and examinationsTesting viewpoints; Overt and covert; Offensive Security; Other methodologies; Customization; Summary; Chapter 6: Creating an External Attack Architecture; Establishing layered architectures; Configuring firewall architectures; iptables; Deploying IDS/IPS and load balancers; Intrusion Detection System (IDS); Intrusion Prevention System (IPS); Load balancers; Integrating web application firewalls; Summary; Chapter 7: Assessment of Devices; Assessing routers; Evaluating switches; MAC attacks; VLAN hopping attacks; GARP attacks; Attacking the firewall Identifying the firewall rulesTricks to penetrate filters; Summary; Chapter 8: Architecting an IDS/IPS Range; Deploying a network-based IDS; Implementing the host-based IDS and endpoint security; Working with virtual switches; Evasion; Determining thresholds; Stress testing; Shell code obfuscation; Summary; Chapter 9: Assessment of Web Servers and Web Applications; Analyzing the OWASP Top Ten attacks; Injection flaws; Broken authentication and session management; Cross-Site Scripting; Insecure direct object references; Security misconfiguration; Sensitive data exposure Missing function-level access control |
| Record Nr. | UNINA-9910464689203321 |
|
Cardwell Kevin
|
||
| Birmingham, [England] : , : Packt Publishing, , 2014 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi
| Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi |
| Autore | Cardwell Kevin |
| Pubbl/distr/stampa | Birmingham, [England] : , : Packt Publishing, , 2014 |
| Descrizione fisica | 1 online resource (430 p.) |
| Disciplina | 005.8 |
| Collana | Community Experience Distilled |
| Soggetto topico |
Computer networks - Security measures
Computer security - Testing Computers - Access control |
| ISBN | 1-78328-478-1 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introducing Penetration Testing; Security testing; Authentication; Authorization; Confidentiality; Integrity; Availability; Non-repudiation; Abstract testing methodology; Planning; Nonintrusive target search; Intrusive target search; Data analysis; Reporting; Myths and misconceptions of pen testing; Summary; Chapter 2: Choosing the Virtual Environment; Open source and free environments; VMware Player; VirtualBox; Xen; Hyper-V; vSphere Hypervisor; Commercial environments
vSphereVMware Player Plus; XenServer; VMware Workstation; Image conversion; Converting from a physical to virtual environment; Summary; Chapter 3: Planning a Range; Planning; What are we trying to accomplish?; By when do we have to accomplish it?; Identifying vulnerabilities; Vulnerability sites; Vendor sites; Summary; Chapter 4: Identifying Range Architecture; Building the machines; Building new machines; Conversion; Cloning a virtual machine; Selecting network connections; The bridged setting; Network Address Translation; The host-only switch; The custom settings; Choosing range components The attacker machineRouter; Firewall; Web server; Summary; Chapter 5: Identifying a Methodology; The OSSTMM; The Posture Review; Logistics; Active detection verification; Visibility Audit; Access verification; Trust verification; Control verification; Process verification; Configuration verification; Property validation; Segregation review; Exposure verification; Competitive intelligence scouting; Quarantine verification; Privileges audit; Survivability validation; Alert and log review; CHECK; NIST SP-800-115; The information security assessment methodology; Technical assessment techniques Comparing tests and examinationsTesting viewpoints; Overt and covert; Offensive Security; Other methodologies; Customization; Summary; Chapter 6: Creating an External Attack Architecture; Establishing layered architectures; Configuring firewall architectures; iptables; Deploying IDS/IPS and load balancers; Intrusion Detection System (IDS); Intrusion Prevention System (IPS); Load balancers; Integrating web application firewalls; Summary; Chapter 7: Assessment of Devices; Assessing routers; Evaluating switches; MAC attacks; VLAN hopping attacks; GARP attacks; Attacking the firewall Identifying the firewall rulesTricks to penetrate filters; Summary; Chapter 8: Architecting an IDS/IPS Range; Deploying a network-based IDS; Implementing the host-based IDS and endpoint security; Working with virtual switches; Evasion; Determining thresholds; Stress testing; Shell code obfuscation; Summary; Chapter 9: Assessment of Web Servers and Web Applications; Analyzing the OWASP Top Ten attacks; Injection flaws; Broken authentication and session management; Cross-Site Scripting; Insecure direct object references; Security misconfiguration; Sensitive data exposure Missing function-level access control |
| Record Nr. | UNINA-9910786642603321 |
|
Cardwell Kevin
|
||
| Birmingham, [England] : , : Packt Publishing, , 2014 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi
| Building virtual pentesting labs for advanced penetration testing : build intricate virtual architecture to practice any penetration testing technique virtually / / Kevin Cardwell ; cover image by Tony Shi |
| Autore | Cardwell Kevin |
| Pubbl/distr/stampa | Birmingham, [England] : , : Packt Publishing, , 2014 |
| Descrizione fisica | 1 online resource (430 p.) |
| Disciplina | 005.8 |
| Collana | Community Experience Distilled |
| Soggetto topico |
Computer networks - Security measures
Computer security - Testing Computers - Access control |
| ISBN | 1-78328-478-1 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introducing Penetration Testing; Security testing; Authentication; Authorization; Confidentiality; Integrity; Availability; Non-repudiation; Abstract testing methodology; Planning; Nonintrusive target search; Intrusive target search; Data analysis; Reporting; Myths and misconceptions of pen testing; Summary; Chapter 2: Choosing the Virtual Environment; Open source and free environments; VMware Player; VirtualBox; Xen; Hyper-V; vSphere Hypervisor; Commercial environments
vSphereVMware Player Plus; XenServer; VMware Workstation; Image conversion; Converting from a physical to virtual environment; Summary; Chapter 3: Planning a Range; Planning; What are we trying to accomplish?; By when do we have to accomplish it?; Identifying vulnerabilities; Vulnerability sites; Vendor sites; Summary; Chapter 4: Identifying Range Architecture; Building the machines; Building new machines; Conversion; Cloning a virtual machine; Selecting network connections; The bridged setting; Network Address Translation; The host-only switch; The custom settings; Choosing range components The attacker machineRouter; Firewall; Web server; Summary; Chapter 5: Identifying a Methodology; The OSSTMM; The Posture Review; Logistics; Active detection verification; Visibility Audit; Access verification; Trust verification; Control verification; Process verification; Configuration verification; Property validation; Segregation review; Exposure verification; Competitive intelligence scouting; Quarantine verification; Privileges audit; Survivability validation; Alert and log review; CHECK; NIST SP-800-115; The information security assessment methodology; Technical assessment techniques Comparing tests and examinationsTesting viewpoints; Overt and covert; Offensive Security; Other methodologies; Customization; Summary; Chapter 6: Creating an External Attack Architecture; Establishing layered architectures; Configuring firewall architectures; iptables; Deploying IDS/IPS and load balancers; Intrusion Detection System (IDS); Intrusion Prevention System (IPS); Load balancers; Integrating web application firewalls; Summary; Chapter 7: Assessment of Devices; Assessing routers; Evaluating switches; MAC attacks; VLAN hopping attacks; GARP attacks; Attacking the firewall Identifying the firewall rulesTricks to penetrate filters; Summary; Chapter 8: Architecting an IDS/IPS Range; Deploying a network-based IDS; Implementing the host-based IDS and endpoint security; Working with virtual switches; Evasion; Determining thresholds; Stress testing; Shell code obfuscation; Summary; Chapter 9: Assessment of Web Servers and Web Applications; Analyzing the OWASP Top Ten attacks; Injection flaws; Broken authentication and session management; Cross-Site Scripting; Insecure direct object references; Security misconfiguration; Sensitive data exposure Missing function-level access control |
| Record Nr. | UNINA-9910814080603321 |
|
Cardwell Kevin
|
||
| Birmingham, [England] : , : Packt Publishing, , 2014 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Proceedings of CSET 2021 : 14th Workshop on Cyber Security Experimentation and Test : August 9, 2021 / / in cooperation with USENIX Association
| Proceedings of CSET 2021 : 14th Workshop on Cyber Security Experimentation and Test : August 9, 2021 / / in cooperation with USENIX Association |
| Pubbl/distr/stampa | New York : , : The Association for Computing Machinery, , 2021 |
| Descrizione fisica | 1 online resource (vii, 91 pages) : illustrations |
| Disciplina | 005.8 |
| Collana | ACM international conference proceedings series |
| Soggetto topico |
Computer security
Computer security - Testing |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910510428503321 |
| New York : , : The Association for Computing Machinery, , 2021 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
