© Mike O'Leary 2019
Mike O'LearyCyber Operationshttps://doi.org/10.1007/978-1-4842-4294-0_16

16. Web Attacks

Mike O’Leary1 
(1)
Towson, MD, USA
 

Introduction

Web servers provide new features for legitimate users, but they also provide avenues of attack for malicious actors. An attacker that has been able to compromise a system on a network can extract passwords stored in Internet Explorer or Firefox. A defender can use a master password on Firefox to mitigate these kinds of attacks. An attacker that can find their way on to the local network can use Ettercap to launch man in the middle attacks. If a web server automatically redirects unsecure HTTP traffic to a secure HTTPS site, then an attacker can use sslstrip to intercept the traffic before it is ...

Get Cyber Operations: Building, Defending, and Attacking Modern Computer Networks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial