Chapter 17. Protection through Web Applications
In This Chapter
Blocking application attacks through the Web
Foiling SQL injection attacks
Sizing up Internet browser risks
How do you do business? It doesn't matter how big or small you are, the Web is now a valuable portal for you to reach your customers and for your customers to reach you and buy stuff. If your Web site is down, then it probably hurts your business. Unfortunately, the cybercriminal has also realized the potential monetary benefits of your Web site — sure, a few years ago it used to be fun to deface or disable Web sites, but these days the threats are much more subtle; most people don't realize they're happening! That's because the bad guys are after bigger game. So some caution is in order: Just because the Web page looks okay doesn't mean it hasn't been hijacked; understanding that is a good start. So let's look at how cyber-criminals can use your Web site to attack your customers.
Attacking Applications through the Web
The Web is now the de facto way to do business. Even if you don't take orders for goods or services through a Web application, chances are that you do collect information from customers via the Web so you can send them information and market their socks off. If you do take orders online, then you're collecting data such as credit-card numbers, names, and addresses. That's nectar to the cybercriminal. So imagine: If you were a cybercriminal, where would you focus your efforts, on the individual (where ...
Get Data Leaks For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
