J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice

Security Attacks

Now that we understand basic security concepts, let's talk about various forms of security attacks.

The simplest of the attacks work by getting hold of the password of an account on a computer system. Recall that password is a shared secret used by the computer system to authenticate the account holder. Once the attacker has the password he can do everything the account holder can do. Common techniques to “steal” passwords include:

Guessing— People select passwords that are easy to remember, most often names of their children, spouse, friends or a dictionary word that is easy to guess.
Wiretapping— A number of protocols send password information over the wire in clear text. These can be captured by anyone having access to a ...

Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Security Attacks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly