April 2011
Intermediate to advanced
504 pages
14h 51m
English
Content preview from Web Commerce Security Design and DevelopmentBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Summary
In this chapter, you learned the basics of some very important tools: Snort, Nmap, Nessus, Nikto, and many more. These powerful utilities will help you monitor, test, and verify the security measures that you have put in place to protect your applications, network infrastructure, and security assets. You also learned how to look at the target system holistically and by analyzing its various data flows using Nmap, Snort, Nessus, and other tools that we described in this chapter. In addition, you learned what to look for in individual applications by leveraging application survey utilities such as Lynx, BlackWidow, and WebSleuth. Your dexterity in using these tools at the right time, in the right place, and in a timely manner is an important factor in augmenting your security skills. It is important to know each tool's capabilities and limitations. However, remember that a well-equipped toolbox doesn't make a good mechanic; you need to know how to use the utilities and have a winning strategy to tackle the problem with the appropriate tool. Throughout the rest of the book I will build on what you learned in this chapter to accomplish this goal.
The next chapter focuses on what your adversaries do. You will look at the system from the enemy's perspective and try to break it as they would. How to effectively protect against such attacks can only be validated if you look at your design from the adversaries' vantage point; this will be the real test of your security skills.
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.