Hack Proofing Your E-commerce Web Site and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Start reading Hack Proofing Your E-commerce Web Site on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Hack Proofing Your E-commerce Web Site: The Only Way to Stop a Hacker is to Think Like One [Paperback]

Syngress
4.7 out of 5 stars  See all reviews (3 customer reviews)

Available from these sellers.


Formats

Amazon Price New from Used from
Kindle Edition CDN $35.33  
Paperback --  
Join Amazon Student in Canada


Book Description

June 14 2001
Bluetooth enabled devices will ship in the billions of units once it gains momentum." - Martin Reynolds, Gartner GroupBluetooth is the most exciting development in wireless computing this decade! Bluetooth enabled devices can include everything from network servers, laptop computers and PDAs, to stereos and home security systems. Most Bluetooth products to hit the market in 2001 will be PC cards for laptop computers and access points, which allow up to seven Bluetooth devices to connect to a network. Reports indicate that by the end of 2003 there will be over 2 billion Bluetooth-enabled devices.Bluetooth-enabled devices communicate with each other through embedded software applications. Bluetooth Developer's Guide to Embedded Applications will provide embedded applications developers with advanced tutorials and code listings written to the latest Bluetooth's latest specification, version 1.1. Written by Bluetooth pioneers from market leaders in Bluetooth software development, Extended Systems and Cambridge Silicon Radio, this is the first advanced level Bluetooth developer title on the market.White Hot Topic!.While other books introduce readers to the possibilities of Bluetooth, this is the first comprehensive, advanced level programming book written specifically for embedded application developersAuthors are responsible for SDK, the market-leading development tool for BluetoothComes with Syngress' revolutionary Credit Card CD containing a printable HTML version of the book, all of the source code and sample applications from Extended Systems and Cambridge Silicon Radio

Product Details


Product Description

From Amazon

When it comes down to it, the process of protecting your e-commerce site from malicious hackers isn't too different from that of setting up defenses around any other kind of Internet site. The only characteristic that distinguishes an e-commerce site from other kinds of sites is its ability to take payment information from customers, which means there's one more way to attack the site. The scores of techniques that can bring down ordinary sites apply to e-commerce sites as well. This is why Hack Proofing Your E-Commerce Site doesn't so much distinguish itself from the collection of "defending against hackers" books already out there, as supplement those books' content with additional material that's specific to e-commerce. This book treats site defense generally, with extra material on encrypted services and payment-protection schemes.

The sections specifically about buying and selling on the Internet--they make up about a third of this book--appear to have been well researched, and go beyond the merely technical to comment on the legal aspects of attacking digital money transactions. You'll probably learn a lot from the authors' discussions of laws designed to protect the consumer from fraud on the Internet and the amount of trouble they can cause e-commerce businesses. Those sections, since they cover material that's not well explained elsewhere, carry this book on their own. --David Wall

Topics covered: General issues of Internet site defense--including modes of attack (with emphasis on distributed denial of service), secure design principles, security policies, and incident response--supplemented by issues specific to electronic commerce. E-commerce subjects include legal matters, the Secure Electronic Transactions (SET) protocol, and relations with credit-card issuers.

About the Author

Ryan Russell is the best-selling author of Hack Proofing Your Network: Internet Tradecraft (Syngress Publishing, ISBN: 1-928994-15-6). He is an Incident Analyst at SecurityFocus, has served as an expert witness on security topics, and has done internal security investigation for a major software vendor. Ryan has been working in the IT field for over 13 years, the last 7 of which have been spent primarily in information security. He has been an active participant in various security mailing lists, such as BugTraq, for years, and is frequently sought after as a speaker at security conferences. Ryan has contributed to four other Syngress Publishing titles on the topic of networking, and four on the topic of security. He holds a Bachelors of Science degree in Computer Science.

L. Brent Huston earned his Associate of Applied Science degree in Electronics at DeVry Technical Institute (Columbus, Ohio) in 1994. He has more than 10 years of experience in IT, mostly in the areas of cyber security testing, network monitoring, scanning protocols, firewalls, viruses and virus prevention formats, security patches, and hacker techniques. As President and CEO of his own information security company, MicroSolved, Inc., he and his staff have performed system and network security-consulting services for Fortune 500 companies and all levels of governmental facilities. He is well versed in the use and implementation of all the major security tools and appliances. In the past, Brent developed "Passys"—a passive intrusion detection system for Unix and has also identified previously unknown security vulnerabilities in Ascom routers, Windows NT and Linux operating systems.

Brent is an accomplished computer and information security speaker and has published numerous white papers on security-related topics. Recently he was involved in the laboratory testing of major firewall appliances at his company's central Ohio facilities. This testing was to prove the worthiness of each appliance, as well as possible vulnerabilities that had not as yet been established by their parent companies. He reported his results both to the individual product companies and at a national security industry presentation. Brent is also currently engaged with the Office of Independent Oversight and Performance Assurance in Columbus, Ohio. He was responsible for designing and implementing a state-of-the-art cyber security testing and research lab for this office and several DOE national laboratories have utilized his expertise to perform network penetration and detection services. Such services have required a high security clearance from Brent. Brent is an Internet Security Systems Certified Engineer, Sidewinder Firewall Certified Administrator, IBM Secure Network Gateway Certified Administrator, and Phoenix Firewall Certified Administrator.


Inside This Book (Learn More)
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Customer Reviews

3 star
0
2 star
0
1 star
0
4.7 out of 5 stars
4.7 out of 5 stars
Most helpful customer reviews
4.0 out of 5 stars This book is much better than its title implies July 8 2001
Format:Paperback
I am a senior engineer for network security operations. I read this book to learn best practices for improving the security of my enterprise. I was very pleased to learn that "Hack Proofing Your E-Commerce Site" (HPYES) was not another "hacking book," like so many published recently. HPYES offers a wealth of practical recommendations and solid guidance for anyone responsible for host and network security.
Syngress' motto for their "Hack Proofing" series is "The only way to stop a hacker is to think like one." That slogan may be true for vulnerability assessment or penetration testing, but it does the material in HPYES a disservice. This book is less about the thrill of compromise and more about the measured peace of maintaining a well-protected enterprise.
HPYES is noteworthy for its mature, reasonable, thorough, and clear approach to explaining security practices. The diagrams and screen captures are excellent. The seven authors consistently present topics through the security tenets of confidentiality, integrity, and [availability]. I believe even managers of technical staff would find this book rewarding.
My favorite chapters discussed incident response (10), financial transactions (6), and policy (4). Chapters 6 and 10 were especially enjoyable, as they contained material I hadn't read elsewhere, like descriptions of electronic commerce technologies and a comparison of responses to web site compromise. (Imagine -- original material in a security book!)
HPYES offered a few disappointments. I was dismayed to see an installation of Apache on Windows, vice UNIX. Page 336 mentions SSH as "Secured Socket Handler"; I believe the community knows SSH as simply Secure Shell.
Read more ›
Was this review helpful to you?
By Lisa
Format:Paperback
Anyone with an eCommerce site can benefit from this book. Especially if you have been concerned whether you have covered all of the potential vulnerabilities associated with such sites. It is quite comprehensive in the treatment of risks, vulnerabilities, threats, and how to mitigate them. It is not a How-To book. You won't find absolute answers for firewall configurations and bandwidth requirements. It won't even tell you how to run UNIX commands or code HTML pages. What it does address is the fact that you need to ask the questions. Then it helps you determine the right answers for your site. It certainly helped me become aware of some things I had missed.
Was this review helpful to you?
5.0 out of 5 stars Have yours signed at Blackhat/Defcon May 30 2001
By Chris
Format:Paperback
Great book, for overall penetration testing, vulnerability assessment - even policy development.
Good for managers and technical people alike.
Hunt Brent down at Blackhat/Defcon and pester him to sign your copy.
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.7 out of 5 stars  3 reviews
4 of 4 people found the following review helpful
4.0 out of 5 stars This book is much better than its title implies July 8 2001
By Richard Bejtlich - Published on Amazon.com
Format:Paperback
I am a senior engineer for network security operations. I read this book to learn best practices for improving the security of my enterprise. I was very pleased to learn that "Hack Proofing Your E-Commerce Site" (HPYES) was not another "hacking book," like so many published recently. HPYES offers a wealth of practical recommendations and solid guidance for anyone responsible for host and network security.
Syngress' motto for their "Hack Proofing" series is "The only way to stop a hacker is to think like one." That slogan may be true for vulnerability assessment or penetration testing, but it does the material in HPYES a disservice. This book is less about the thrill of compromise and more about the measured peace of maintaining a well-protected enterprise.
HPYES is noteworthy for its mature, reasonable, thorough, and clear approach to explaining security practices. The diagrams and screen captures are excellent. The seven authors consistently present topics through the security tenets of confidentiality, integrity, and [availability]. I believe even managers of technical staff would find this book rewarding.
My favorite chapters discussed incident response (10), financial transactions (6), and policy (4). Chapters 6 and 10 were especially enjoyable, as they contained material I hadn't read elsewhere, like descriptions of electronic commerce technologies and a comparison of responses to web site compromise. (Imagine -- original material in a security book!)
HPYES offered a few disappointments. I was dismayed to see an installation of Apache on Windows, vice UNIX. Page 336 mentions SSH as "Secured Socket Handler"; I believe the community knows SSH as simply Secure Shell. Chapter 7 also suffered from awkward English, but compensated by introducing Nessus as a sample vulnerability assessment tool. Appendix B was probably not needed, as it's just a reprint of "Fast Track" material from individual chapters.
Overall, I recommend HPYES to anyone responsible for enterprise network security. This book won't receive the manufactured hype of books like "Hack Attacks Revealed" or "Hack Attacks Denied," but you will quickly recognize the HPYES authors are both skilled practitioners and effective educators.
(Disclaimer: I received my review copy free from the publisher.)
5 of 6 people found the following review helpful
5.0 out of 5 stars Great book for anyone who has, or wants, an eCommerce site May 23 2001
By Lisa - Published on Amazon.com
Format:Paperback
Anyone with an eCommerce site can benefit from this book. Especially if you have been concerned whether you have covered all of the potential vulnerabilities associated with such sites. It is quite comprehensive in the treatment of risks, vulnerabilities, threats, and how to mitigate them. It is not a How-To book. You won't find absolute answers for firewall configurations and bandwidth requirements. It won't even tell you how to run UNIX commands or code HTML pages. What it does address is the fact that you need to ask the questions. Then it helps you determine the right answers for your site. It certainly helped me become aware of some things I had missed.
1 of 4 people found the following review helpful
5.0 out of 5 stars Have yours signed at Blackhat/Defcon May 30 2001
By Chris - Published on Amazon.com
Format:Paperback
Great book, for overall penetration testing, vulnerability assessment - even policy development.
Good for managers and technical people alike.
Hunt Brent down at Blackhat/Defcon and pester him to sign your copy.
Search Customer Reviews
Only search this product's reviews

Look for similar items by category


Feedback