Hack Proofing Your E-commerce Web Site and over one million other books are available for Amazon Kindle. Learn more
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Hack Proofing Your E-commerce Web Site: The Only Way to Stop a Hacker is to Think Like One Paperback – Jun 14 2001


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
CDN$ 28.63 CDN$ 7.38

Join Amazon Student in Canada


NO_CONTENT_IN_FEATURE

Product Details

  • Paperback: 528 pages
  • Publisher: Syngress Publishing (June 14 2001)
  • Language: English
  • ISBN-10: 192899427X
  • ISBN-13: 978-1928994275
  • Product Dimensions: 23 x 19 x 5 cm
  • Shipping Weight: 1.4 Kg
  • Average Customer Review: 4.7 out of 5 stars  See all reviews (3 customer reviews)
  • Amazon Bestsellers Rank: #2,958,546 in Books (See Top 100 in Books)


Inside This Book (Learn More)
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Customer Reviews

4.7 out of 5 stars
5 star
2
4 star
1
3 star
0
2 star
0
1 star
0
See all 3 customer reviews
Share your thoughts with other customers

Most helpful customer reviews

Format: Paperback
I am a senior engineer for network security operations. I read this book to learn best practices for improving the security of my enterprise. I was very pleased to learn that "Hack Proofing Your E-Commerce Site" (HPYES) was not another "hacking book," like so many published recently. HPYES offers a wealth of practical recommendations and solid guidance for anyone responsible for host and network security.
Syngress' motto for their "Hack Proofing" series is "The only way to stop a hacker is to think like one." That slogan may be true for vulnerability assessment or penetration testing, but it does the material in HPYES a disservice. This book is less about the thrill of compromise and more about the measured peace of maintaining a well-protected enterprise.
HPYES is noteworthy for its mature, reasonable, thorough, and clear approach to explaining security practices. The diagrams and screen captures are excellent. The seven authors consistently present topics through the security tenets of confidentiality, integrity, and [availability]. I believe even managers of technical staff would find this book rewarding.
My favorite chapters discussed incident response (10), financial transactions (6), and policy (4). Chapters 6 and 10 were especially enjoyable, as they contained material I hadn't read elsewhere, like descriptions of electronic commerce technologies and a comparison of responses to web site compromise. (Imagine -- original material in a security book!)
HPYES offered a few disappointments. I was dismayed to see an installation of Apache on Windows, vice UNIX. Page 336 mentions SSH as "Secured Socket Handler"; I believe the community knows SSH as simply Secure Shell.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
Great book, for overall penetration testing, vulnerability assessment - even policy development.
Good for managers and technical people alike.
Hunt Brent down at Blackhat/Defcon and pester him to sign your copy.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
Anyone with an eCommerce site can benefit from this book. Especially if you have been concerned whether you have covered all of the potential vulnerabilities associated with such sites. It is quite comprehensive in the treatment of risks, vulnerabilities, threats, and how to mitigate them. It is not a How-To book. You won't find absolute answers for firewall configurations and bandwidth requirements. It won't even tell you how to run UNIX commands or code HTML pages. What it does address is the fact that you need to ask the questions. Then it helps you determine the right answers for your site. It certainly helped me become aware of some things I had missed.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 3 reviews
4 of 4 people found the following review helpful
This book is much better than its title implies July 8 2001
By Richard Bejtlich - Published on Amazon.com
Format: Paperback
I am a senior engineer for network security operations. I read this book to learn best practices for improving the security of my enterprise. I was very pleased to learn that "Hack Proofing Your E-Commerce Site" (HPYES) was not another "hacking book," like so many published recently. HPYES offers a wealth of practical recommendations and solid guidance for anyone responsible for host and network security.
Syngress' motto for their "Hack Proofing" series is "The only way to stop a hacker is to think like one." That slogan may be true for vulnerability assessment or penetration testing, but it does the material in HPYES a disservice. This book is less about the thrill of compromise and more about the measured peace of maintaining a well-protected enterprise.
HPYES is noteworthy for its mature, reasonable, thorough, and clear approach to explaining security practices. The diagrams and screen captures are excellent. The seven authors consistently present topics through the security tenets of confidentiality, integrity, and [availability]. I believe even managers of technical staff would find this book rewarding.
My favorite chapters discussed incident response (10), financial transactions (6), and policy (4). Chapters 6 and 10 were especially enjoyable, as they contained material I hadn't read elsewhere, like descriptions of electronic commerce technologies and a comparison of responses to web site compromise. (Imagine -- original material in a security book!)
HPYES offered a few disappointments. I was dismayed to see an installation of Apache on Windows, vice UNIX. Page 336 mentions SSH as "Secured Socket Handler"; I believe the community knows SSH as simply Secure Shell. Chapter 7 also suffered from awkward English, but compensated by introducing Nessus as a sample vulnerability assessment tool. Appendix B was probably not needed, as it's just a reprint of "Fast Track" material from individual chapters.
Overall, I recommend HPYES to anyone responsible for enterprise network security. This book won't receive the manufactured hype of books like "Hack Attacks Revealed" or "Hack Attacks Denied," but you will quickly recognize the HPYES authors are both skilled practitioners and effective educators.
(Disclaimer: I received my review copy free from the publisher.)
5 of 6 people found the following review helpful
Great book for anyone who has, or wants, an eCommerce site May 23 2001
By Lisa - Published on Amazon.com
Format: Paperback
Anyone with an eCommerce site can benefit from this book. Especially if you have been concerned whether you have covered all of the potential vulnerabilities associated with such sites. It is quite comprehensive in the treatment of risks, vulnerabilities, threats, and how to mitigate them. It is not a How-To book. You won't find absolute answers for firewall configurations and bandwidth requirements. It won't even tell you how to run UNIX commands or code HTML pages. What it does address is the fact that you need to ask the questions. Then it helps you determine the right answers for your site. It certainly helped me become aware of some things I had missed.
1 of 4 people found the following review helpful
Have yours signed at Blackhat/Defcon May 30 2001
By Chris - Published on Amazon.com
Format: Paperback
Great book, for overall penetration testing, vulnerability assessment - even policy development.
Good for managers and technical people alike.
Hunt Brent down at Blackhat/Defcon and pester him to sign your copy.

Product Images from Customers

Search


Feedback