Excellent Addition to Hacking Exposed Series

Companies go to great lengths to segregate their internal networks from the rest of the world. They implement firewalls and DMZ's to protect their computer systems from the malicious code flying about the public Internet. For the most part, companies can simply block incoming traffic from getting through to their network at all from the outside world. However, in order to host a web site the web server must be accessible from the public Internet. That means that the web server offers an inroad to the internal network if not configured properly.

Hacking Exposed- Web Applications: Web Application Security Secrets & Solutions by Joel Scambray and Mike Shema will show you what you need to know to protect your web servers. The authors explain how an attacker gathers information to identify target systems and seek out the vulnerabilities they can exploit to break in. They go into great detail to discuss the myriad of vulnerabilities on various platforms such as Apache, IIS, J2EE and more.

This book will help you understand just how much risk your web servers are exposed to- vulnerabilities within XML, cross-site scripting and other input validation attacks, SQL injection attacks and more. Thankfully, the authors go on to provide valuable information for how to guard against these attacks and ways to harden your web servers to protect them.

Anyone who administers a web server or develops web applications should read this book to understand the pitfalls and how to avoid them.

(...)

Other Reviews

• Hacking exposed: excellent books
• A must read, even in 2005/2006+
• Excellent Addition to Hacking Exposed Series
• The best web hacking book today
• A decent introduction, but incomplete