Summary

Previous page
Table of content
Next page

Summary

Session hijacking attacks aren't as easy to perform as most other Web application attacks. However, their effect can be quite damaging. Session hijacking attacks are purely an application development issue. Oversights in design or implementation of the application's session tracking mechanism result in such vulnerabilities. No operating system patch, firewall, or Web server configuration can prevent session hijacking attacks. We described session hijacking attacks and measures that should be taken during application development to prevent such attacks. Every Web developer should pay close attention to the proper design and implementation of session and state tracking. Commercial medium to high-end Web servers come with built-in session tracking mechanisms and provide an API to help developers use them in designing Web applications.

 


Previous page
Table of content
Next page
Web Hacking(c) Attacks and Defense
Web Hacking: Attacks and Defense
ISBN: 0201761769
EAN: 2147483647
Year: 2005
Pages: 156
Authors: Stuart McClure, Saumil Shah, Shreeraj Shah
BUY ON AMAZON
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
The Java Tutorial: A Short Course on the Basics, 4th Edition
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy