Web Attacks

  • Mike O’Leary
Chapter

Abstract

Web servers provide new features for legitimate users, but also provide numerous avenues of attack for malicious actors. An attacker that has been able to compromise a system on a network can extract passwords stored in Internet Explorer or Firefox. A savvy defender can use a master password on Firefox to mitigate these kinds of attacks. An attacker that can only find their way on to the local network can use Ettercap to launch man in the middle attacks. If a web server automatically redirects unsecure HTTP traffic to a secure HTTPS site, then an attacker can use sslstrip to intercept the traffic before it is encrypted, allowing them to attack the connection without the browser warning of an improperly configured certificate chain.

Keywords

Status Code Configuration File Brute Force Attack Basic Authentication Authorization Require 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Copyright information

© Mike O'Leary 2015

Authors and Affiliations

  • Mike O’Leary
    • 1
  1. 1.Department of MathematicsTowson UniversityTowsonUS

Personalised recommendations