1 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Take over a client via the browser Interesting information on the client Can use browser.

Slides:



Advertisements
Similar presentations
Chapter 17: WEB COMPONENTS
Advertisements

DT228/3 Web Development WWW and Client server model.
WHAT CBT DEVELOPERS NEED TO KNOW ABOUT BROWSERS, PLUG-INS, AND ACTIVEX Doug Foster, Oakes Interactive Inc. Jesse M. Heines, Univ. of Mass. Lowell.
Server-Side vs. Client-Side Scripting Languages
Chapter Concepts Review Markup Languages
Publishing on the WWW Active X. Aims and Objectives To introduce the concept of embedding objects within web pages To show how Active X can be used to.
15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.
ACTIVE X By Ethan Huang. OUTLINE What is ActiveX? Component of ActiveX Why ActiveX? ActiveX and Java Security Issue.
INTERNET DATABASE Chapter 9. u Basics of Internet, Web, HTTP, HTML, URLs. u Advantages and disadvantages of Web as a database platform. u Approaches for.
Introduction to Web Database Processing
INTERNET DATABASE. Internet and E-commerce Internet – a worldwide collection of interconnected computer network Internet – a worldwide collection of interconnected.
Introduction to Web Interface Technology (CSE2030)
Technologies for EC/EB Walt Scacchi FEMBA 290 Winter 2003.
How to Protect Your PC Grayware Adware, Malware, Spyware.
Computer Security and Penetration Testing
Application Security Chapter 8 Copyright Pearson Prentice Hall 2013.
Chapter 4 Application Security Knowledge and Test Prep
Define objects and their relationships to multimedia Explain the fundamentals of C, C++, Java, JavaScript, JScript, C#, ActiveX and VBScript Discuss security.
E-Commerce The technical side. LAMP Linux Linux Apache Apache MySQL MySQL PHP PHP All Open Source and free packages. Can be installed and run on most.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
INTRODUCTION TO WEB DATABASE PROGRAMMING
1 Application Security: Electronic Commerce and Chapter 9 Copyright 2003 Prentice-Hall.
1 Web Server Concepts Dr. Awad Khalil Computer Science Department AUC.
Prevent Cross-Site Scripting (XSS) attack
Week 7 Lecture Web Database Development Samuel Conn, Asst. Professor
Project Four Forms Discuss form processing Describe the difference between client-side and server-side form processing Add a horizontal rule to a Web page.
Application Security: General apps &Web service (April 11, 2012) © Abdou Illia – Spring 2012.
Chapter 16 The World Wide Web Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
1 Application Security: Electronic Commerce and Chapter 9 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall.
What is an Internet Browser? Internet browser— An Internet browser is a client program that knows how to interpret HTML code and display information and.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
NASRULLAH KHAN.  Lecturer : Nasrullah   Website :
 2001 Prentice Hall, Inc. All rights reserved. 1 Chapter 21 - Web Servers (IIS, PWS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3.
HOW WEB SERVER WORKS? By- PUSHPENDU MONDAL RAJAT CHAUHAN RAHUL YADAV RANJIT MEENA RAHUL TYAGI.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
Application Security Chapter 8 Copyright Pearson Prentice Hall 2013.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
Active Server Pages  In this chapter, you will learn:  How browsers and servers interacted on the Internet when the Internet first became popular 
1 World Wide Web Concepts (Chapter 18) 인공지능연구실. 2 목 차  Elements of the Web  Web Browsers  Keeping Tracking of your Favorite Web sites  Security and.
Web Development in Microsoft Visual Studio Slide 2 Lecture Overview How to create a first ASP.NET application.
Chapter 16 The World Wide Web. FIGURE 16.0.F01: A very, very simple Web page. Courtesy of Dr. Richard Smith.
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
NASRULLAH KHAN.  Lecturer : Nasrullah   Website :
 Web pages originally static  Page is delivered exactly as stored on server  Same information displayed for all users, from all contexts  Dynamic.
Internet Infrastructure Min Ding Smeal College of Business Administration Pennsylvania State University.
Learning Aim C.  In this section we will look at some simple client-side scripts, browser compatibility, exporting and compressing and suitable file.
The Internet Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.
Browsing Tips Mozilla Firefox. About Firefox Available at Available at Maintained.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Windows Vista Configuration MCTS : Network Security.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
Web Programming Language
Tonga Institute of Higher Education IT 141: Information Systems
Section 6.3 Server-side Scripting
Navigate to the Kaspersky global product updates page.
Application Security: General apps &Web service
Tonga Institute of Higher Education IT 141: Information Systems
Tonga Institute of Higher Education IT 141: Information Systems
Windows Vista Inside Out
What are Computers? C Use this tutorial alongside the numbers coded in your workbook and answer the related questions in each section.
Introduction to JavaScript
▶ Partner User Guide (Problem Solution)
Presentation transcript:

1 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Take over a client via the browser Interesting information on the client Can use browser to attack clients

2 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Client-side scripting Java applets: Small Java programs Scripting languages (not full programming languages)  JavaScript and VBScript Active-X from Microsoft; highly dangerous because it can do almost everything

3 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Malicious links User must click on them to execute (but not always) Common extensions are hidden by default in windows  attack.txt.exe seems to be attack.txt

4 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Common Attacks File reading and executing a command Redirection to unwanted webpage Scripts might change the registry, home page Might Trojanize the program called when user mistypes a URL Pop-up windows behind main window so source is hard to find

5 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Common Attacks Cookies and web bugs  Cookies are placed on user computer; can be retrieved by website  Can be used to track users at a website  Web bugs—links that are nearly invisible— can do the same

6 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Common Attacks Choose domain names that are common misspellings of popular domain names Opening two windows; transfer information from client window to webserver window

7 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Enhancing Browser Security Patches and updates Set strong security options (Figure 9-5) for Microsoft Internet Explorer 6.0 Remotely managing browsers on employee client PCs

8 Figure 9-5: Internet Options Dialog Box in Internet Explorer 6.0

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.