---

Review:
The preface stresses that this book is neither about how to attack a Web site, nor how to develop one, but, rather, how to test. Chapter one points out that the Web is a different environment, in terms of software security, because we have desktop machines, not centrally administered, talking to everyone (with much of the traffic being commercial in nature). The authors even point out that issues of error-handling, performance, and ease-of-use all contribute to increased levels of vulnerability. Various attacks designed to obtain information about Web applications, structure, and functions are described in chapter two. For client-side scripting, chapter three notes, any validation done on the client should be untrusted and re- validate... Rest of this review on the detail page
(Review by Rob Slade)
I want to add my review for this book!
Reviews (1) and details of How to Break Web Software: Functional and Security Testing of Web Applications and Web Services

---

Book description
Your Hands-On Guide to Voice over IP (VoIP) This book was written for the thousands of IT professionals-from CIOs to circuit-switched telecom engineers-who are now responsible for deploying and maintaining secure VoIP networks. The book explains the impact on your VoIP network of PSTN, SIP, H.323, firewalls, NAT, encryption, and the regulatory environment. Coverage includes evaluation, design, integration, and management of VoIP networking components, including IP telephones, gateways, gatekeepers, registration servers, media servers, and proxy servers. Throughout the book, the authors rely on their extensive real-world experience to provide readers with practical applications and solutions. * VoIP Isn't Just Another Data Protocol IP teleph... Rest of this review on the detail page
I want to add my review for this book!
Reviews (2) and details of Practical VoIP Security

---

Review:
A book that lets the reader really experience and feel how computers are broken into and how exploits are written. You don't have to be a programming guru to get the feel for how easy it can be to exploit any simple programming error to get elevated privileges. The book is divided into several sections: programming, programming errors and their exploits, including building exploits that will get through most 'only safe input' filters, networking basics and attacks against network stacks, cryptology and attack methods on cryptologic methods. A good book to get a feel for how fast something innocent can be an entry-point for abuse.
(Review by Koos van den Hout)
I want to add my review for this book!
Reviews (1) and details of Hacking: The Art of Exploitation, 2nd Edition

---

Review:
A quite readable book about the modern crimes related to the Internet. All those crimes (phishing, advance fee fraud) aren't new but 'real-life' crimes revisited. The book describes a lot of the problems of the modern Internet and discusses solutions. Not trying to find the end-all solution to spam, but discussing pros and cons of the available ideas and what will work and how to make security on the Internet something that the average user understands.
(Review by Koos van den Hout)
I want to add my review for this book!
Reviews (2) and details of The dotCrime Manifesto: How to Stop Internet Crime

---

I want to add the first review for this book!
Reviews (0) and details of The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) (SEI Series in Software Engineering)