Host and Application Security Lesson 20: How the Web Does not Work.

9
Host and Application Security Lesson 20: How the Web Does not Work

Transcript of Host and Application Security Lesson 20: How the Web Does not Work.

Page 1: Host and Application Security Lesson 20: How the Web Does not Work.

Host and Application SecurityLesson 20: How the Web Does not Work

Page 2: Host and Application Security Lesson 20: How the Web Does not Work.

Remind me… Precisely how does the web work?

Page 3: Host and Application Security Lesson 20: How the Web Does not Work.

Web Vulns This is host and application security, so we’re

focusing on the host issues

Page 4: Host and Application Security Lesson 20: How the Web Does not Work.

Simple Simple buffer overruns/security vulns in the

browser or in its plugins Determining the list of plugins is harder than

it probably needs to be

Page 5: Host and Application Security Lesson 20: How the Web Does not Work.

Javascript Pretty powerful language History of different classes of vulnerabilites…

perhaps most famous is cross site scripting

Page 6: Host and Application Security Lesson 20: How the Web Does not Work.

Java Applets Tell me about Java Applets and their security

model Isn’t that good enough? Why? Why not?

Page 7: Host and Application Security Lesson 20: How the Web Does not Work.

ActiveX “Safe for scripting”? ActiveX: Pros and Cons?

Page 8: Host and Application Security Lesson 20: How the Web Does not Work.

Clickjacking A really neat exploit – get the user to click on

one thing when they think they are clicking on another

Example: a one click bank transfer Cross-frame issues make life very interesting

Page 9: Host and Application Security Lesson 20: How the Web Does not Work.

To Do Find and read the ACM Queue paper

“Browser Security: Lessons from Google Chrome”

Write a demonstration of a cross site scripting attack. Do this in essay form, showing the code you would have on both ends and how it would work. What is the future for XSS attacks?


Comp Lesson 1- How does Casino Marketing Work?

Comp Lesson 1- How does Casino Marketing Work?

Effects of Animal Viruses on Host Cells (What does the virus do to the host cell?)

Effects of Animal Viruses on Host Cells (What does the virus do to the host cell?)

Exploiter-Victim Relationships Host-Parasite: Host death need not occur, and often does not; birth rate of host reduced by parasite Host-Parasitoid: Host.

Exploiter-Victim Relationships Host-Parasite: Host death need not occur, and often does not; birth rate of host reduced by parasite Host-Parasitoid: Host.

Lesson 7: What does f' say about f?

Lesson 7: What does f' say about f?

Application Layer · PDF fileNetwork L/P L/P Transport Host Router Host. 4 ... does the IP address of the host on which the ... and sends message into its

Application Layer · PDF fileNetwork L/P L/P Transport Host Router Host. 4 ... does the IP address of the host on which the ... and sends message into its

DOES HOST COUNTRY CULTURE AFFECT FOREIGN RETAILER PERFORMANCE? · DOES HOST COUNTRY CULTURE AFFECT FOREIGN RETAILER … 11 countries within as well as outside Europe. We thus believe

DOES HOST COUNTRY CULTURE AFFECT FOREIGN RETAILER PERFORMANCE? · DOES HOST COUNTRY CULTURE AFFECT FOREIGN RETAILER … 11 countries within as well as outside Europe. We thus believe

Lesson 01 What does a historian do?

Lesson 01 What does a historian do?

Host and Application Security Lesson 4: The Win32 Boot Process.

Host and Application Security Lesson 4: The Win32 Boot Process.

Lesson 10: Innate Immunity/ Nonspecific Defenses of the Host March 24, 2015.

Lesson 10: Innate Immunity/ Nonspecific Defenses of the Host March 24, 2015.

MACROECONOMIC QUESTIONS LESSON ONE. WHY DOES OUTPUT FLUCTUATE?

MACROECONOMIC QUESTIONS LESSON ONE. WHY DOES OUTPUT FLUCTUATE?

Lesson 2 How does food move down the oesophagus?

Lesson 2 How does food move down the oesophagus?

LESSON 6: WHERE DOES OUR FOOD COME FROM?

LESSON 6: WHERE DOES OUR FOOD COME FROM?

Lesson 4: How Does the Environment Affect Sea Turtle Nests?...Sea Turtle 5th Grade Curriculum Lesson 4: ... Lesson 4: How Does the Environment Affect Sea Turtle Nests? Description:

Lesson 4: How Does the Environment Affect Sea Turtle Nests?...Sea Turtle 5th Grade Curriculum Lesson 4: ... Lesson 4: How Does the Environment Affect Sea Turtle Nests? Description:

Lesson Two How Does England Fit Into

Lesson Two How Does England Fit Into

Indonesia Ponzi Economy Does Two Crisis Give a Lesson

Indonesia Ponzi Economy Does Two Crisis Give a Lesson

Host Site Facilitator Lesson Plan - For Your Information · Host Site Facilitator Lesson Plan ... This session will feature ideas and activities that help foster ... How can 4-H members

Host Site Facilitator Lesson Plan - For Your Information · Host Site Facilitator Lesson Plan ... This session will feature ideas and activities that help foster ... How can 4-H members

How Does FDI Affect Host Country Development? Using ... · How Does FDI Affect Host Country Development? Using Industry Case Studies to Make Reliable Generalizations THEODORE H. …

How Does FDI Affect Host Country Development? Using ... · How Does FDI Affect Host Country Development? Using Industry Case Studies to Make Reliable Generalizations THEODORE H. …

Lesson de Simple Present Con Does

Lesson de Simple Present Con Does

Do and Does Aims of the lesson Do Does Don’t Doesn’t.

Do and Does Aims of the lesson Do Does Don’t Doesn’t.

Lesson Three How Does The Uk Fit

Lesson Three How Does The Uk Fit