Web Security, Privacy and Commerce, 2nd Edition

Web Security, Privacy & Commerce, 2nd Edition

 S/Key system

 S/MIME (Secure/MIME)

 safeWeb

 Triangle Boy service

 sandbox, Java

 sanitizing media

 SATAN , 2nd

 saving backup media , 2nd

 scp program

screen savers

 password-protected

screensavers

 security risks

 script kiddies

 scripts , 2nd  , 3rd

 breaking

 using time-outs

 writing in security

 search warrants , 2nd

 secret key algorithms

 secrets

 Secure Electronic Transaction (SET) , 2nd

 secure email

 Secure Hash Algorithms (SHA, SHA-1)

 Secure Shell (SSH)

    See : SSL Secure Sockets Layer , 2nd

 Secure Tracking of Office Property

 secure tunneling

 secure web servers

 Secure/MIME

 securing the web server

 security

 against eavesdropping

 design principles

 disabling cookies

 evaluating credit card systems

 evaluating site security

 holograms

 intrusion detection programs

 message digests

 policies, implementing

 programming guidelines

 protecting backups

 servers physical environment

 web applications, and

security holes

 mailing list for

 security mailing lists

 security perimeter

security plan

 confidentiality of

 security policies, Java

security risks

 data storage

 function keys

 personnel

 real world examples

 single-user boot up

 vendor supplied screensavers

 X Windows terminals

 security tools

 security zones

 SecurityManager class (Java)

    See : detectors sensors

 sequence conditions

 server certificates

 server key exchange message

 ServerHello

 servers

 access to

 log files

 physical security of

 proxy

 services, minimizing

 session cookies

 session hijacking

 session keys

 SET (Secure Electronic Transaction) protocol , 2nd

 Set-Cookie header

 SetReg.exe

 settlement

 setuid( ) and setgid( )

 sexygirls.com

 SHA, SHA-1 (Secure Hash Algorithms)

 Shamir, Adi

 shell scripts

 Shockwave

 plug-in

 shredders , 2nd

 signature authentication with PGP

 SignCode.exe , 2nd

 command line operation

 Sims, Joe

 single-user boot up

 SIP (Secure Internet Programming) group

 site exclusion lists

 site inspection

site security

 evaluating

 SLAs (Service Level Agreements)

 smart cards , 2nd

 smart cards and public keys

 smoke, effects on computer equipment

 'Snake Oil' self-signed certificate

 snapshots

 social engineering , 2nd

 employee phonebooks, and

 social engineering attacks , 2nd

 SOCKS

software

 custom

 free

 liability

 for monitoring

 patents

 piracy

 publishing , 2nd

 software failure

 software key escrow

 software patents

 software piracy

 Software Publisher s Pledge

 Software Publishers Association (SPA)

 software publishing certificates , 2nd

 obtaining

 SomarSoft

 source address

 SPA (Software Publishers Association)

spam

preventing

 anti-spam software and services

 Spam Exterminator

 SpamCop

 SpammerSlammer

 spies

spoofing

 DNS spoofing

 forgery-proof identification

 spoofing attacks , 2nd  , 3rd

 sprinkler systems , 2nd

 SRI-NIC

 SSH (Secure Shell) , 2nd  , 3rd

 nonce challenge

 public key authentication

 RSA authentication

 viewing the key

 ssh-keygen program

 SSL (Secure Sockets Layer) , 2nd  , 3rd

 browser alerts

 browser preferences

 certificates, format

 certificates, installation on IIS

 certificates, supported

 history of

 implementations of

 invalid certificates, causes of

 invention by Netscape

 Java, support in

 key-caching

 MD5, use of

 NSS

 open source programs, online resources

 OpenSSL

 performance

 RSA public key algorithm, and

 security deficits

 server addresses,checking

 server certificates, deploying

servers

 supporting packages

 SSLRef

 TCP IP, ports used on top of

 transparency to user

 Unix daemons, adding encryption to

 Version 3.0

web server

 VirtualHost

 SSL Hello

 SSL/TLS , 2nd  , 3rd

 alerts

 ChangeCipherSpec protocol

 compression support

handshake protocol

 ServerHello

 online resources

 protocols

 SSLeay , 2nd

 sslwrap program

 stack attacks

 static audits

 static electricity

 static IP addresses

    See : theft stolen property

 stolen usernames and passwords

 storage

 storing private keys

 stream algorithms

 strength of cryptographic systems

 strength, cryptographic

 string command

 strings(1) command

 striping

 subject.commonName field, wildcards

 substitution ciphers

 SUID and SGID privileges

Sun Java SDK

 code signing system

 Sun Microsystems

 Superincreasing Knapsack Problem

 Surety Technologies, Inc.

 surge suppressors

    See : power surges surges

 Swatch program

 SymLinksIfOwnerMatch option

 symmetric key algorithms

 common schemes

symmetric keys

 exchange, problems with

 security issues

 uniqueness, problems with

 SYN packets

 SYN ACK packets

 syslog

system administration

 errors by

 references on

 sanitizing media

 system calls, checking return codes from

 systems-based crytpographic attacks