While much has changed on the Internet,
the ???browser security model,??? or the lack thereof, has not. IE 7 is Microsoft??™s move to
change that trend in the next few years.
THE HACKING EXPOSED METHODOLOGY
As with the entire Hacking Exposed series, the basic building blocks of this book are the
attacks and countermeasures discussed in each chapter.
The attacks are highlighted here as they are throughout the Hacking Exposed series:
This Is an Attack Icon
Highlighting attacks like this makes it easy to identify specific penetration-testing tools
and methodologies, and points you right to the information you need to convince
management to fund your new security initiative.
Each attack is also accompanied by a Risk Rating, scored exactly as in Hacking
Exposed:
Introduction xxv
Popularity: The frequency of use in the wild against live targets: 1 being most rare,
10 being widely used
Simplicity: The degree of skill necessary to execute the attack: 10 being little or no
skill, 1 being seasoned security programmer
Impact: The potential damage caused by successful execution of the attack: 1
being revelation of trivial information about the target,
10 being superuser account compromise or equivalent
Risk Rating: The preceding three values are averaged to give the overall risk rating
and rounded to the next highest whole number
xxvi Hacking Exposed Web 2.
Pages:
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59