Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or an application. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability Analysis and Defense for the Internet provides packet captures, flow charts and detailed analysis of a protocol and concepts of Reverse Engineering, which enables a user to identify whether an application/protocol is vulnerable and how the vulnerability affects the software. If an application is vulnerable, then a user will be able to understand the complexity, and the theory behind the vulnerability. This edited volume contributed by world leaders in this field, also provides psuedo code for effective signatures to prevent vulnerabilities and case studies where the latest exploits are discussed.

Vulnerability Analysis and Defense for the Internet is designed for a professional audience composed of practitioners and researchers in industry. This book is also useful as an advanced-level secondary text book in computer science.

Zusammenfassung
Vulnerability Analysis is a process that defines, identifies, and classifies the vulnerabilities in a computer network or an application. Vulnerability in a network or application can in turn be used to launch various attacks like cross-site scripting attacks, SQL injection attacks, format string attacks, buffer overflows, DNS amplification attacks etc. Although these attacks are not new and are well known, the number of vulnerabilities disclosed to the public jumped nearly 5 percent during the first six months of 2007. This accounts to be the fourth year report, which shows the raise in vulnerability (see the news link on security focus http://www.securityfocus.com/brief/614). In January 2007, a vulnerable network resulted in a theft of 45.6 million credit card numbers in TJX companies due to unauthorized intrusion. A good protocol analysis and effective signature writing is one of the - fective method to prevent vulnerability and minimize the chances of intrusion in the network. However, protocol analysis poses two challenges namely false po- tive and evasion. If the signature to prevent the vulnerability is not written pr- erly, it will result in dropping of a valid traffic thereby resulting in false positive. An effective signature should also consider the chances of evasion; otherwise a malicious attacker can use the variant of exploit and evade the protection provided by the IDS/IPS.

Inhalt
Wireless Security.- Vulnerability Analysis for Mail Protocols.- Vulnerability Analysis for FTP and TFTP.- Vulnerability Analysis for HTTP.- Vulnerability Analysis for DNS and DHCP.- Vulnerability Analysis for SNMP and LDAP.- Vulnerability Analysis for RPC.- Malware Analysis.- Reverse Engineering.