找回密码
 注册
搜索
热搜: java php web
查看: 541|回复: 5

Preventing Web Attacks with Apache

[复制链接]
发表于 2009-8-31 15:40:10 | 显示全部楼层 |阅读模式



作者:Ryan C. Barnett
出版日期:January 27, 2006
出版社:Addison Wesley
页数:624
ISBN:ISBN-10: 0-321-32128-6 ISBN-13: 978-0-321-32128-2
文件格式:CHM


“Ryan Barnett has raisedthe bar in terms of running Apache securely. If you run Apache, stopright now and leaf through this book; you need this information.”
Stephen Northcutt, The SANS Institute

The only end-to-end guide to securing Apache Web servers and Web applications

Apache can behacked. As companies have improved perimeter security, hackers haveincreasingly focused on attacking Apache Web servers and Webapplications. Firewalls and SSL won’t protect you: you mustsystematically harden your Web application environment. Preventing Web Attacks with Apachebrings together all the information you’ll need to do that:step-by-step guidance, hands-on examples, and tested configurationfiles.

Building on his groundbreaking SANS presentations onApache security, Ryan C. Barnett reveals why your Web servers representsuch a compelling target, how significant exploits are performed, andhow they can be defended against. Exploits discussed include: bufferoverflows, denial of service, attacks on vulnerable scripts andprograms, credential sniffing and spoofing, client parametermanipulation, brute force attacks, web defacements, and more.

Barnett introduces the Center for Internet SecurityApache Benchmarks, a set of best-practice Apache security configurationactions and settings he helped to create. He addresses issues relatedto IT processes and your underlying OS; Apache downloading,installation, and configuration; application hardening; monitoring, andmore. He also presents a chapter-length case study using actual Webattack logs and data captured “in the wild.”

For every sysadmin, Web professional, and security specialist responsible for Apache or Web application security.

With this book, you will learn to
  • Address the OS-related flaws most likely to compromise Web server security
  • Perform security-related tasks needed to safely download, configure, and install Apache
  • Lock down your Apache httpd.conf file and install essential Apache security modules
  • Test security with the CIS Apache Benchmark Scoring Tool
  • Use the WASC Web Security Threat Classification to identify and mitigate application threats
  • Test Apache mitigation settings against the Buggy Bank Web application
  • Analyze an Open Web Proxy Honeypot to gather crucial intelligence about attackers
  • Master advanced techniques for detecting and preventing intrusions

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

×
发表于 2009-9-7 00:48:35 | 显示全部楼层
create~~~~~~~~~,Thank you very much

评分

1

查看全部评分

回复

使用道具 举报

发表于 2009-9-7 11:15:08 | 显示全部楼层
aaaaaaaaaaaaaaaaaaaaaaa

评分

1

查看全部评分

回复

使用道具 举报

发表于 2009-9-11 16:33:52 | 显示全部楼层
这个是个好东西呀,谢谢
回复

使用道具 举报

发表于 2009-9-11 16:34:24 | 显示全部楼层
正在学习中
回复

使用道具 举报

发表于 2009-9-11 16:37:30 | 显示全部楼层
多谢楼主分享资料
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|软晨网(RuanChen.com)

GMT+8, 2024-11-23 10:03

Powered by Discuz! X3.5

Copyright © 2001-2023 Tencent Cloud.

快速回复 返回顶部 返回列表