Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Preventing Web Attacks with Apache", Ryan C. Barnett

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKPRWAWA.RVW 20060913 Preventing Web Attacks with Apache , Ryan C. Barnett, 2006, 0-321-32128-6, U$49.99/C$66.99 %A Ryan C. Barnett %C P.O. Box 520, 26
    Message 1 of 1 , Nov 3, 2006
    • 0 Attachment
      BKPRWAWA.RVW 20060913

      "Preventing Web Attacks with Apache", Ryan C. Barnett, 2006,
      0-321-32128-6, U$49.99/C$66.99
      %A Ryan C. Barnett
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2006
      %G 0-321-32128-6
      %I Addison-Wesley Publishing Co.
      %O U$49.99/C$66.99 416-447-5101 fax: 416-443-0948
      %O http://www.amazon.com/exec/obidos/ASIN/0321321286/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0321321286/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0321321286/robsladesin03-20
      %O Audience a- Tech 2 Writing 2 (see revfaq.htm for explanation)
      %P 582 p.
      %T "Preventing Web Attacks with Apache"

      Chapter one notes that there have been many attacks against Web
      servers and the applications running on them. It also lists the
      common excuses presented for a lack of security preparation (and
      assesses the weakness of those arguments). Hardening of the (UNIX)
      operating system, and network operating system, in order to establish
      a trusted computing base for the Web server application, are dealt
      with in chapter two. Initial installation of the Apache software is
      covered in chapter three. Chapter four reviews the configuration
      file, and properly secure settings and options. Security related
      modules in the Apache suite are discussed in chapter five. Chapter
      six reviews the Center for Internet Security Apache security benchmark
      tool. The Web Application Security Consortium (WASC) threat
      classification system is described, in chapter seven, with specific
      reference to Apache countermeasures against these attacks. (The
      material provides nice explanations and examples of a variety of
      exploits.) Buggy Bank, an intentionally flawed e-commerce application
      that provides practice in hardening a Web server, is outlined in
      chapter eight. Chapter nine looks at various countermeasures and
      controls that can be applied to Web servers and sites, noting
      strengths and weaknesses, and also noting which work most effectively,
      as well as which can be implemented via Apache functions. If you'd
      like to do primary research and gather information on attacks and the
      level of threat to Web servers, chapter ten details the settings and
      requirements for using Apache to set up a honeypot server. Chapter
      eleven finishes off with basic advice on issues such as patch
      management, and also broadens the discussion to some fundamental
      concerns in Internet security measures.

      A helpful guide for those using Apache.

      copyright Robert M. Slade, 2006 BKPRWAWA.RVW 20060913


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Gourmet coffee shops -- just what we need ... a place where
      people who talk too much anyway can go for caffeine.
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
      http://victoria.tc.ca/techrev/rms.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.