[thelist] Website Database Security - A copy for me too please...

Bruce Heerssen bheerssen at visualbridge.tv
Fri May 4 09:17:16 CDT 2001


Hey, Ray

I'd also like a copy when you can find the time.

Thanks,

Bruce

> -----Original Message-----
> From: thelist-admin at lists.evolt.org
> [mailto:thelist-admin at lists.evolt.org]On Behalf Of Raymond Camden
> Sent: Thursday, May 03, 2001 12:50 PM
> To: thelist at lists.evolt.org
> Subject: RE: [thelist] Website Database Security
> 
> 
> Chris (and everyone) - I gave a presentation this February on web site
> security. It wasn't "deep", ie, it didn't cover network stuff like closing
> ports and stuff, but it didn't cover web application mistakes, like not
> checking url parameters, not encrypting cookies w/ special information, etc.
> While not exactly about databases, it did have a few slides concerning how
> URL hacks could attack your db. If you (or anyone else) wants a copy, let me
> know.
> 
> Also, our site, www.allaire.com, has _numerous_ articles on security issues.
> Of course, they are CF-centric, but many cover issues w/ IIS and general web
> app security stuff. Check out the Security Zone. Actually, I think we _also_
> have stuff on that "deep" crap as well.
> 
> =======================================================================
> Raymond Camden, Principal Spectra Compliance Engineer for Macromedia
> 
> Email   : jedimaster at macromedia.com
> ICQ UIN : 3679482
> 
> "My ally is the Force, and a powerful ally it is." - Yoda
> 




More information about the thelist mailing list