[thelist] Website Database Security

Ron White ronwhite at members.evolt.org
Mon May 7 12:40:09 CDT 2001


That wasn't me. I forget who actually made that offer, so I have forwarded
this to thelist so whomever made the offer can add you to his distribution.

Thanks,
Ron White

-----Original Message-----
From: Asif Suria [mailto:asifsuria at yahoo.com]
Sent: Monday, May 07, 2001 1:09 PM
To: ronwhite at members.evolt.org
Subject: RE: [thelist] Website Database Security


Hi Ron,
   My name is Asif and I am currently working on a
project for the University of Oregon. Since the web
servers and websites at the University are constantly
under the threat of getting hacked, I am very
interested in learning more about security issues.
Could you send me a copy of your presentation on
website database security?

Thanks,
Asif

--- Ron White <ronwhite at members.evolt.org> wrote:
> I'm thinking the second "it didn't" was prolly a
> typo...
>
> <snip 1>
> I would love a copy. One question though, if it
> didn't cover closing ports
> and the like and it didn't cover web application
> mistakes, what did it
> cover?
> </snip 1>
> <snip 2>
> Chris (and everyone) - I gave a presentation this
> February on web site
> security. It wasn't "deep", ie, it didn't cover
> network stuff like closing
> ports and stuff, but it didn't cover web application
> mistakes, like not
> checking url parameters, not encrypting cookies w/
> special information, etc.
> While not exactly about databases, it did have a few
> slides concerning how
> URL hacks could attack your db. If you (or anyone
> else) wants a copy, let me
> know.
> </snip 2>
>
> Ron
>
>
>
> ---------------------------------------
> For unsubscribe and other options, including
> the Tip Harvester and archive of TheList go to:
> http://lists.evolt.org Workers of the Web, evolt !


__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/






More information about the thelist mailing list