[thelist] Hardening a webserver
thelist at cjmarsh.com
thelist at cjmarsh.com
Mon Jan 17 16:47:38 CST 2005
Scott
[..]
> Concentrate on the app and work out from there. Set up
> monitors to identify when things are not as they should be
> (rate and number of transactions is a good thing to watch) so
> that if it is compromised you can minimize the damage.
> Understand the basic patterns of attacks and plan against them.
>
> Do the research that will help prepare you to express your
> needs clearly to security consultants ('cause all the
> research in the world cannot make up for professional
> experience) and to understand when your point is getting across.
If you've got a few quid spare, I can heartily recommend a combination
of "Innocent Code" by Sverre Huseby
(<http://www.amazon.co.uk/exec/obidos/ASIN/0470857447/qid=1106001731/ref
=sr_8_xs_ap_i1_xgl/202-4433640-7131035>) and "Hack Notes: Web Security"
by Mike Shema
(<http://www.amazon.co.uk/exec/obidos/ASIN/0072227842/qid%3D1106001883/2
02-4433640-7131035>). They won't cost you much, and should give you a
good insight between them on security basics.
Regards
Chris Marsh
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.13 - Release Date: 16/01/2005
More information about the thelist
mailing list