Apache Security - Ivan Ristic [218]
database feature problems, Special database features
example, A working example
query statements, Multiple statements in a query
resources for, SQL injection attack resources
UNION construct, Union
International Data Encryption Algorithm (IDEA), Symmetric Encryption
intrusion containment, chroot (jail), Putting Apache in Jail
intrusion detection, Static Binary or Dynamic Modules, Network Monitoring, Network Monitoring, Network Monitoring, Intrusion detection and HTTP, Evasion Techniques, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Is Intrusion Detection the Right Approach?, Log-Based Web Intrusion Detection, Real-Time Web Intrusion Detection, Web Intrusion Detection Features, Protocol anomaly detection, Negative versus positive security models, Rule-based versus anomaly-based protection, Enforcing input validation, State management, Anti-evasion techniques, Response monitoring and information leak prevention, Using mod_security, Deployment Guidelines, Deployment Guidelines, Reasonable configuration starting point, Detecting Common Attacks, Detecting Common Attacks, Database attacks, Database attacks, Cross-site scripting attacks, Command execution and file disclosure
Apache backdoors, Static Binary or Dynamic Modules
detecting common attacks, Detecting Common Attacks, Detecting Common Attacks, Database attacks, Database attacks, Cross-site scripting attacks, Command execution and file disclosure
command execution and file disclosure, Command execution and file disclosure
content management system problems, Detecting Common Attacks
database, Database attacks
database-specific patterns, Database attacks
XSS, Cross-site scripting attacks
evolution of, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection, Evolution of Web Intrusion Detection
HIDSs, Evolution of Web Intrusion Detection
NIDS, Evolution of Web Intrusion Detection
features, Web Intrusion Detection Features, Protocol anomaly detection, Negative versus positive security models, Rule-based versus anomaly-based protection, Enforcing input validation, State management, Anti-evasion techniques, Response monitoring and information leak prevention
anti-evasion techniques, Anti-evasion techniques
input validation enforcement, Enforcing input validation
negative versus positive models, Negative versus positive security models
protocol anomaly, Protocol anomaly detection
response monitoring (information leak detection), Response monitoring and information leak prevention
rule-based versus anomaly-based, Rule-based versus anomaly-based protection
state management, State management
firewall deployment guidelines, Deployment Guidelines, Deployment Guidelines, Reasonable configuration starting point
configuration starting point, reasonable, Reasonable configuration starting point
steps, Deployment Guidelines
host-based, Evolution of Web Intrusion Detection
HTTP traffic and, Intrusion detection and HTTP
log-based, Log-Based Web Intrusion Detection
mod_security firewall module, Using mod_security (see mod_security firewall module)
network, Evolution of Web Intrusion Detection
real-time, Real-Time Web Intrusion Detection
systems for, Network Monitoring, Network Monitoring, Network Monitoring, Evasion Techniques
Prelude tool, Network Monitoring
Snort tool, Network Monitoring
value of, Is Intrusion Detection the Right Approach?
J
jail, Putting Apache in Jail (see chroot)
K
Keep-Alive feature, OpenSSL Benchmark Script
kernel patches for advanced hardening, Advanced Hardening
L
ldd shared library namer tool, Using ldd to discover dependencies
learning environments, Learning Environments, WebMaven, WebGoat
WebGoat, WebGoat
WebMaven, WebMaven
LimitXMLRequestBody directive, Setting Server Configuration Limits
LogFormat logging directive, LogFormat, LogFormat, LogFormat, LogFormat, LogFormat
Apache 2 format strings,