Lavoisier S.A.S.
14 rue de Provigny
94236 Cachan cedex
FRANCE

Heures d'ouverture 08h30-12h30/13h30-17h30
Tél.: +33 (0)1 47 40 67 00
Fax: +33 (0)1 47 40 67 02


Url canonique : www.lavoisier.fr/livre/informatique/maximum-apache-security-a-hackers-s-guide-to-protecting-your-apache-web-server-with-cd-rom/descriptif_1480425
Url courte ou permalien : www.lavoisier.fr/livre/notice.asp?ouvrage=1480425

0 article 

 Frais de port 0,01€*

Exclusivité web : à partir de 35 euros d’achat, frais de port à 1 centime pour les expéditions vers la France métropolitaine, la Suisse et l’UE avec Colissimo ou GLS

Maximum apache security. A hackers's guide to protecting your apache Web server (with CD-Rom)

Langue : Anglais
Couverture de l’ouvrage Maximum apache security. A hackers's guide to protecting your apache Web server (with CD-Rom)

A complete guide to securing the worlds most popular Web server, written by the original Maximum Security author.

  • Details system holes, hacker attack methods, and tools for breaching an Apache-based Web site.
  • Apache configuration, administration, and development can be extremely complex-and if improperly done can leave a Web site vulnerable to attack.
  • Written by the same best-selling author of Maximum Security and Maximum Linux Security.
With more than 65 percent of Web sites using the Apache Web server and the Apache-based open source Web development environment --and with the risk of sabotage greater than ever--Apache administrators and developers need to know how to build and maintain secure Web servers and Web applications. Yet most of the currently available Apache books lack detailed information on important Web administration topics like security. Maximum Apache Security details the complex security weaknesses and risks of Apache, and provides hands-on solutions for keeping a Web site secure and buttressed against intruders. It includes up-to-date coverage of both Apache 2.0 as well as Apache 1.3.

Anonymous, author of the controversial bestsellers Maximum Security and Maximum Linux Security, is an experienced computer hacker who was convicted of a series of financial crimes after developing a technique to circumvent bank security in automatic teller machines. He now works as a writer, trainer, Internet and Unix site manager, and security consultant in California.

(NOTE: Each chapter concludes with a Summary.)
Introduction.

Why Did I Write This Book? What This Book Will Tell You. System Requirements. This Books Organization. About Examples in This Book.

I. GETTING STARTED.


1. How Apache Handles Security.
Generic HTTP Security Considerations. Apache Security Facilities. Apache Extensibility. Things Apache Cant Defend Against.

II. CREATING A SECURE APACHE HOST SERVER.


2. The Risks: Cracking Apache.
Inherent Risks of Running a Web Server. Sobering Statistics to Consider. How Security Disasters Develop.

3. Establishing Minimum Server Security.
Physical Security Concepts. Server Location and Physical Access. Network Topology. BIOS and Console Passwords. Media and Boot Security. Anti-Theft Devices.

4. Environmental Hazards: Apache and Your Operating System.
Apache and Your Underlying Operating System. Environmental Risks Common to Unix. Environmental Risks Common to Windows. Other Environmental Risks.

5. Apache, Databases, and Security.
Apache Database Support. Apache and Proprietary Databases. Apache and MySQL. PostgreSQL. Apache and Commercial SQL Packages. General Database Security Measures.

III. HACKING APACHES CONFIGURATION.


6. Apache Versions and Security.
Brief History of Apache Versions. Security Issues Common to Apache Releases. Patch Maintenance and Other Measures.

7. Version 2.0 IPv6 Support.
What Is IPv6? IPv6 and Security. Why Does Apache Support IPv6? Apache and IPv6 Addressing. IPv6 Address Issues in Development. Listen, NameVirtualHost, and VirtualHost. IPv6 Implementations.

8. Overlording Apache Server: General Administration.
Permissions and Apache Server. URL Mapping and Security. Resource Usage. Apache Server Tools.

9. Spotting Crackers: Apache Logging Facilities.
What Is Logging, Exactly? How Apache Handles Logging. httpd Logs. Some Security Caveats About Logs. Piped Logs. The SetEnvIf Directive and Conditional Logging. Other Interesting Apache-Related Logging Tools. Other Interesting Logging Tools Not Specific to Apache.

IV. RUNTIME APACHE SECURITY.


10. Apache Network Access Control.
What Is Network Access Control? How Apache Handles Network Access Control: Introducing mod_access. Using Network Access Control in Apache (httpd.conf). Virtual Hosts and Network Access Control.

11. Apache and Authentication: Who Goes There?
What Is Authentication? How Apache Handles Basic Authentication: Introducing mod_auth. Htpasswd. Weaknesses in Basic HTTP Authentication. DBM File-Based Authentication: Introducing mod_auth_dbm. HTTP and Cryptographic Authentication. SSL-Based Authentication. Other Tools for Extending Apaches Authentication. Holes in Apache Authentication: Historical Perspective.

12. Hacking Secure Code: Apache at Server Side.
Apache Language Support. What Is Server-Side Programming? General CGI Security Issues. Spawning Shells. Buffer Overruns. Paths, Directories, and Files. PHP. Interesting Security Programming and Testing Tools. Other Online Resources.

13. Hacking Secure Code: Apache at Client Side.
What Is Client-Side Programming? General Client-Side Security Issues. JavaScript. VBScript.

V. ADVANCED APACHE.


14. Apache Under the Hood: Open Source and Security.
Security Contexts in Apaches Source Tree. Files That Deal with Passwords. Files That Deal with General Security. Key Apache C Source Files and What They Do. Include File Cross-Reference.

15. Apache/SSL.
What Is

Date de parution :

Ouvrage de 664 p.

19x23 cm

Sous réserve de disponibilité chez l'éditeur.

Prix indicatif 59,52 €

Ajouter au panier

Thèmes de Maximum apache security. A hackers's guide to protecting... :