Poised Solutions Library

Poised Solutions Tech Library

book review
apache security

 Poised Solutions

Apache Security Book Review

IT Security
IT Library
Apache Security

Apache Security

Amazon UKAmazon USA
Apache Security
Author:
Ivan Ristic
Publisher:
O'Reilly
Published:
2005
Pages:
396

Apache Security

Apache Security Chapters

Apache Security Chapters
  1. Apache Security Principles
    • Security Definitions
      • Essential Security Principles
      • Common Security Vocabulary
      • Security Process Steps
      • Threat Modeling
      • System-Hardening Matrix
      • Calculating Risk
    • Web Application Architecture Blueprints
      • User View
      • Network View
      • Apache View
  2. Installation and Configuration
    • Installation
      • Source or Binary
      • Static Binary or Dynamic Modules
      • Folder Locations
      • Installation Instructions
    • Configuration and Hardening
      • Setting up the Server User Account
      • Setting Apache Binary File Permissions
      • Configuring Secure Defaults
      • Enabling CGI Scripts
      • Logging
      • Setting Server Configuration Limits
      • Preventing Information Leaks
    • Changing Web Server Identity
      • Changing the Server Header Field
      • Removing Default Content
    • Putting Apache in Jail
      • Tools of the chroot Trade
      • Using chroot to Put Apache in Jail
      • Using the chroot(2) Patch
      • Using mod_security or mod_chroot
  3. PHP
    • Installation
      • Using PHP as a Module
      • Using PHP as a CGI
      • Choosing Modules
    • Configuration
      • Disabling Undesirable Options
      • Disabling Functions and Classes
      • Restricting Filesystem Access
      • Setting Logging Options
      • Setting Limits
      • Controlling File Uploads
      • Increasing Session Security
      • Setting Safe Mode Options
    • Advanced PHP Hardening
      • PHP 5 SAPI Input Hooks
      • Hardened PHP
  4. SSL and TLS
    • Cryptography
      • Symmetric Encryption
      • Asymmetric Encryption
      • One-Way Encryption
      • Public-Key Infrastructure
      • How it All Falls into Place
    • SSL
      • SSL Communication Summary
      • Is SSL Secure?
    • OpenSSL
    • Apache and SSL
      • Installing mod_ssl
      • Generating Keys
      • Generating a Certificate Signing Request
      • Signing Your Own Certificate
      • Getting a Certificate Signed by a CA
      • Configuring SSL
    • Setting Up a Certificate Authority
      • Preparing the CA Certificate for Distribution
      • Issuing Server Certificates
      • Issuing Client Certificates
      • Revoking Certificates
      • Using Client Certificates
    • Performance Considerations
      • OpenSSL Benchmark Script
      • Hardware Acceleration
  5. Denial of Service Attacks
    • Network Attacks
      • Malformed Traffic
      • Brute-Force Attacks
      • SYN Flood Attacks
      • Source Address Spoofing
      • Distributed Denial of Service Attacks
      • Reflection DoS Attacks
    • Self-Inflicted Attacks
      • Badly Configured Apache
      • Poorly Designed Web Applications
      • Real-Life Client Problems
    • Traffic Spikes
      • Content Compression
      • Bandwidth Attacks
      • Cyber Activism
      • The Slashdot Effect
    • Attacks on Apache
      • Apache Vulnerabilities
      • Brute-Force Attacks
      • Programming Model Attacks
    • Local Attacks
      • PAM Limits
      • Process Accounting
      • Kernel Auditing
    • Traffic-Shaping Modules
    • DoS Defense Strategy
  6. Sharing Servers
    • Sharing Problems
      • File Permission Problems
      • Dynamic-Content Problems
      • Sharing Resources
      • Share Domain Name Problems
      • Information Leaks on Execution Boundaries
    • Distributing Configuration Data
    • Securing Dynamic Requests
      • Enabling Script Execution
      • Setting CGI Script Limits
      • Using suEXEC
      • FastCGI
      • Running PHP as a Module
    • Working with Large Numbers of Users
      • Web Shells
      • Dangerous Binaries
  7. Access Control
    • Overview
    • Authentication Methods
      • Basic Authentication
      • Digest Authentication
      • Form-Based Authentication
    • Access Control in Apache
      • Basic Authentication Using Plaintext Files
      • Basic Authentication Using DBM Files
      • Digest Authentication
      • Certificate Based Access Control
      • Network Access Control
      • Proxy Access Control
      • Final Access Control Notes
    • Single Sign-on
      • Web Single Sign-on
      • Simple Apache-Only Single Sign-on
  8. Logging and Monitoring
    • Apache Logging Facilities
      • Request Logging
      • Error Logging
      • Special Logging Modules
      • Audit Log
      • Performance Measurement
      • File Upload Interception
      • Application Logs
      • Logging as Much as Possible
    • Log Manipulation
      • Piped Logging
      • Log Rotation
      • Issues with Log Distribution
    • Remote Logging
      • Manual Centralization
      • Syslog Logging
      • Database Logging
      • Distributed Logging with the Spread Toolkit
    • Logging Strategies
    • Log Analysis
    • Monitoring
      • File Integrity
      • Event Monitoring
      • Web Server Status
  9. Infrastructure
    • Application Isolation Strategies
      • Isolating Applications from Servers
      • Isolating Application Modules
      • Utilizing Virtual Servers
    • Host Security
      • Restricting and Securing User Access
      • Deploying Minimal Services
      • Gathering Information and Monitoring Events
      • Securing Network Access
      • Advanced Hardening
      • Keeping Up to Date
    • Network Security
      • Firewall Usage
      • Centralized Logging
      • Network Monitoring
      • External Monitoring
    • Using a Reverse Proxy
      • Apache Reverse Proxy
      • Reverse Proxy by Network Design
      • Reverse Proxy by Redirecting Network Traffic
    • Network Design
      • Reverse Proxy Patterns
      • Advanced Architectures
  10. Web Application Security
    • Session Management Attacks
      • Cookies
      • Session Management Concepts
      • Keeping in Touch with Clients
      • Session Tokens
      • Session Attacks
      • Good Practices
    • Attacks on Client
      • Typical Client Attack Targets
      • Phising
    • Application Logic Flaws
      • Cookies and Hidden Fields
      • POST Method
      • Referrer Check Flaws
      • Process State Management
      • Client-Side Validation
    • Information Disclosure
      • HTML Source Code
      • Directory Listings
      • Verbose Error Messages
      • Debug Messages
    • File Disclosure
      • Path Traversal
      • Application Download Flaws
      • Source Code Disclosure
      • Predictable File Locations
    • Injection Flaws
      • SQL Injection
      • Cross-Site Scripting
      • Command Execution
      • Code Execution
      • Preventing Injection Attacks
    • Buffer Overflows
    • Evasion Techniques
      • Simple Evasion Techniques
      • Path Obfuscation
      • URL Encoding
      • Unicode Encoding
      • Null-Byte Attacks
      • SQL Evasion
    • Web Application Security Resources
      • General Resources
      • Web Application Security Resources
  11. Web Security Assessment
    • Black-Box Testing
      • Information Gathering
      • Web Server Analysis
      • Web Application Analysis
      • Attacks Against Access Control
      • Vulnerability Probing
    • White-Box Testing
      • Architectural Review
      • Configuration Review
      • Functional Review
    • Gray-Box Testing
  12. Web Intrusion Detection
    • Evolution of Web Intrusion Detection
      • Is Intrusion Detection the Right Approach?
      • Log Based Web Intrusion Detection
      • Real-Time Web Intrusion Detection
      • Web Intrusion Detection Features
    • Using mod_security
      • Introduction
      • More-Configuration Advice
      • Deployment Guidlelines
      • Detecting Common Attacks
      • Advanced Topics
Apache Security Appendices
  1. Tools
  2. Index
Hardening
Hardening Linux

Hardening Linux

Security Engineering

Security Engineering

Security Warrior

Security Warrior

Linux Firewalls

Linux Firewalls

Network Security Bible

Network Security Bible

Secure Coding in C and C++

Secure Coding in C and C++

Linux Network Security

Linux Network Security

Compilers Principles Techniques and Tools

Compilers Principles Techniques and Tools

Firewalls and Internet Security

Firewalls and Internet Security

Network Security Assessment

Network Security Assessment

File System Forensic Analysis

File System Forensic Analysis

Beautiful Security

Beautiful Security

Secrets and Lies Digital Security in a Networked World

Secrets and Lies Digital Security in a Networked World

Linux Security Toolkit

Linux Security Toolkit

Secure Coding

Secure Coding

Secure Architectures with OpenBSD

Secure Architectures with OpenBSD

Schneier on Security

Schneier on Security

Incident Response

Incident Response

Apache Security

Apache Security

Network Security Hacks

Network Security Hacks

Beyond Fear

Beyond Fear

Information Technology Law

Information Technology Law

Learning NAGIOS 3.0

Learning NAGIOS 3.0

Linux iptables Pocket Reference

Linux iptables Pocket Reference

Oracle Security

Oracle Security

Silence on the Wire

Silence on the Wire

Absolute BSD

Absolute BSD

The Rootkit Arsenal

The Rootkit Arsenal

Viruses Revealed

Viruses Revealed

TCP/IP Network Administration

TCP/IP Network Administration

Aggressive Network Self Defense

Aggressive Network Self Defense

Teach Yourself SQL

Teach Yourself SQL

The Art of War

The Art of War

The Book of Five Rings

The Book of Five Rings

Firefox Hacks

Firefox Hacks

LPIC 1

LPIC 1

Hacking Exposed

Hacking Exposed

Thank You for Arguing

Thank You for Arguing

Poised Solutions Library
Programming Books  |  Administration Books  |  Cyber Security Books
Computer Science Books  |  Electronic Books  |  Literature Books

Cyber Security Hardening  |  Cyber Security Monitoring
Cyber Security Encryption  |  Cyber Security Penetration

© Poised Solutions Copyright 2008 - 2010

Poised Solutions Web Development and Web Design by Poised Solutions IT Practice

Guild of Developers  •  PantheonOS  •  Cyber Security