Index
[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[R]
[S]
[T]
[U]
[V]
[W]
[X]
safe mode, PHP
Sam Spade information-gathering tool
SAPI input hooks
Satisfy
ScriptAlias directive
enabling script execution
scripting, XSS security flaw
attack warning patterns
consequences
detecting attacks
resources for
search engines
SEC (Simple Event Correlator)
SecFilterForceByteRange directive
SecFilterInheritance directive
SecFilterScanPOST directive
SecFilterSelective directive
secret-key encryption
SecUploadInMemoryLimit directive
Secure FTP (SFTP)
Secure Hash Algorithm 1 (SHA-1)
Secure Sockets Layer
[See SSL]
security
Apache backdoors
authentication, flawed, real-life example of
CIA triad
common phases example
cryptography
[See cryptography]
defensible networks (Bejtlich)
file descriptor leakage vulnerability 2nd
hardening, system-hardening matrix
HTTP communication security
hybrid model
models, negative versus positive
PHP
interpreter issues
module, making secure
resources
safe mode 2nd
sessions
principles
essential
goals for
process steps
protection reverse proxies
risk
calculating
factors
isolating in a network
multiple levels of
public service as root
scanners
Nessus
Nikto
shared server resources
symbolic links
term definitions
threat modeling
methodology
mitigation practices
resources
typical attacks
vocabulary, common
segmentation fault
server header field, changing
server-side includes (SSIs)
ServerLimit directive
servers
changing identity
default content, removing
server header field
clusters
fault-tolerant with Wackamole
management node
node failure
reverse proxy
crashing, log request causing
Digest authentication of
firewalls
[See firewalls]
high availability
host security
advanced hardening
information and event monitoring
minimal services
network access
SFTP
updating software
user access
HTTP Keep-Alive
load balancing
DNSRR
manual
netstat port-listing tool
performance reverse proxy
proxy, access control
software updating
symbolic links
synchronizing clocks on (ntpdate utility)
tuning steps (Lim)
user accounts, setting up
ServerSignature directive
ServerTokens directive
SetEnvIf directive
SetHandler directive
SFTP (Secure FTP)
SHA-1 secure hash algorithm
SHA-256 secure hash algorithm
SHA-384 secure hash algorithm
SHA-512 secure hash algorithm
sharing servers
configuration data, distributing
.htaccess
configuration errors
dynamic requests, securing
CGI limits, setting
FastCGI
handlers, types, and filters, assigning
PHP as module
script execution
ScriptAlias directive
SSIs
suEXEC
[See suEXEC execution wrapper]
problems
domain names, sharing
dynamic-content
file permissions
information leaks
resources, sharing
untrusted parties
users, large number of
dangerous binaries
web shells
Simple Event Correlator (SEC)
Simple Network Management Protocol (SNMP)
simplicity security principle
single sign-on
[See SSO]
SiteDigger information-gathering tool
Slapper Worm
Slashdot effect
SNMP (Simple Network Management Protocol)
Spread Toolkit (distributed logging)
SQL injection attacks
database feature problems
detecting attacks
example
query statements
resources for
UNION construct
SSIs (server-side includes)
SSL (Secure Sockets Layer) 2nd
Apache, and
broken SSL clients
certificates, signing
configuring
directives
keys, generating
mod_ssl, installing
non-SSL content
reliable startup
server private key
session issues
CA, setting up
distribution, preparing for
issuing client certificates
issuing server certificates
keys, generating
process
revoking certificates
using client certificates
certificate chain
communication summary
OpenSSL
[See OpenSSL]
performance
HTTP Keep-Alive
OpenSSL benchmark script
port, connection
security of
MITM attacks
nontechnical issues
testing
SSLDigger information-gathering tool
SSLDump protocol analyzer
SSLRequireSSL directive
SSLVerifyClient require directive
SSLVerifyDepth 1 directive
SSO (single sign-on)
Apache
web-only
StartServers directive
strace system call tracer
Stunnel network-level tool
suEXEC execution wrapper
CGI script limits, setting
error messages
hybrid security model
mass virtual hosting
outside virtual hosts
suid modules, third-party
Swatch monitoring program
symbolic links
symmetric (private-key) encryption 2nd
synchronizing clocks on servers (ntpdate utility)
system-hardening matrix
|
