05092nam 2200709Ia 450 991077790170332120200520144314.01-281-85616-997866118561681-84719-489-3(CKB)1000000000779096(EBL)978105(OCoLC)317850624(SSID)ssj0000332231(PQKBManifestationID)11233446(PQKBTitleCode)TC0000332231(PQKBWorkID)10331090(PQKB)11131994(MiAaPQ)EBC978105(Au-PeEL)EBL978105(CaPaEBR)ebr10448387(CaONFJC)MIL185616(PPN)228044235(EXLCZ)99100000000077909620090827d2008 uy 0engur|n|---|||||txtccrJoomla! web security[electronic resource] secure your Joomla! website from common security threats with this easy-to-use guide /Tom CanavanBirmingham, U.K. Packt Pub.c20081 online resource (264 p.)From technologies to solutionsDescription based upon print version of record.1-84719-488-5 Includes bibliographical references and index.Cover; Table of Contents; Preface; Chapter 1: Let's Get Started; Introduction; Common Terminology; Hosting-Selection and Unique Needs; What Is a Host?; Choosing a Host; Questions to Ask a Prospective Host; Facilities; Things to Ask Your Host about Facility Security; Environmental Questions about the Facility; Site Monitoring and Protection; Patching and Security; Shared Hosting; Dedicated Hosting; Architecting for a Successful Site; What Is the Purpose of Your Site?; Eleven Steps to Successful Site Architecture; Downloading Joomla!; Settings; .htaccess; Permissions; User ManagementCommon Trip UpsFailure to Check Vulnerability List First; Register Globals, Again; Permissions; Poor Documentation; Got Backups?; Setting Up Security Metrics; Summary; Chapter 2: Test and Development; Welcome to the Laboratory!; Test and Development Environment; What Does This Have to Do with Security?; The Evil Hamster Wheel of Upgrades; Determine the Need for Upgrade; Developing Your Test Plan; Essential Parameters for a Successful Test; Using Your Test and Development Site for Disaster Planning; Updating Your Disaster Recovery DocumentationMake DR Testing a Part of Your Upgrade/Rollout CycleCrafting Good Documentation; Using a Software Development Management System; Tour of Lighthouse from Artifact Software; Reporting; Using the Ravenswood Joomla! Server; Roll-out; Summary; Chapter 3: Tools; Introduction; Tools, Tools, and More Tools; HISA; Installation Check; Web-Server Environment; Required Settings for Joomla!; Recommended Settings; Joomla Tools Suite with Services; How's Our Health?; NMAP-Network Mapping Tool from insecure.org; Wireshark; Metasploit-The Penetration Testers Tool Set; Nessus Vulnerability ScannerWhy You Need NessusSummary; Chapter 4: Vulnerabilities; Introduction; Importance of Patching is Paramount; What is a Vulnerability?; Memory Corruption Vulnerabilities; SQL Injections; Command Injection Attacks; Attack Example; Why do Vulnerabilities Exist?; What Can be Done to Prevent Vulnerabilities?; Developers; Poor Testing and Planning; Forbidden; Improper Variable Sanitization and Dangerous Inputs; Not Testing in a Broad Enough Environment; Testing for Various Versions of SQL; Interactions with Other Third-Party Extensions; End Users; Social Engineering; Poor Patching and UpdatingSummaryChapter 5: Anatomy of Attacks; Introduction; SQL Injections; Testing for SQL Injections; A Few Methods to Prevent SQL Injections; And According to PHP.NET; Remote File Includes; The Most Basic Attempt; What Can We Do to Stop This?; Preventing RFI Attacks; Summary; Chapter 6: How the Bad Guys Do It; Laws on the Books; Acquiring Target; Sizing up the Target; Vulnerability Tools; Nessus; Nikto: An Open-Source Vulnerability Scanner; Acunetix; NMAP; Wireshark; Ping Sweep; Firewalk; Angry IP Scanner; Digital Graffiti versus Real Attacks; Finding Targets to Attack; What Do I Do Then?CountermeasuresSecure your Joomla! website from common security threats with this easy-to-use guideFrom technologies to solutions.Web sitesSecurity measuresComputer networksSecurity measuresWeb sitesAuthoring programsWeb site developmentWeb sitesSecurity measures.Computer networksSecurity measures.Web sitesAuthoring programs.Web site development.005.8Canavan Tom1552590MiAaPQMiAaPQMiAaPQBOOK9910777901703321Joomla! web security3812605UNINA