Securing MySQL: step-by-step

Securityfocus.com has published "Securing MySQL: step-by-step" a guide to locking down your MySQL Server. "MySQL is one of the most popular databases on the Internet and it is often used in conjunction with PHP. Besides its undoubted advantages such as easy of use and relatively high performance, MySQL offers simple but very...

Added Penetration Testing Section

I have created a quick reference section for the web application penetration tester. This section breaks down some of our documentation into categories a pen-tester would care about. We provide information on Session ID Attacks, Cross Site Scripting, SQL Injection, HTTP Header Modification, Cookie poisoning and more. This new section can be...

Penetration Testing for Web Applications (Part Three)

Securityfocus.com has released Penetration Testing for Web Applications (Part Three) which talks about Logic programming flaws, Session ID Issues, and mentions a few useful tools that are used for auditing web applications.

MRTG for Intrusion Detection with IIS 6

I found this interesting article on securityfocus which explains how to use mrtg (a popular traffic monitor tool) to monitor intrusion attempts against a IIS 6.0 machine. "But MRTG is also a very effective intrusion detection tool. The concept is simple: attacks often produce some kind of anomalous pattern and human brains...

Basic IIS Lockdown Using Scripts and Group Policy

"Microsoft Active Directory and Group Policy have a feature-rich set of tools and processes to help save an administrator time and energy in maintaining security within the domain. Locking down a server requires many steps to complete, and depending on the extent to which the server is locked down, it can take...

Database Server section added

I have added a Database Server Security section to this site. This will cover database server security specifically. Our first additional is Oracle. Now onto a few site changes: • I have removed the Intrusion detection tab for the time being because I don't feel I'll be working on it for at...

Tomcat security page added

We have added a Apache Tomcat Security page to our application server section. This page will provide links to tutorials, downloads, security documentation, and forums you can go to talk about tomcat security. We will also be releasing a Resin Application server security section on this website sometime this month. Documentation on...
Looking for something else or having a hard time finding a story? We recently moved things around so please use the search bar on the right!