Hack Proofing ColdFusion

Steve Casco, Rob Rusher, Greg Meyer, Sarge, David Vaccaro, David An

  • 出版商: Syngress
  • 出版日期: 2002-03-31
  • 定價: USD $49.95
  • 售價: $2,332
  • 貴賓價: 9.5$2,215
  • 語言: 英文
  • 頁數: 512
  • 裝訂: Paperback
  • ISBN: 1928994776
  • ISBN-13: 9781928994770

下單後立即進貨 (1週~2週)

商品描述

Code it Right and Make Your App Tight!

Much of the content in Web sites, chat rooms, and e-mail communications was built with the ColdFusion Markup Language. The same properties that make it easy to produce applications in ColdFusion-rapid design and development, loose variable typing, and a programming markup language accessible to nonprogrammers-are attractive attributes to hackers. Hack Proofing ColdFusion will bring the reader the most comprehensive and relevant information needed to help develop and deploy secure applications.

  • Recognize the Top ColdFusion Application Hacks
    See how form field manipulation, URL parameter tampering, common misuse of certain ColdFusion tags, and cross-site scripting can hurt you.
  • Secure Your ColdFusion Development
    Stay ahead of hackers by learning how to use session tracking, error handling, and verifying data types.
  • Identify the Most Dangerous ColdFusion Tags
    The power of certain tags makes them worrisome. Learn about <CFCONTENT>, <CFDIRECTORY>, <CFFILE>, <CFOBJECT> ,and others.
  • Check Your Custom Tags
    Conduct a test harness to see how your custom tags behave when given unintended input.
  • Understand the ColdFusion Application Server
    Review the safeguards of the Application Server, including custom memory management, thread pooling, and more.
  • Set Up the ColdFusion Server Using Advanced Security
    Employ encryption and authentication, customize access control, and set up RDS security.
  • Secure Solaris, Linux, and Apache
    Understand the holes in Apache so you can better secure your ColdFusion application running on Solaris or Linux.
  • Review Database Security and ColdFusion
    See how malicious users can abuse your dynamic queries to run SQL commands of their choosing, and find out how to prevent it from happening.
  • Secure ColdFusion Applications Using Third-Party Tools
    Find complete coverage of Port scanning tools Nmap Scanner, SuperScan, NetScan, as well as DNS tricks and firewalls.
  • Review the Security Features in ColdFusion MX
    Find out how ColdFusion MX will have support for the .NET Framework, how its tags differ, and how the Administrator will have full control over files and directories.
  • Register for Your 1 Year Upgrade
    The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!

Authors:
Greg Meyer
Steve Casco
Sarge,
Rob Rusher
David Vaccaro