Hack Proofing ColdFusion
暫譯: ColdFusion 安全防護指南

Steve Casco, Rob Rusher, Greg Meyer, Sarge, David Vaccaro, David An

Hack Proofing ColdFusion
  • 出版商: Syngress Media
  • 售價: $1,900
  • 貴賓價: 9.5$1,805
  • 語言: 英文
  • 頁數: 512
  • 裝訂: Paperback
  • ISBN: 1928994776
  • ISBN-13: 9781928994770

    • 已過版

買這商品的人也買了...

商品描述

Code it Right and Make Your App Tight!

Much of the content in Web sites, chat rooms, and e-mail communications was built with the ColdFusion Markup Language. The same properties that make it easy to produce applications in ColdFusion-rapid design and development, loose variable typing, and a programming markup language accessible to nonprogrammers-are attractive attributes to hackers. Hack Proofing ColdFusion will bring the reader the most comprehensive and relevant information needed to help develop and deploy secure applications.

  • Recognize the Top ColdFusion Application Hacks
    See how form field manipulation, URL parameter tampering, common misuse of certain ColdFusion tags, and cross-site scripting can hurt you.
  • Secure Your ColdFusion Development
    Stay ahead of hackers by learning how to use session tracking, error handling, and verifying data types.
  • Identify the Most Dangerous ColdFusion Tags
    The power of certain tags makes them worrisome. Learn about <CFCONTENT>, <CFDIRECTORY>, <CFFILE>, <CFOBJECT> ,and others.
  • Check Your Custom Tags
    Conduct a test harness to see how your custom tags behave when given unintended input.
  • Understand the ColdFusion Application Server
    Review the safeguards of the Application Server, including custom memory management, thread pooling, and more.
  • Set Up the ColdFusion Server Using Advanced Security
    Employ encryption and authentication, customize access control, and set up RDS security.
  • Secure Solaris, Linux, and Apache
    Understand the holes in Apache so you can better secure your ColdFusion application running on Solaris or Linux.
  • Review Database Security and ColdFusion
    See how malicious users can abuse your dynamic queries to run SQL commands of their choosing, and find out how to prevent it from happening.
  • Secure ColdFusion Applications Using Third-Party Tools
    Find complete coverage of Port scanning tools Nmap Scanner, SuperScan, NetScan, as well as DNS tricks and firewalls.
  • Review the Security Features in ColdFusion MX
    Find out how ColdFusion MX will have support for the .NET Framework, how its tags differ, and how the Administrator will have full control over files and directories.
  • Register for Your 1 Year Upgrade
    The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!

Authors:
Greg Meyer
Steve Casco
Sarge,
Rob Rusher
David Vaccaro

商品描述(中文翻譯)

```
正確編碼,讓你的應用程式更緊湊!

許多網站、聊天室和電子郵件通訊中的內容都是使用 ColdFusion 標記語言構建的。使 ColdFusion 應用程式開發變得簡單的特性——快速設計和開發、鬆散的變數類型以及對非程式設計師可訪問的程式設計標記語言——對駭客來說也是吸引人的特徵。《Hack Proofing ColdFusion》將為讀者提供最全面和相關的信息,以幫助開發和部署安全的應用程式。



  • 識別最常見的 ColdFusion 應用程式駭客攻擊

    了解表單欄位操控、URL 參數篡改、某些 ColdFusion 標籤的常見誤用以及跨站腳本攻擊如何對你造成傷害。


  • 保護你的 ColdFusion 開發

    通過學習如何使用會話追蹤、錯誤處理和驗證數據類型,保持在駭客之前。


  • 識別最危險的 ColdFusion 標籤

    某些標籤的強大功能使其令人擔憂。了解 <CFCONTENT>、<CFDIRECTORY>、<CFFILE>、<CFOBJECT> 等等。


  • 檢查你的自定義標籤

    進行測試工具以查看你的自定義標籤在接收到意外輸入時的行為。


  • 了解 ColdFusion 應用伺服器

    檢視應用伺服器的安全措施,包括自定義記憶體管理、執行緒池等。


  • 使用高級安全性設置 ColdFusion 伺服器

    採用加密和身份驗證,自定義訪問控制,並設置 RDS 安全性。


  • 保護 Solaris、Linux 和 Apache

    了解 Apache 中的漏洞,以便更好地保護在 Solaris 或 Linux 上運行的 ColdFusion 應用程式。


  • 檢視資料庫安全性與 ColdFusion

    了解惡意用戶如何濫用你的動態查詢來執行他們選擇的 SQL 命令,並找出如何防止這種情況發生。


  • 使用第三方工具保護 ColdFusion 應用程式

    獲得有關端口掃描工具 Nmap Scanner、SuperScan、NetScan 以及 DNS 技巧和防火牆的完整覆蓋。


  • 檢視 ColdFusion MX 中的安全功能

    了解 ColdFusion MX 將如何支持 .NET Framework,其標籤有何不同,以及管理員將如何完全控制文件和目錄。


  • 註冊你的 1 年升級

    Syngress Solutions 升級計劃保護你免受內容過時的影響,並提供每月郵件、白皮書等!


作者:

Greg Meyer

Steve Casco

Sarge,

Rob Rusher

David Vaccaro
```

類似商品

最後瀏覽商品 (5)