Difference between revisions of "SRA840 Lab9"

From CDOT Wiki
Jump to: navigation, search
(Milton Paiva Neto)
(Milton Paiva Neto)
Line 13: Line 13:
  
 
[http://www.petefreitag.com/item/505.cfm]http://www.petefreitag.com/item/505.cfm
 
[http://www.petefreitag.com/item/505.cfm]http://www.petefreitag.com/item/505.cfm
 +
 
[http://www.securityfocus.com/infocus/1706]http://www.securityfocus.com/infocus/1706
 
[http://www.securityfocus.com/infocus/1706]http://www.securityfocus.com/infocus/1706
 +
 
[http://www.securityfocus.com/infocus/1694]http://www.securityfocus.com/infocus/1694
 
[http://www.securityfocus.com/infocus/1694]http://www.securityfocus.com/infocus/1694

Revision as of 19:36, 11 April 2009

Milton Paiva Neto

1. Did you have any problems with configuring PHP+Apache to be more secure. If you did then how did you resolve them. Describe :

Actually after setting up all the apache modules I didn't have any problem, but there are some steps that are tricky like run apache in a chroot environment, check the checksum of the downloaded files, use the least privilege policy, run apache as a user without access to a shell or terminal.

  • Why you chose those security tips?

To avoid intruders in my system and even if someone break in to my system, it will login as an user with low privileges and this person will not be allowed to run rootkits to because root(scalable privileges).

  • What additional security tips exist on the Internet for the tips you used above. Point links to those websites in your answer.

[1]http://www.petefreitag.com/item/505.cfm

[2]http://www.securityfocus.com/infocus/1706

[3]http://www.securityfocus.com/infocus/1694