roller  Processing...
Shroff Publishers & Distributors Pvt. Ltd.
Login
 
 
|
Books Expand/Collapse
Skip Navigation Links.
.Net Platform
3D Computer Graphics
Academics
ACCA (Association of Chartered Certified Accountants)
Accounting
ActionScript
Active Server Pages (ASP)
ADO .NET
Adobe
Adobe Acrobat
Adobe Indesign
Adobe Photoshop
Aeronautical Engineering & Aircraft Maintenance
AIEEE
Ajax
Algebra
Algorithms
Amazon
Android
Animation
ANSI
Apache
Apple
Apple Mobile
Application Development
Application Program Interface
Application Software
Architecture
Architecture & Analysis
Arduino
Artificial Intelligence
AS/400
ASP.NET
Assembly Language Programming
Astronomy
Audio Books
Autocad
Aviation
Aviation Weather
Banking
Beginners Level
Biographies & Memoirs
Biography
Bioinformatics
Biological Terrorism
Biology
Biotechnology Engineering
Body, Mind & Spirit
Book Publishing
BPEL (Business Process Execution Language)
Brand Management
Buddhism
Business & Economics
Business & Investing
Business Application
Business Communications
Business Management
Business Skills
Business Software
Business, Management & Finance
C Programming
C# / Visual C# .Net
C++ Programming
C/ C++/ C#
CADD
Career Development
Career Guides
Catering & Hotel Management
Certification
Chartered Accountancy
Chemical Engineering
Chemistry
CIA
CICS
CIMA (Chartered Institute of Management Accountants)
CISA
Cisco / Brocade
CISSP
Civil Aviation Requirement
Civil Engineering
Civil Services Aptitude Test (CSAT)
Client/Server
Cloud Computing
Cloud Programming
CMMI (Capability Maturity Model Integration)
Cobol
Coldfusion
COM / DCOM / COM+
Communications
Competitive Examination
Complete Study Text
Complete Text
Computer Architecture
Computer Games
Computer Graphics
Computer Programming
Computer Science
Computer Security
Computer Vision
Computers
Configuration Management Software
Consumer Behaviour
Content Management System (CMS)
Cookbooks
CPIM
CQA
Criminology
Crystal Reports
CSS (Cascading Style Sheets)
Current Affairs
Customer Relationship Management (CRM)
Data
Data Analysis
Data Modeling
Data Science
Data Structures
Data Warehousing
Database Management
Database Programming
Databases
DB2
Defence
Dental
Design
Desktop Publishing (Macintosh & Windows)
DHTML
Digital Audio
Digital Photography
Digital Video
Distributed Computing
DIY Projects
DNS
Drafting
Dreamweaver Ultradev / Dreamweaver MX / Dreamweaver CS
Drupal
E-Commerce
E-Learning
Eclipse
Economics
Education & Reference
Educational
Electrical Engineering
Electronics
Electronics Engineering
ELT & Dictionary
Email
Embedded Systems
Engineering
English
English Language Teaching
Enterprise
Enterprise JavaBeans (EJB)
Enterprise Products and Platforms
Enterprise Service Bus (ESB)
Entrepreneurship
Environment
Ergonomic
ERP (Enterprise Resource Planning)
Exam Kit
F#
Family & Relationships - Parenting
FAQ (Frequently Asked Questions)
Fashion Design
Fashion Technology
Fiction
Filemaker Pro
Finance
Financial Accounting
Financial Applications
Financial Management
Financial Operations
Financial Strategy
Flash
Flex
Foreign Exchange
Forensics
French
Functional Programming
Game Development
Game Programming
General
Geographical Information Systems (GIS)
Geometry
Globalization
GMAT (Graduate Management Admission Test)
GNU
Google
Google Android
Graph Theory
Graphics
Graphics Design
Graphics Programming
GRE (Graduate Record Examination)
Green Computing
Hacking
Hardware
Haskell
Health & Fitness - Healing
Health IT
Health, Mind & Body
Hedge Funds
Hibernate
Hive
Hobbies
Hospitality
Hotel Management
HRD
HTML
HTML5
Human Resource Management Systems (HRMS)
IBM
IBM Mainframe
IBM Technical Resources
IBM WebSphere
IIT-JEE
Image Processing
IMAP (Internet Message Access Protocol)
Industrial Design
Industrial Engineering
Information Management Software
Information Security
Information Technology
Information Theory
Infrastructure Solutions
Innovation Management
Inspirational
Insurance
Interactive Text
Interior Design
International Business
International Developemnt
Internet
Internet Advertising
Internet Programming
Internet Protocol
Internet Security
Introducing to Computers
Investments
iPad
iPhone
iPod
Islamic Finance
Jakarta Commons
Jakarta Struts
Java
Java 2 Enterprise Edition (J2EE)
Java Certification
Java Programming
Java Server Programming
JavaScript
JavaServer Faces (JSF)
JavaServer Pages (JSP)
JBoss
JDBC
Jini
Joomla!
Journalism
jQuery
LAN (Local Area Network)
Language
Law
LDAP
Leadership
Learning Disability
LEGO
Linux
Liquor
Literature
Logistics
Lotus Notes & Domino
Mac
Mac OS
Machine Learning
Macintosh
Main Exams
Management
Management Information System (MIS)
Marine
Marketing
Marketing Management
Mathematical & Statistical Software
Mathematics
Matlab
Maya
MCSA / MCSE / MCSD
Mechanical Engineering
Media
Medical
Microcontrollers
Microfinance
Microsoft
Microsoft .Net Framework
Microsoft Access
Microsoft Certification
Microsoft Development
Microsoft Dynamics
Microsoft Excel
Microsoft Frontpage
Microsoft Office
Microsoft PowerPoint
Microsoft Programming
Microsoft Project
Microsoft Sharepoint
Microsoft Silverlight
Microsoft SQL Server
Microsoft Visual Basic
Microsoft Windows
Microsoft Word
Mobile Computing
Mobile Development
Mobile Programming
Mobile Security
Moodle
Motivational
Mulitmedia Development
Multimedia
Multithreaded
Musical Instruments
MySQL
Negotiating
Network
Network Administration
Networking
New Age
Non Fiction
NTSE
Nursing
Obesity
Object Technology
Object-Oriented Programming
Office Application
OOP
Open Source
OpenGL Programming
Operating Systems
Operation Management
Operations Management
Oracle
Organizational Behavior
Organizational Management
Patent and Trademarks
Patterns
PC Hardware
PeopleSoft
Perl
Personal Computers
Personal Growth
Pharmacology
Philosophy
PHP
Physics
PMI-ACP Exam
PMP
Pocket Notes
Political Science
Politics & Government
Postfix
Practice & Revision Kit
Presentation Software
Programming
Programming Languages
Project Book
Project Management
Psychology
Python
Quality
Quality Management
Quick Test Professional (QTP)
Rails
RDF
Real Estate/Home Buying Guides
Recipes
Reference
Relationship Marketing
Religion & Spirituality
Research Methods in Management
Revision Cards
RFID (Radio Frequency Identification)
Risk Management
Risk Management & Insurance
Robotics
RPG (Report Program Generator)
RSS (Rich Site Summary)
Ruby
Sales Management
Samba
SAP
SAS
SAT (Scholastic Aptitude Test)
Science
Search Engine Marketing
Search Engine Optimization (SEO)
Security
Self-Help
Sendmail
SharePoint
Skills
SOA: Service-Oriented Architecture
SOAP
Social Aspects
Social Media
Social Networking
Social Sciences
Social Web
Software Architecture
Software Design
Software Development
Software Documentation
Software Engineering
Software Project
Software Testing
Solaris
Spiritual
Sports
Spreadsheet
Spring
SQL
Statistical Software
Statistics
Statistics Programming
Stock Market
Strategic Management
Structural Analysis & Design
Study Aids
Study Guide
Success
Supply Chain Management
Sybase
System Administration
System Programming
Systems Analysis & Design
TCP/IP
Tech Culture
Technical Writing
Technology
Telecommunications
Telephony
Test Preparation
Text Processing
Time Management
Tivoli
TOEFL (Test of English as a Foreign Language)
Tomcat
Trade Business
Travel and Tourism Management
UML (Unified Modeling Language)
Unix
Unix Programming
Unix System Administration
Unix Text Editing
Unix Utilities
Used Books
User Experience
User Interface Design
Valuation
VBA
VBScript
View Engine
Virtualization
Virtualization and Cloud
Visual Basic
Visual Basic .Net / VB .NET
Visual Basic Certification
Visual Basic Programming
Visual C++
Visual Studio .Net
Vmware
Vocational
VoIP
VPN (Virtual Private Networks)
WAP
Web
Web Analytics
Web Application
Web Application Framework
Web Authoring
Web Design
Web Development
Web Graphics & Video
Web Marketing
Web Programming
Web Publishing
Web Security
Web Server
Web Services
WebLogic
Website Optimization
WebSphere
Windows
Windows 2000
Windows 7
Windows 8
Windows 95
Windows Administration
Windows Applications
Windows Forms
Windows NT
Windows NT Administration
Windows Programming
Windows Server
Windows Server 2003
Windows Vista
Windows XP
Wireless
WordPress
World Wide Web
X Windows
XHTML
XML (Extensible Markup Language)
XSL
XSLT
Yoga
Titles By Year Expand/Collapse
Product Details
Books » Linux
ModSecurity 2.5
ModSecurity 2.5
Prevent web application hacking with this easy to use guide
By Magnus Mischel
|
ISBN: 9788184049169
Paperback
Pages: 288
Size: 7 X 9
Shroff/Packt (2010)
List Price: Rs 425.00
Net Price: Rs 382.00    You save 10.00%
Usually shipped in 2-3 days

Add to cart    Add to wishlist
Description Table of Contents
With more than 67% of web servers running Apache and web-based attacks becoming more and more prevalent, web security has become a critical area for web site managers. Most existing tools work on the TCP/IP level, failing to use the specifics of the HTTP protocol in their operation. Mod_security is a module running on Apache, which will help you overcome the security threats prevalent in the online world. A complete guide to using ModSecurity, this book will show you how to secure your web application and server, and does so by using real-world examples of attacks currently in use. It will help you learn about SQL injection, cross-site scripting attacks, cross-site request forgeries, null byte attacks, and many more so that you know how attackers operate. Using clear, step-by-step instructions this book starts by teaching you how to install and set up ModSecurity, before diving into the rule language with examples. It assumes no prior knowledge of ModSecurity, so as long as you are familiar with basic Linux administration, you can start to learn right away. Real-life case studies are used to illustrate the dangers on the Web today – you will for example learn how the recent worm that hit Twitter works, and how you could have used ModSecurity to stop it in its tracks. The mechanisms behind these and other attacks are described in detail, and you will learn everything you need to know to make sure your server and web application remain unscathed on the increasingly dangerous web. Have you ever wondered how attackers figure out the exact web server version running on a system? They use a technique called HTTP fingerprinting, and you will learn about this in depth and how to defend against it by flying your web server under a "false flag". The last part of the book shows you how to really lock down a web application by implementing a positive security model that only allows through requests that conform to a specific, pre-approved model, and denying anything that is even the slightest bit out of line.

What you will learn from this book
  • Compile ModSecurity from source and install it on a Linux system
  • Log any anomalous event and use the ModSecurity console to view log data online so that attempted break-ins can be quickly discovered and dealt with
  • Learn how a recent worm disabled Twitter and how it could have been stopped using ModSecurity
  • Guard against web site defacement by having ModSecurity scan for unauthorized changes to your web pages then alert you about issues via email.
  • Locate the geographical position of an attacker using ModSecurity applications
  • Know how attackers operate by learning about SQL injection, cross-site scripting attacks, cross-site request forgeries, null byte attacks, and many more
  • Put Apache in a chroot jail using ModSecurity – no more frustrating hours of tinkering to get everything working as it should
  • Prevent HTTP fingerprinting by flying your Apache server under a false flag
  • Protect against newly discovered vulnerabilities that don't have a vendor-supplied patch, using ModSecurity "just-in-time" patching
  • Prevent the source code of your web application being shown to the world if something goes wrong with your server configuration
  • Discover the real IP address of an attacker using ModSecurity, even if the attacker is behind a proxy server

Approach
This book teaches ModSecurity from the beginning to anyone with basic Linux skills. It starts by focusing on introducing ModSecurity, and explaining the concept of ModSecurity rules and how to write them. Later, it looks at the performance of ModSecurity and what sort of impact ModSecurity has on the speed of your web application.

Who this book is written for
This book is written for system administrators or anyone running an Apache web server who wants to learn how to secure that server. It assumes that you are familiar with using the Linux shell and command-line tools, but does its best to explain everything so that those who are not Linux experts can make full use of ModSecurity.

About the Author
Computer security expert Magnus Mischel is the founder and director of Mischel Internet Security, whose product TrojanHunter helps protect computers from malware. He currently lives in London, and when he isn't writing books or managing the company, he enjoys playing a game of chess at the Metropolitan Chess Club. He holds an MSc in Computer Science and Engineering from Linköping University, Sweden.

Sorry, the table of contents for this book is not yet available
MINI CART

Your cart is empty.
MINI WISHLIST

Your wishlist is empty.