[nycphp-talk] more crappy programs: security focus 230 - 232
John Lacey
jlacey at att.net
Thu Jan 22 11:45:56 EST 2004
Chris Shiflett wrote:
>
> It doesn't take too terribly long to verify the validitity, or lack
> thereof, of what is mentioned on Security Focus relating to PHP. Maybe
> NYPHP could host a Snopes-like site for this type of thing. :-)
I'll be delivering a short hands-on "what is it?" seminar on
[CompTIA] Security+/i-Net+ using Knoppix, and there's been
an idea about security as it applies to AMP in the back of
my mind. This looks like a time to at least mention it.
I was thinking that it would be a really cool and helpful
project for interested NYPHP members to set up what amounts
to a 'honeypot' -- with a different twist -- for
proving/testing/evaluating/hacking/messing-with/bashing an
AMP platform/apps./utilities/whatever.
For example, a "you-can't-mess-this-box-up" platform could
be set up using first of all, one O/S and then later
including other flavors -- Windows, Linux, FreeBSD, etc.
There are an untold myriad of learning/best-practice
scenarios that can result with an ongoing project like this.
And I believe NYPHP has the horsepower to pull it off.
just a thought...
John
More information about the talk
mailing list