Hack Proofing ColdFusion

1st Edition

Authors: Syngress
Paperback ISBN: 9781928994770
eBook ISBN: 9780080478098
Imprint: Syngress
Published Date: 25th April 2002
Page Count: 512
38.95 + applicable tax
30.99 + applicable tax
49.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

The only way to stop a hacker is to think like one! ColdFusion is a Web application development tool that allows programmers to quickly build robust applications using server-side markup language. It is incredibly popular and has both an established user base and a quickly growing number of new adoptions. It has become the development environment of choice for e-commerce sites and content sites where databases and transactions are the most vulnerable and where security is of the utmost importance. Several security concerns exist for ColdFusion due to its unique approach of designing pages using dynamic-page templates rather than static HTML documents. Because ColdFusion does not require that developers have expertise in Visual Basic, Java and C++; Web applications created using ColdFusion Markup language are vulnerable to a variety of security breaches. Hack Proofing ColdFusion 5.0 is the seventh edition in the popular Hack Proofing series and provides developers with step-by-step instructions for developing secure web applications.

Key Features

· Teaches strategy and techniques: Using forensics-based analysis this book gives the reader insight to the mind of a hacker · Interest in topic continues to grow: Network architects, engineers and administrators are scrambling for security books to help them protect their new networks and applications powered by ColdFusion · Unrivalled Web-based support: Up-to-the minute links, white papers and analysis for two years at solutions@syngress.com

Table of Contents


Foreword


Chapter 1 Thinking Like a Hacker


Introduction


Understanding the Terms


A Brief History of Hacking


Why Should I Think Like a Hacker?


Mitigating Attack Risk in Your ColdFusion Applications


Validating Page Input


Functionality with Custom Tags and CFMODULE


The Top ColdFusion Application Hacks


Form Field Manipulation


URL Parameter Tampering


CFFILE, CFPOP, and CFFTP Tag Misuse


ColdFusion RDS Compromise


Understanding Hacker Attacks


Denial of Service


Virus Hacking


Preventing “Break-ins” by Thinking Like a Hacker


Development Team Guidelines


QA Team Guidelines


IT Team Guidelines


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 2 Securing Your ColdFusion Development


Introduction


Session Tracking


CFID and CFTOKEN Issues


Error Handling


Verifying Data Types


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 3 Securing Your ColdFusion Tags


Introduction


Identifying the Most Dangerous ColdFusion Tags


Properly (and Improperly) Using Dangerous Tags


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag


Using the Tag</BR

Details

No. of pages:
512
Language:
English
Copyright:
© Syngress 2002
Published:
Imprint:
Syngress
eBook ISBN:
9780080478098
Paperback ISBN:
9781928994770

About the Author