This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Secure Configuration Guide"
(→6. Crypto misconfiguration) |
Timo.goosen (talk | contribs) (→6. Crypto misconfiguration) |
||
| Line 103: | Line 103: | ||
The most comprehensive guide found so far: | The most comprehensive guide found so far: | ||
| − | https://bettercrypto.org/static/applied-crypto-hardening.pdf | + | *[https://bettercrypto.org/static/applied-crypto-hardening.pdf Applied Crypto Hardening] |
== 7. Services == | == 7. Services == | ||
Revision as of 14:43, 12 March 2015
Welcome on the page of Secure Configuration Guide!
Project description is available here: https://www.owasp.org/index.php/OWASP_Secure_Configuration_Guide
When editing the page, please follow the page structure, described in Template:OWASP Secure Configuration Guide
Table of Contents
1. Introduction
1.1. The OWASP Secure Configuration Guide
1.2. Misconfiguration. Defender's point
1.3. Misconfiguration. Attacker's point
2. Web servers misconfiguration
2.7 New OpenBSD HTTPD Webserver
3. Application servers misconfiguration
3.2. Borland Enterprise Server
3.4. IBM WebSphere Application Server
3.5. JBoss Enterprise Application Platform
3.7. SAP NetWeaver Application Server
3.8. Oracle Application Server
4. Web frameworks misconfiguration
5. CMS misconfiguration
6. Crypto misconfiguration
The most comprehensive guide found so far:
7. Services
7.1. VNC - srsly.de ;)
SSH
RDP
7.2 to be complemented later
8. Devices
8.2. Routers
8.3. Firewalls
8.4. to be complemented later
