Difference between revisions of "Secure Configuration Guide"
Timo.goosen (talk | contribs) (→6. Crypto misconfiguration) |
Timo.goosen (talk | contribs) (→6. Crypto misconfiguration) |
||
| Line 101: | Line 101: | ||
== 6. Crypto misconfiguration == | == 6. Crypto misconfiguration == | ||
| − | + | '''Hardening''' | |
| + | *[https://bettercrypto.org/static/applied-crypto-hardening.pdf Applied Crypto Hardening General Hardening] | ||
| − | *[https:// | + | |
| + | '''Testing Crypto Config''' | ||
| + | *[https://www.owasp.org/index.php/Testing_for_SSL-TLS_%28OWASP-CM-001%29 Testing for SSL-TLS OWASP-CM-001] | ||
| + | *[https://www.digicert.com/help/ Digicert Testing Suite] | ||
| + | *[https://www.ssllabs.com/ssltest/index.html SSL Labs SSL Test] | ||
== 7. Services == | == 7. Services == | ||
Revision as of 14:53, 12 March 2015
Welcome on the page of Secure Configuration Guide!
Project description is available here: https://www.owasp.org/index.php/OWASP_Secure_Configuration_Guide
When editing the page, please follow the page structure, described in Template:OWASP Secure Configuration Guide
Contents
Table of Contents
1. Introduction
1.1. The OWASP Secure Configuration Guide
1.2. Misconfiguration. Defender's point
1.3. Misconfiguration. Attacker's point
2. Web servers misconfiguration
2.7 New OpenBSD HTTPD Webserver
3. Application servers misconfiguration
3.2. Borland Enterprise Server
3.4. IBM WebSphere Application Server
3.5. JBoss Enterprise Application Platform
3.7. SAP NetWeaver Application Server
3.8. Oracle Application Server
4. Web frameworks misconfiguration
5. CMS misconfiguration
6. Crypto misconfiguration
Hardening
Testing Crypto Config
7. Services
7.1. VNC - srsly.de ;)
SSH
RDP
7.2 to be complemented later
8. Devices
8.2. Routers
8.3. Firewalls
8.4. to be complemented later
