NYCPHP Meetup

NYPHP.org

[joomla] Server Scans

Chris French chris at theendrecords.com
Mon Dec 13 10:20:49 EST 2010


Mitch is right, 

If you are interested in security you can help yourself 1000 fold if you just read a little bit about security and the web with joomla specifically your worst nightmare is bad file permissions, if your setting anything to chmod 777, You are setting yourself for trouble. 

Second you need to update joomla as soon as a new patch comes out the same goes for your components as well. 

You should also check this out 

http://sectools.org/web-scanners.html

I haven't used most of them but they could help you. 

Chris

On Dec 13, 2010, at 7:27 AM, Mitch Pirtle wrote:

> On Fri, Dec 10, 2010 at 6:39 PM, Scott Wolpow <scott at wolpow.com> wrote:
>> Does any one know of a good service to scan a server for security issues,
>> besides Joomla centric?
> 
> You're best off doing some scanning on your own, if only to be
> slightly edumucated on such practices. There are great free tools out
> there too:
> 
> nmap - http://nmap.org/
> nessus - http://www.nessus.org/nessus/intro.php
> 
> I've had access to five- and six-figure security assessment platforms
> and toolkits and can say emphatically that these two, combined with a
> bit of reading on your part, are just as effective.
> 
> -- Mitch, teaching how to fish :-)
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
> 
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
> 
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20101213/045c9b81/attachment.html>


More information about the Joomla mailing list