NYCPHP Meetup

NYPHP.org

[nycphp-talk] more crappy programs: security focus 230 - 232

John Lacey jlacey at att.net
Thu Jan 22 11:45:56 EST 2004



Chris Shiflett wrote:

> 
> It doesn't take too terribly long to verify the validitity, or lack
> thereof, of what is mentioned on Security Focus relating to PHP. Maybe
> NYPHP could host a Snopes-like site for this type of thing. :-)


I'll be delivering a short hands-on "what is it?" seminar on 
[CompTIA] Security+/i-Net+ using Knoppix, and there's been 
an idea about security as it applies to AMP in the back of 
my mind.  This looks like a time to at least mention it.

I was thinking that it would be a really cool and helpful 
project for interested NYPHP members to set up what amounts 
to a 'honeypot' -- with a different twist -- for 
proving/testing/evaluating/hacking/messing-with/bashing an 
AMP platform/apps./utilities/whatever.

For example, a "you-can't-mess-this-box-up" platform could 
be set up using first of all, one O/S and then later 
including other flavors -- Windows, Linux, FreeBSD, etc.

There are an untold myriad of learning/best-practice 
scenarios that can result with an ongoing project like this. 
  And I believe NYPHP has the horsepower to pull it off.

just a thought...
John






More information about the talk mailing list