|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Ubuntu/PHP/Joomla security
|
George:
Thanks for getting back to me quickly, I appreciate it. I am not familiar with Nessus, but I will look into it.
So am I to assume you are just recommending I look into Nessus, and that you are not interested in taking on this project yourself? Either way, I appreciate the tip about Nessus.
Regards,
Shameel
On 12/20/06, George A. Theall <theall@tifaware.com> wrote:
On Wed, Dec 20, 2006 at 01:13:49PM -0500, Shameel Arafin wrote:
> I am completing a multi-site project for a client, that involves
> Joomla! installations on an Ubuntu server. We are looking for a
> security expert to help us lock down security holes on three levels:
> --Ubuntu (Dapper)
> --PHP 5/MySQL 5
> --Joomla 1.0.11 (Sunbow)
Have you considered setting up Nessus along with a registered or direct
feed and using that to test for known flaws yourself? Nessus tracks
Ubuntu security advisories and can test for them if you provide SSH
credentials, and those would also cover PHP / MySQL provided you're
using the distro's package management feature to install the apps.
As for Joomla, Nessus can check for most of the flaws remotely as well
as in some of the more popular add-ons.
Disclaimer: I work for Tenable (the folks behind Nessus) and write many
of the plugins for Nessus.
George
--
theall@tifaware.com
___________________________________________________________________________
Philadelphia Linux Users Group --
http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|