SlideShare una empresa de Scribd logo

Joomla! Day Deutschland 2012 - Active Security

Descargar como KEY, PDF
Nicholas Dionysopoulos
Nicholas Dionysopoulos

My presentation on Joomla! site security in Joomla! Day Deutschland 2012

Tecnología
1 de 37
Active security for Joomla! sites version 5.2
Mission: Impossible Talking in-depth about Joomla! security in 30 minutes or less... but I’ll try!
Put your pens away Sit back and enjoy
A site is like a building • Strong foundations • Careful construction • Active maintenance
Step 1: Strong foundations Your server setup - Geeky stuff ahead!
Updated server software PHP, MySQL, Apache, FTP Server...
Permissions & ownership Who can do what and where
Sane ownership & permissions All files and folders owned by the FTP user Use Joomla!’s FTP mode on shared hosts Folders 0755 permissions • Files 0644 permissions If you “must” use 0777 (don’t!), protect with .htaccess order deny, allow deny from all allow from none Better yet, use suPHP or FastCGI
Too much to remember? Akeeba Backup User’s Guide, Security Information https://www.akeebabackup.com/documentation/ akeeba-backup-documentation/security-info.html 777: The number of the beast http://www.dionysopoulos.me/blog/777-the-number- of-the-beast
Advanced methods for IT ninjas
mod_security for Apache Your server’s security guard
You need some rules Atomic (GotRoot) Rules: http://www.atomicorp.com/wiki/index.php/ Atomic_ModSecurity_Rules OWASP Rules: https://www.owasp.org/index.php/ Category:OWASP_ModSecurity_Core_Rule_Set_Projec t
Make it all happen The magic scripts
https://github.com/betweenbrain/ubuntu-web- server-build-script written by Matt Thomas (@betweenbrain)
Step 2: Careful construction Your site setup
Update, yesterday Joomla! & extensions
Think before installing Don’t be the mouse in the trap!
Length matters
Your Password’s length matters
A terrifying thought Password hacking super-computer: 2,700 USD (2 years ago; much cheaper now)
How safe is your password? Password Bits Iterations Time to crack 15082005 13.6 12416 0.00038 msec admin 15.9 61147 0.00185 msec ortrtaortftaaidbt 67.7 2.39E+20 228.95 years 0rtrTA0rtfTa&idbT 88.2 3.55E+26 340 million years horse correct battery stapler 107.2 1.86E+32 178179 billion years
How safe is your password? Password Bits Iterations Time to crack 15082005 13.6 12416 0.00038 msec admin 15.9 61147 0.00185 msec ortrtaortftaaidbt 67.7 2.39E+20 228.95 years 0rtrTA0rtfTa&idbT 88.2 3.55E+26 340 million years horse correct battery stapler 107.2 1.86E+32 178179 billion years
Lock it down Nothing on my site runs unless I say so
.htaccess Rules My Master .htaccess - FREE http://akeeba.assembla.com/code/master-htaccess/ git/nodes/htaccess.txt Admin Tools Professional https://www.akeebabackup.com/products/46- software/855-admintools.html
Armor up Protect your site
Step 3: Active maintenance Staying on top of it all
Backups Frequent, automated, off-site backups
Monitor file changes A changed file is usually a bad thing
Monitor it Keep an eye on the logs
In spite of it all…
Dammit! You got hacked, now what?
DON’T PANIC
We’ve got instructions Unhacking your site https://www.akeebabackup.com/documentation/ walkthroughs/item/1124-unhacking-your-site.html You do have backups, right? Make sure you read the instructions before getting hacked.
One more thing... security is a process
Questions?
Download this presentation http://akeeba.info/asjd12de
Thank you for listening! Image credits: sxc.hu; istockphoto.com

Recomendados

Joomla! Day Poland 2012 - Active Security for Joomla! sites
Joomla! Day Poland 2012 - Active Security for Joomla! sitesJoomla! Day Poland 2012 - Active Security for Joomla! sites
Joomla! Day Poland 2012 - Active Security for Joomla! sites
Nicholas Dionysopoulos
 
Installing Tomcat on Ubuntu Instance
Installing Tomcat on Ubuntu InstanceInstalling Tomcat on Ubuntu Instance
Installing Tomcat on Ubuntu Instance
kamarul kawnayeen
 
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
Naoto MATSUMOTO
 
Ep 6.0 installation
Ep 6.0 installationEp 6.0 installation
Ep 6.0 installation
dkeerthan
 
How To Find Package Installation Date on RHEL 7
How To Find Package Installation Date on RHEL 7How To Find Package Installation Date on RHEL 7
How To Find Package Installation Date on RHEL 7
VCP Muthukrishna
 
File1
File1File1
File1
satyasaivani
 
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Nicholas Dionysopoulos
 
How to Change Hostname in CentOS 7 or RHEL 7
How to Change Hostname in CentOS 7 or RHEL 7How to Change Hostname in CentOS 7 or RHEL 7
How to Change Hostname in CentOS 7 or RHEL 7
VCP Muthukrishna
 

Recomendados

Joomla! Day Poland 2012 - Active Security for Joomla! sites
Joomla! Day Poland 2012 - Active Security for Joomla! sitesJoomla! Day Poland 2012 - Active Security for Joomla! sites
Joomla! Day Poland 2012 - Active Security for Joomla! sites
Nicholas Dionysopoulos
 
Installing Tomcat on Ubuntu Instance
Installing Tomcat on Ubuntu InstanceInstalling Tomcat on Ubuntu Instance
Installing Tomcat on Ubuntu Instance
kamarul kawnayeen
 
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
Naoto MATSUMOTO
 
Ep 6.0 installation
Ep 6.0 installationEp 6.0 installation
Ep 6.0 installation
dkeerthan
 
How To Find Package Installation Date on RHEL 7
How To Find Package Installation Date on RHEL 7How To Find Package Installation Date on RHEL 7
How To Find Package Installation Date on RHEL 7
VCP Muthukrishna
 
File1
File1File1
File1
satyasaivani
 
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Joomla! Security 101 - Joomla! Day Bosnia and Herzegovina 2013
Nicholas Dionysopoulos
 
How to Change Hostname in CentOS 7 or RHEL 7
How to Change Hostname in CentOS 7 or RHEL 7How to Change Hostname in CentOS 7 or RHEL 7
How to Change Hostname in CentOS 7 or RHEL 7
VCP Muthukrishna
 
How to Install MariaDB Server or MySQL Server on CentOS 7
How to Install MariaDB Server or MySQL Server on CentOS 7How to Install MariaDB Server or MySQL Server on CentOS 7
How to Install MariaDB Server or MySQL Server on CentOS 7
VCP Muthukrishna
 
How to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu osHow to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu os
VCP Muthukrishna
 
How to Upgrade Openfire on CentOS 7
How to Upgrade Openfire on CentOS 7How to Upgrade Openfire on CentOS 7
How to Upgrade Openfire on CentOS 7
VCP Muthukrishna
 
Install oracle service bus
Install oracle service bus Install oracle service bus
Install oracle service bus
Osama Mustafa
 
Lab 1 my sql tutorial
Lab 1 my sql tutorial Lab 1 my sql tutorial
Lab 1 my sql tutorial
Manuel Contreras
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
VCP Muthukrishna
 
how to-build-a-computer
how to-build-a-computerhow to-build-a-computer
how to-build-a-computer
hemachandardr
 
How to Install and Configure Cacti on Linux
How to Install and Configure Cacti on LinuxHow to Install and Configure Cacti on Linux
How to Install and Configure Cacti on Linux
VCP Muthukrishna
 
Md5sum
Md5sumMd5sum
Md5sum
Rosa Castro
 
How To Install and Configure Salt Master on Ubuntu
How To Install and Configure Salt Master on UbuntuHow To Install and Configure Salt Master on Ubuntu
How To Install and Configure Salt Master on Ubuntu
VCP Muthukrishna
 
How To Install and Configure AWS CLI on RHEL 7
How To Install and Configure AWS CLI on RHEL 7How To Install and Configure AWS CLI on RHEL 7
How To Install and Configure AWS CLI on RHEL 7
VCP Muthukrishna
 
Intalacion de owncloud
Intalacion de owncloudIntalacion de owncloud
Intalacion de owncloud
Fredy Ntn Bautista
 
Installing Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu InstanceInstalling Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu Instance
kamarul kawnayeen
 
Instalar un repositorio_centos
Instalar un repositorio_centosInstalar un repositorio_centos
Instalar un repositorio_centos
James Jara
 
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
Arun Sharma
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Maris Elsins
 
iscsid remains stopped in redhat EL 6
iscsid remains stopped in redhat EL 6iscsid remains stopped in redhat EL 6
iscsid remains stopped in redhat EL 6
Ashwin Pawar
 
Devstack
DevstackDevstack
Devstack
Narasimha sreeram
 
Rdo mitaka
Rdo mitakaRdo mitaka
Rdo mitaka
Narasimha sreeram
 
How To Configure SNMP Logging on RHEL 7
How To Configure SNMP Logging on RHEL 7How To Configure SNMP Logging on RHEL 7
How To Configure SNMP Logging on RHEL 7
VCP Muthukrishna
 
IP Advantages LLC
IP Advantages LLCIP Advantages LLC
IP Advantages LLC
hyingli
 
Technology Action Plan
Technology Action PlanTechnology Action Plan
Technology Action Plan
a2vawter
 

Más contenido relacionado

La actualidad más candente

how to-build-a-computer
how to-build-a-computerhow to-build-a-computer
how to-build-a-computer
hemachandardr
 
Instalar un repositorio_centos
Instalar un repositorio_centosInstalar un repositorio_centos
Instalar un repositorio_centos
James Jara
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Maris Elsins
 

La actualidad más candente (20)

How to Install MariaDB Server or MySQL Server on CentOS 7
How to Install MariaDB Server or MySQL Server on CentOS 7How to Install MariaDB Server or MySQL Server on CentOS 7
How to Install MariaDB Server or MySQL Server on CentOS 7
 
How to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu osHow to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu os
 
How to Upgrade Openfire on CentOS 7
How to Upgrade Openfire on CentOS 7How to Upgrade Openfire on CentOS 7
How to Upgrade Openfire on CentOS 7
 
Install oracle service bus
Install oracle service bus Install oracle service bus
Install oracle service bus
 
Lab 1 my sql tutorial
Lab 1 my sql tutorial Lab 1 my sql tutorial
Lab 1 my sql tutorial
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
 
how to-build-a-computer
how to-build-a-computerhow to-build-a-computer
how to-build-a-computer
 
How to Install and Configure Cacti on Linux
How to Install and Configure Cacti on LinuxHow to Install and Configure Cacti on Linux
How to Install and Configure Cacti on Linux
 
Md5sum
Md5sumMd5sum
Md5sum
 
How To Install and Configure Salt Master on Ubuntu
How To Install and Configure Salt Master on UbuntuHow To Install and Configure Salt Master on Ubuntu
How To Install and Configure Salt Master on Ubuntu
 
How To Install and Configure AWS CLI on RHEL 7
How To Install and Configure AWS CLI on RHEL 7How To Install and Configure AWS CLI on RHEL 7
How To Install and Configure AWS CLI on RHEL 7
 
Intalacion de owncloud
Intalacion de owncloudIntalacion de owncloud
Intalacion de owncloud
 
Installing Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu InstanceInstalling Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu Instance
 
Instalar un repositorio_centos
Instalar un repositorio_centosInstalar un repositorio_centos
Instalar un repositorio_centos
 
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
Oracle Enterprise Manager Cloud Control 13c13.3 Installation On Oracle Linux-7
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
 
iscsid remains stopped in redhat EL 6
iscsid remains stopped in redhat EL 6iscsid remains stopped in redhat EL 6
iscsid remains stopped in redhat EL 6
 
Devstack
DevstackDevstack
Devstack
 
Rdo mitaka
Rdo mitakaRdo mitaka
Rdo mitaka
 
How To Configure SNMP Logging on RHEL 7
How To Configure SNMP Logging on RHEL 7How To Configure SNMP Logging on RHEL 7
How To Configure SNMP Logging on RHEL 7
 

Destacado

IP Advantages LLC
IP Advantages LLCIP Advantages LLC
IP Advantages LLC
hyingli
 
Technology Action Plan
Technology Action PlanTechnology Action Plan
Technology Action Plan
a2vawter
 
IP Advantages Intro
IP Advantages IntroIP Advantages Intro
IP Advantages Intro
hyingli
 
Absinthe
Absinthe Absinthe
Absinthe
janysol
 
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
Nicholas Dionysopoulos
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
LinkedIn
 

Destacado (7)

IP Advantages LLC
IP Advantages LLCIP Advantages LLC
IP Advantages LLC
 
Technology Action Plan
Technology Action PlanTechnology Action Plan
Technology Action Plan
 
Kyand IEC 61850 Modeling For Switch Management
Kyand IEC 61850 Modeling For Switch ManagementKyand IEC 61850 Modeling For Switch Management
Kyand IEC 61850 Modeling For Switch Management
 
IP Advantages Intro
IP Advantages IntroIP Advantages Intro
IP Advantages Intro
 
Absinthe
Absinthe Absinthe
Absinthe
 
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
Joomla! Day Poland 2012 - Advanced Akeeba Backup - Beyond just backing up you...
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
 

Similar a Joomla! Day Deutschland 2012 - Active Security

OSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
OSDC 2015: Georg Schönberger | Linux Performance Profiling and MonitoringOSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
OSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
NETWAYS
 
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
NETWAYS
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
NETWAYS
 
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
Ontico
 
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
Anne Nicolas
 
Lonestar php scalingmagento
Lonestar php scalingmagentoLonestar php scalingmagento
Lonestar php scalingmagento
Mathew Beane
 

Similar a Joomla! Day Deutschland 2012 - Active Security (20)

Linux Performance Profiling and Monitoring
Linux Performance Profiling and MonitoringLinux Performance Profiling and Monitoring
Linux Performance Profiling and Monitoring
 
OSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
OSDC 2015: Georg Schönberger | Linux Performance Profiling and MonitoringOSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
OSDC 2015: Georg Schönberger | Linux Performance Profiling and Monitoring
 
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
 
OSMC 2015 | Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015 | Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015 | Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015 | Linux Performance Profiling and Monitoring by Werner Fischer
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
 
Caching and tuning fun for high scalability @ FOSDEM 2012
Caching and tuning fun for high scalability @ FOSDEM 2012Caching and tuning fun for high scalability @ FOSDEM 2012
Caching and tuning fun for high scalability @ FOSDEM 2012
 
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
Как понять, что происходит на сервере? / Александр Крижановский (NatSys Lab.,...
 
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
 
Caching and tuning fun for high scalability
Caching and tuning fun for high scalabilityCaching and tuning fun for high scalability
Caching and tuning fun for high scalability
 
Caching and tuning fun for high scalability @ FrOSCon 2011
Caching and tuning fun for high scalability @ FrOSCon 2011Caching and tuning fun for high scalability @ FrOSCon 2011
Caching and tuning fun for high scalability @ FrOSCon 2011
 
10 things
10 things10 things
10 things
 
Caching and tuning fun for high scalability
Caching and tuning fun for high scalabilityCaching and tuning fun for high scalability
Caching and tuning fun for high scalability
 
Debugging linux issues with eBPF
Debugging linux issues with eBPFDebugging linux issues with eBPF
Debugging linux issues with eBPF
 
Manage MySQL with open source
Manage MySQL with open sourceManage MySQL with open source
Manage MySQL with open source
 
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
Kernel Recipes 2016 - Understanding a Real-Time System (more than just a kernel)
 
Passbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managmentPassbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managment
 
SQL Server On SANs
SQL Server On SANsSQL Server On SANs
SQL Server On SANs
 
Lonestar php scalingmagento
Lonestar php scalingmagentoLonestar php scalingmagento
Lonestar php scalingmagento
 
Malware Analysis For The Enterprise
Malware Analysis For The EnterpriseMalware Analysis For The Enterprise
Malware Analysis For The Enterprise
 

Más de Nicholas Dionysopoulos

Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
Nicholas Dionysopoulos
 
Joomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
Joomla! Day Poland 2012 - Monetize your site with Akeeba SubscriptionsJoomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
Joomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
Nicholas Dionysopoulos
 

Más de Nicholas Dionysopoulos (8)

Hidden in plain site – joomla! hidden secrets for code monkeys
Hidden in plain site – joomla! hidden secrets for code monkeysHidden in plain site – joomla! hidden secrets for code monkeys
Hidden in plain site – joomla! hidden secrets for code monkeys
 
Rapid application development with FOF
Rapid application development with FOFRapid application development with FOF
Rapid application development with FOF
 
Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
Joomla! Frappe - Κατασκευή εφαρμογών για το Joomla! χωρίς να τραβάτε τα μαλιά...
 
JWC - Rapid application development with FOF
JWC - Rapid application development with FOFJWC - Rapid application development with FOF
JWC - Rapid application development with FOF
 
FOF Rapid Application Development on Joomla! - Joomla! Day Denmark 2012
FOF Rapid Application Development on Joomla! - Joomla! Day Denmark 2012FOF Rapid Application Development on Joomla! - Joomla! Day Denmark 2012
FOF Rapid Application Development on Joomla! - Joomla! Day Denmark 2012
 
Advanced Akeeba Backup (Joomla! Day Denmark 2012)
Advanced Akeeba Backup (Joomla! Day Denmark 2012)Advanced Akeeba Backup (Joomla! Day Denmark 2012)
Advanced Akeeba Backup (Joomla! Day Denmark 2012)
 
Joomla! Day Deutschland 2012 - Advanced Akeeba Backup
Joomla! Day Deutschland 2012 - Advanced Akeeba BackupJoomla! Day Deutschland 2012 - Advanced Akeeba Backup
Joomla! Day Deutschland 2012 - Advanced Akeeba Backup
 
Joomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
Joomla! Day Poland 2012 - Monetize your site with Akeeba SubscriptionsJoomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
Joomla! Day Poland 2012 - Monetize your site with Akeeba Subscriptions
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 

Joomla! Day Deutschland 2012 - Active Security

Notas del editor

  1. Scratches the surface\nImperative everyone follows this advice\n\nNext: Me\n
  2. \n
  3. \n
  4. Make it harder, not impossible\n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. \n
  20. Whitepixel + cheap hardware\nCosts $2,800\nBreaks 33.1 billion passwords / second\nNext: sample pw\n
  21. All about entropy.\nWords stronger than random garbage\nThere’s a catch. All words = 1 day. Add numbers/padding to increase entropy.\nNext: 777\n
  22. \n
  23. \n
  24. \n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n
  33. It’s not fire and forget. You have to work on it continuously as your site evolves.\n\nNext: questions\n
  34. Ask your questions!\n\nNext: QR-Code\n
  35. \n
  36. Thank you for listening\n\nTHE END\n