Cndnsd Vrsn: 4:00PM Thursday 11/15 — Web App Security
The next meeting of the Front Range UNIX Users
Group (FRUUG) will be at 4:00 P.M. on Thursday, November 15
in the Main Seminar Room at the National Center for Atmospheric
Research (NCAR) in Boulder
More details are in Meeting Location (below).
Today's Web applications protect ever-more sensitive data. Commonly,
sites ask for social security numbers, credit card numbers, financial
account information, health history, and more. With an increasing
focus on fast turnaround and new features, developers seldom have time to
focus on this critical, overlooked aspect of application development.
Ben Whaley of
Applied Trust Engineering
will explore some of the common security vulnerabilities
surrounding Web applications and how to mitigate them.
His presentation will include some live demonstrations
of some of the common vulnerabilities in Web applications.
Ben Whaley is a senior engineer at
Applied Trust Engineering. He holds
a degree in computer science from the University of Colorado, is a Red
Hat Certified Engineer and a Certified Information Systems Security
Professional, and contributed several chapters to the Linux
Administration Handbook, 2nd edition.
This meeting will be held in the Main Seminar Room at NCAR's Mesa Lab.
The address is 1850 Table Mesa Drive, Boulder 80303, though it's
amazingly simple to find: take Table Mesa Drive in Boulder west
until you can't go any farther. (access from US 36, Broadway, or Foothills
Parkway). For a map, visit
www.ucar.edu/org/mesalabmap.shtml. Come early to enjoy the stunning views or take a walk on the trails immediately to the west of the building.
For the meeting, come in the main entrance and sign in at the front
desk, where they will be expecting a number of us visiting.
At our last meeting, Sam Falkner of Sun Microsystems
discussed Parallel NFS (pNFS), an enhancement to
NFS to allow multiple, parallel data streams to
different NFS servers.
Announcements, presentation slides, and
writeups for past meetings are available in the FRUUG Meeting Archive.
As you may have noticed, our meeting frequency is erratic,
but we still continue to receive review copies of books from
our publisher friends. This has caused our book cart to overflow,
so to make room for the new titles we're getting in, we're going
to give away the "old" titles that are currently on the cart.
This meeting we'll be bringing a box of security-related
titles on topics ranging from wireless network security
to firewall configuration.
There will be enough books that virtually everyone who attends should
be able to grab a title of interest.
Until we settle into a permanent home (and NCAR may be that home),
we'll only be bringing our new FRUUG library titles to each meeting.
Learn how you can review a book and keep it through
FRUUG Library Merit Badge program.
Our publisher friends have some exciting news: Addison Wesley
and O'Reilly (and their associated imprints) are now offering
a user group discount of 35 percent, see our
library discounts page
O'Reilly was kind enough to send us a couple of new
books related to the meeting topic:
- Security Data Visualization
- Security Power Tools, 1st Edition
In addition, we've received a copy of Open SUSE Linux from SAMS Publishing.
You may check out books using your business card as your
library card; you must be on the membership list to check books out. Books
are due at the meeting following the one in which they are checked out.
Remember that your FRUUG membership entitles you to up to 35 percent
on your book orders from
Addison Wesley/Prentice Hall,
refer to the FRUUG Web site library page for details.