FRUUG - Front Range Unix Users Group
FRUUG home
meeting archive
about FRUUG
join FRUUG
contact info
November 2007 Newsletter of the
Front Range UNIX Users Group

Cndnsd Vrsn: 4:00PM Thursday 11/15 — Web App Security


Developing Secure Web Applications

The next meeting of the Front Range UNIX Users Group (FRUUG) will be at 4:00 P.M. on Thursday, November 15 in the Main Seminar Room at the National Center for Atmospheric Research (NCAR) in Boulder More details are in Meeting Location (below).

Today's Web applications protect ever-more sensitive data. Commonly, sites ask for social security numbers, credit card numbers, financial account information, health history, and more. With an increasing focus on fast turnaround and new features, developers seldom have time to focus on this critical, overlooked aspect of application development.

Ben Whaley of Applied Trust Engineering will explore some of the common security vulnerabilities surrounding Web applications and how to mitigate them. His presentation will include some live demonstrations of some of the common vulnerabilities in Web applications.

About The Speaker

Ben Whaley is a senior engineer at Applied Trust Engineering. He holds a degree in computer science from the University of Colorado, is a Red Hat Certified Engineer and a Certified Information Systems Security Professional, and contributed several chapters to the Linux Administration Handbook, 2nd edition.

Meeting Location

This meeting will be held in the Main Seminar Room at NCAR's Mesa Lab. The address is 1850 Table Mesa Drive, Boulder 80303, though it's amazingly simple to find: take Table Mesa Drive in Boulder west until you can't go any farther. (access from US 36, Broadway, or Foothills Parkway). For a map, visit Come early to enjoy the stunning views or take a walk on the trails immediately to the west of the building.

For the meeting, come in the main entrance and sign in at the front desk, where they will be expecting a number of us visiting.

Our Last Meeting

At our last meeting, Sam Falkner of Sun Microsystems discussed Parallel NFS (pNFS), an enhancement to NFS to allow multiple, parallel data streams to different NFS servers.

Announcements, presentation slides, and writeups for past meetings are available in the FRUUG Meeting Archive.

Books, Books, Books

As you may have noticed, our meeting frequency is erratic, but we still continue to receive review copies of books from our publisher friends. This has caused our book cart to overflow, so to make room for the new titles we're getting in, we're going to give away the "old" titles that are currently on the cart.

This meeting we'll be bringing a box of security-related titles on topics ranging from wireless network security to firewall configuration. There will be enough books that virtually everyone who attends should be able to grab a title of interest.

FRUUG Library Notes

Until we settle into a permanent home (and NCAR may be that home), we'll only be bringing our new FRUUG library titles to each meeting. Learn how you can review a book and keep it through our FRUUG Library Merit Badge program.

Our publisher friends have some exciting news: Addison Wesley and O'Reilly (and their associated imprints) are now offering a user group discount of 35 percent, see our library discounts page for details.

O'Reilly was kind enough to send us a couple of new books related to the meeting topic:

  • Security Data Visualization
  • Security Power Tools, 1st Edition

In addition, we've received a copy of Open SUSE Linux from SAMS Publishing.

You may check out books using your business card as your library card; you must be on the membership list to check books out. Books are due at the meeting following the one in which they are checked out.

Remember that your FRUUG membership entitles you to up to 35 percent discounts on your book orders from Addison Wesley/Prentice Hall, IBM Press, O'Reilly Media, New Riders, No Starch, Paraglyph, PC Publishing, Pragmatic Bookshelf, Sams Publishing, SitePoint, and Syngress; refer to the FRUUG Web site library page for details.

Site Map Recruiter Info
February 15, 2009

February 2008: FRUUG Enters Quiescent Phase
After 27 years running, we're suspending operations.

Future Meetings:
None planned

Site by
Lone Eagle Systems, Inc.,
Hosted courtesy of Indra