[Owasp-portland] Next FLOSSHack - Tentative Date

Justin Dugger jldugger at osuosl.org
Fri Nov 16 01:46:57 UTC 2012


Since security is one of the hats I wear at the OSL, I should point out
Ganeti Web Manager would be a good project of ours to target. We're
currently running it with multiple layers of protection in deployment, but
I can't promise everyone else who runs it is defending their deployment as
carefully as ours. So GWM could stand to benefit from some expert scruitiny.

The fun thing about pentesting this particular app is that successful hacks
compromise not just one dinky web server, but potentially an entire fleet.

Justin Dugger
OSU Open Source Lab


On Thu, Nov 15, 2012 at 4:33 PM, Ian Faragher <wifigod at gmail.com> wrote:

> I don't have any specific applications to suggest, but I will throw a
> couple of links out there for projects that are hosted and (at least
> partially) maintained locally by the OSU Open Source Lab (osuosl.org):
>
> http://osuosl.org/services/development - This is more of their own
> applications that they maintain in-house.
>
> http://osuosl.org/services/hosting/communities - This is a list of
> projects that have hosting at the OSL and typically have some sort of
> contributions to code maintenance investments as well. This list includes
> some obviously big names that likely wouldn't need asisstance (Apache,
> Debian, Drupal, etc), but there are some smaller projects that would likely
> love to have some code audits done.
>
> Hope that helps.
>
> -Ian-
>
>
>
> On Thu, Nov 15, 2012 at 4:20 PM, Tim <tim.morgan at owasp.org> wrote:
>
>>
>> Hi everyone,
>>
>> I've lined up a tentative date of January 13 for the next FLOSSHack.
>> I'm open to nominations for target applications.  Two applications
>> that have been suggested in the past are:
>>
>>   http://www.resourcespace.org/
>>   http://openmrs.org/
>>
>>
>> Please feel free to suggest others.  Keep in mind the ideal critera
>> for a candidate:
>>
>> https://www.owasp.org/index.php/FLOSSHack_for_Organizers#Selecting_a_Target
>>
>>
>> If you want to nominate a particular application and are willing to
>> manage the communication with the software maintainer, then say so.
>> It will take a load off of me and make it all the more likely that we
>> choose it. =)
>>
>>
>> cheers,
>> tim
>> _______________________________________________
>> Owasp-portland mailing list
>> Owasp-portland at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-portland
>>
>
>
>
> --
> Ian Faragher
>
>
> _______________________________________________
> Owasp-portland mailing list
> Owasp-portland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-portland
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-portland/attachments/20121115/ddbf367d/attachment.html>


More information about the Owasp-portland mailing list