[Owasp-sanfran] RE: Websphere Configuration File Guides

Mark Curphey mark at curphey.com
Tue Sep 7 14:15:24 EDT 2004


Very cool. We have a Tomcat one floating around trying to decide what to do
with as well. 

-----Original Message-----
From: Robert.L.Grill at wellsfargo.com [mailto:Robert.L.Grill at wellsfargo.com] 
Sent: Tuesday, September 07, 2004 1:40 PM
To: mark at curphey.com
Cc: owasp-sanfran at lists.sourceforge.net
Subject: RE: Websphere Configuration File Guides

Mark,

Thanks,  I am trying to audit what is stated in this article by only looking
at config files, I hate GUI's.  I ordered the book.  Enclosed is what I have
so far in terms of an audit program.  This is the first project that the SF
OWASP team has taken on (as our purpose).  It is my job to come up with the
first prototype and then submit it to the sfowasp group for comment and then
to you for inclusion in the testing guide part 2. I read all the redbooks,
the rest of the work will come from hands on trial and error.
http://www-106.ibm.com/developerworks/websphere/techjournal/0406_botzum/
0406_botzum.html  


Thanks,

Bob


-----Original Message-----
From: Mark Curphey [mailto:mark at curphey.com]
Sent: Saturday, September 04, 2004 3:30 PM
To: Grill, Robert L.
Subject: RE: Websphere Configuration File Guides


 Have you seen IBMs WebSphere red book ? I can send it to you if you
promise to send it no further

-----Original Message-----
From: Robert.L.Grill at wellsfargo.com
[mailto:Robert.L.Grill at wellsfargo.com] 
Sent: Thursday, September 02, 2004 12:20 AM
To: pen-test at securityfocus.com; webappsec at securityfocus.com;
full-disclosure-admin at lists.netsys.com
Subject: Websphere Configuration File Guides

Does anyone have any good guides to Websphere security configuration
files ?

Thanks


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP-Tomcat-Security-Configuration-Guide.doc
Type: application/msword
Size: 302080 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-sanfran/attachments/20040907/9030493e/attachment.doc 


More information about the Owasp-sanfran mailing list