Red Hat Stronghold products are no longer available for purchase.
All the secure webserver capabilities originally provided by Stronghold for Red Hat Enterprise Linux AS 2.1 are included in all later versions of Red Hat Enterprise Linux products.
Deciding to add security to a web application is like deciding whether to wear
clothes in the morning. Both decisions provide comfort and protection throughout
the day, and in both cases the decisions are better made beforehand rather than later.
Just look around and ask yourself, “How open do I really want to be with my neighbors?”
Or, “How open do I really want them to be with me?”
Andrew Connell has a background in content management solutions and Web development that spans back to his time as a student at the University of Florida in the late 1990s managing class sites. He has consistently focused on the challenges facing businesses to maintain a current and dynamic online presence without having to rely constantly on Web developers or have a proficiency in Web technologies.
In this section we are going to cover some of the key aspects that need to be addressed in order to
have a secure web server using IIS. It is important to note that a system is only as secure as its
weakest link and therefore any web server must be built on a secure and hardened Windows 2000
system. Securing Windows 2000 is not covered in this section but has been covered in a previous
module. So before you install IIS make sure that you spend the time to properly harden your base
operating system. Once you have a secure operating system configured, you...
THE Java™ Web Services Tutorial is a guide to developing Web applications
with the Java Web Services Developer Pack (Java WSDP). The Java WSDP is an
all-in-one download containing key technologies to simplify building of Web
services using the Java 2 Platform. This tutorial requires a full installation (Typical,
not Custom) of the Java WSDP, v1.6 with the Sun Java System Application
Server Platform Edition 8.1 2005Q2 UR2 (hereafter called the Application
Server). Here we cover all the things you need to know to make the best use of
Java Web Services shows you how to use SOAP to perform remote method calls and message
passing; how to use WSDL to describe the interface to a web service or understand
the interface of someone else's service; and how to use UDDI to advertise (publish) and look
up services in each local or global registry. Java Web Services also discusses security issues,
interoperability issues, integration with other Java enterprise technologies like EJB; the work
being done on the JAXM and JAX-RPC packages, and integration with Microsoft's .NET
Internetworking security has become a very big issue in recent months.
Companies who went through corporate life thinking, “it will never happen
to me” suddenly found themselves the victim of some sort of attack on
their network. High profile companies are most certainly a bigger target for
several reasons, including the notoriety the hacker receives for damaging
their network or Web site, and the amount of financial damage that can be
done by bringing down a successful e-commerce site. Recent attacks easily
racked up 100 million dollars in damage....
The adaptive security appliance delivers unprecedented levels of defense against threats to the network
with deeper web inspection and flow-specific analysis, improved secure connectivity via end-point
security posture validation, and voice and video over VPN support. It also provides enhanced support
for intelligent information networks through improved network integration, resiliency, and scalability.
The adaptive security appliance software combines firewall, VPN concentrator, and intrusion prevention
software functionality into one software image.
With over 1,500,000 copies of our MCSE, MCSD, CompTIA, and Cisco
study guides in print, we have come to know many of you personally. By
listening, we've learned what you like and dislike about typical computer
books. The most requested item has been for a web-based service that
keeps you current on the topic of the book and related technologies. In
response, we have created email@example.com, a service that
includes the following features:
Even as recently as five years ago, many computer industry experts would never have guessed how pervasive and “business critical” electronic messaging would eventually become. The degree to which some information technology professionals are surprised by the pervasive nature of today’s electronic mails systems is merely amusing to those of us that have had an e-mail address for more than 20 years.
This module provides students with an overview of the terms and concepts of,
along with the justification for, Web security. This explanation includes an
introduction of the STRIDE model, which can be used to categorize threats to
Web applications. This module also provides an overview of the technologies
and best practices that can be used to build a secure solution for Web
applications. After completing this module, students will be able to define the
basic principals of, and motivations for, Web security. ...
Even though new technologies enable people to do much more with the Web, in the end HTML, XHTML and CSS are still at the root of any Web site. The newest edition of this bestselling guide is fully updated and revised for the latest technology changes to the field, including HTML5 and CSS3. Illustrated in full color, this book provides beginner and advanced coders the tools they need to be proficient at these programming languages.
This book is aimed at equipping you, the developer, to understand the technologies that
are available to allow you to rapidly build secure, quality web experiences. Note that I use
the term experiences and not applications or sites. That is because the user experience is
the heart of the future Web.
This course is intended for individuals who are responsible for the design and
development of Web applications. These individuals typically have three to five
years of experience in developing or designing distributed Web applications.
Actual job roles and titles will vary throughout the technology industry, and
may include, but may not be limited to, Web developers and solutions
Why has CompTIA (the high-profile Computer Technology Industry Association behind the wildly popular A+ and Network+ certifications) targeted security for its latest credential?
Thanks to soaring e-business initiatives and worldwide Internet connectivity, recent survey stats from the Computer Security Institute (CSI) show we need more network security specialists-fast!
Boasting a one-of-a-kind integration of text, DVD-quality instructor-led training, and Web-based exam simulation and remediation, Security+ Study Guide & DVD Training System gives students 100% coverage of official CompTIA Se...
Pretty Good Privacy (PGP) was developed during the same period as PEM, in the
early 1990’s. PGP was originally designed for securing Internet mail. PGP shares
most technical features, such as digital signatures and public-key based encryption,
with PEM. Like PEMit uses a proprietary, non-MIME-compatible, message format
. However, later MIME-compatible variations have evolved . PGP’s main
diﬀerence from other proposals is its key management system. It does not use
X.509 Certiﬁcates, but rather a proprietary syntax.
Secure your Java applications using Java EE built-in features as well as the well-known Spring Security framework
Utilize related recipes for testing various Java EE technologies including JPA, EJB, JSF, and Web services
Explore various ways to extend a Java EE environment with the use of additional dynamic languages as well as frameworks
A learn-by-example based approach that focuses on key concepts to provide the foundation to solve real world problems
One of the great sources of productivity and effectiveness in the community of computer professionals is the
willingness of active practitioners to take time from their busy lives to share some of the lessons they have learned
and the techniques they have perfected. Much of the sharing takes place through online news groups, through web
postings, and through presentations at technical meetings, and those who are able to take the time to scan the
newsgroups, surf the web, and attend the meetings often gain measurably from those interactions....