Publications
1. Securing Apache: Step-by-Step

Published on the pages of SecurityFocus, the article describes how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found. Article, as well as subsequent ones focused on PHP and MySQL, can be found in recommendations of international organizations such as the SANS Institute and U.S. National Institute of Standards and Technology (NIST) and is listed as a reference in many publications dedicated to Web security.

Click here to read the article.

2. Securing PHP: Step-by-Step

Published on the pages of SecurityFocus, the article shows, in a step-by-step fashion, how to install and configure PHP server, in order to minimize the risk of successful break-in or its effects.

Click here to read the article.

3. Securing MySQL: Step-by-Step

This article finishes the series of articles devoted to securing Apache and PHP Server, and shows how to install and configure MySQL database, in conjunction with Apache and PHP technology and "defense-in-depth" approach, to publish dynamic Web pages while reducing the risk of a successful break-in to MySQL database.

Click here to read the article.

4. Remote Desktop Management Solution for Microsoft

The article describes how to establish secure remote management of older versions of Microsoft operating systems that do not offer remote management capabilities (Terminal Services, or Remote Desktop). The proposed solution is based on utilizing PKI components, and Open Source software like VNC, Stunnel and OpenSSL.

Click here to read the article.

5. Securing Apache 2: Step-by-Step

Published on the pages of SecurityFocus, the article is an updated version of the “Securing Apache: Step-by-Step” article, and show how to install and configure Apache 2.x web server, in order to minimize the risk of successful break-in, in case new vulnerabilities in this software are found.

Click here to read the article.

6. Apache 2 with SSL/TLS: Step-by-Step (part 1)

Published on the pages of SecurityFocus, the article is an introduction to the SSL/TLS protocol, and describes how, using a step-by-step fashion, install and configure Apache web server to publish content with utilizing the SSL/TLS protocol.

Click here to read the article.

7. Apache 2 with SSL/TLS: Step-by-Step (part 2)

Second part of the article devoted to the Apache web server and SSL/TLS protocol, shows how to properly configure Apache’s module responsible for SSL protocol, in order to minimize possibilities of performing attacks utilizing the weaknesses of SSL protocol, or weaknesses caused by Apache’s default configuration. The article shows also how to properly generate and install SSL certificates for web publishing purposes.

Click here to read the article.

8. Apache 2 with SSL/TLS: Step-by-Step (part 3)

The last article from the series devoted to configuration of Apache web server with SSL/TLS shows, how to use client authentication by utilizing SSL/TLS certificates. The article describes also typical mistakes in Apache’s SSL configuration, as known attacks on SSL/TLS protocols.

Click here to read the article.

10. Analysis of ZITMO malware (Symbian platform)

At the end of February 2011 customers of few Polish Banks were attacked by new version of malware – ZITMO (Zeus in the Mobile). Prevenity Team conducted analysis of version of this malware for Symbian operating system. In the document, besides information about functionality of malware, instructions have been provided on how to remove this malicious software from mobile phone.

Document (in Polish language) can be downloaded from here.
© 2010 Prevenity Sp z o.o. All rights reserved.    Company | Legal information | Contact Us | Site map