Advertisement

anatomy of a crash

Valerie Forrestal
Web Services Librarian at City University of New York
Oct. 7, 2013
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash
anatomy of a crash

Check these out next

DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016
Justin Ison
Progressive Enhancement using WSGI
Progressive Enhancement using WSGI
Matthew Wilkes
Scaling Selenium
Scaling Selenium
Noah Sussman
Setup web-application-testing-environment
Setup web-application-testing-environment
Nabarun Roy
Selenium Israel Meetup
Selenium Israel Meetup
Justin Ison
Belfast Selenium Meetup
Belfast Selenium Meetup
Justin Ison
Test-Driven Sitecore
Test-Driven Sitecore
Caitlin Portrie
Architecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applications
Mikhail Vasylchenko
1 of 14

anatomy of a crash

Oct. 7, 2013
Download to read offline
Technology
Design

detailing a website crash after hacking. how to secure your site against security vulnerabilities. how to recover after a crash/hacking.

Valerie Forrestal
Web Services Librarian at City University of New York
Advertisement
Advertisement
Advertisement

Recommended

TDD super mondays-june-2014TDD super mondays-june-2014
TDD super mondays-june-2014Alex Kavanagh759 views39 slides
How to build webapps with toolsHow to build webapps with tools
How to build webapps with toolsPasindu Perera154 views13 slides
Webdriver.ioWebdriver.io
Webdriver.ioSteven Noble43 views16 slides
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)brian d foy1.5K views19 slides
How I got my First CVE How I got my First CVE
How I got my First CVE nullowaspmumbai208 views13 slides
How to make your functional tests really quickHow to make your functional tests really quick
How to make your functional tests really quickMikalai Alimenkou2.9K views18 slides

More Related Content

Slideshows for you(20)

DCAST Meetup - Washington, DC Feb 2016DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016
Justin Ison240 views
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGI
Matthew Wilkes510 views
Scaling SeleniumScaling Selenium
Scaling Selenium
Noah Sussman2.1K views
Setup web-application-testing-environmentSetup web-application-testing-environment
Setup web-application-testing-environment
Nabarun Roy131 views
Selenium Israel MeetupSelenium Israel Meetup
Selenium Israel Meetup
Justin Ison949 views
Belfast Selenium MeetupBelfast Selenium Meetup
Belfast Selenium Meetup
Justin Ison461 views
Test-Driven SitecoreTest-Driven Sitecore
Test-Driven Sitecore
Caitlin Portrie776 views
Architecture of automated test cases for legacy applicationsArchitecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applications
Mikhail Vasylchenko1.9K views
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
Ben McCormick2.7K views
Introduction to jestIntroduction to jest
Introduction to jest
pksjce2K views
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkins
Eric Cope1.2K views
Hibernate, how the magic is really doneHibernate, how the magic is really done
Hibernate, how the magic is really done
Mikalai Alimenkou2.8K views
STAQ Development Manual (Redacted)STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)
Mike Subelsky5.6K views
Tomer Shiri - A Bug's Life - How to Avoid Production CatastrophesTomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
tlv-ios-dev305 views
2017 stuysplash-build-tools2017 stuysplash-build-tools
2017 stuysplash-build-tools
Jeanne Boyarsky211 views
How to write better tests with Test Driven DevelopmentHow to write better tests with Test Driven Development
How to write better tests with Test Driven Development
Alex Hoffman14 views
Sauce Labs for Visual Studio Team Services & TFSSauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFS
Sauce Labs4.3K views
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency Realities
Mike Subelsky1.5K views
Selenium and Appium Training from Sauce LabsSelenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce Labs
Sauce Labs5.4K views
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
JosephTesta9413 views

Similar to anatomy of a crash(20)

WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
Angela Bowman945 views
EECI 2010: Upgrading to EE 2EECI 2010: Upgrading to EE 2
EECI 2010: Upgrading to EE 2
ryanirelan545 views
First appFirst app
First app
Benjamin Taylor321 views
Web hacking series part 3Web hacking series part 3
Web hacking series part 3
Aditya Kamat321 views
Confidence webConfidence web
Confidence web
Dan Kaminsky11.3K views
Http to Https Get your WordPress website Compliant!Http to Https Get your WordPress website Compliant!
Http to Https Get your WordPress website Compliant!
Lynn Dye421 views
The moment my site got hackedThe moment my site got hacked
The moment my site got hacked
Marko Heijnen2.1K views
Rails scalingRails scaling
Rails scaling
Sebastian Roth945 views
WordPress Setup and Security - WordCamp, Charleston 2014WordPress Setup and Security - WordCamp, Charleston 2014
WordPress Setup and Security - WordCamp, Charleston 2014
Michael Carnell2.3K views
Advanced Error Handling Strategies for ColdFusion Advanced Error Handling Strategies for ColdFusion
Advanced Error Handling Strategies for ColdFusion
Mary Jo Sminkey1K views
Git Makes Me Angry InsideGit Makes Me Angry Inside
Git Makes Me Angry Inside
Emma Jane Hogbin Westby1.6K views
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?
Michele Butcher-Jones1.9K views
macOS Vulnerabilities Hiding in Plain SightmacOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain Sight
Csaba Fitzl383 views
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
IXIASOFT339 views
Cross-platform logging and analyticsCross-platform logging and analytics
Cross-platform logging and analytics
Drew Crawford1.3K views
Modern websites in 2020 and JoomlaModern websites in 2020 and Joomla
Modern websites in 2020 and Joomla
George Wilson566 views
Abraham aranguren. legal and efficient web app testing without permissionAbraham aranguren. legal and efficient web app testing without permission
Abraham aranguren. legal and efficient web app testing without permission
Yury Chemerkin1.7K views
Migrating big dataMigrating big data
Migrating big data
lauraxthomson388 views
CSS 201CSS 201
CSS 201
Jennifer Berk804 views
Architecting Reliability and Visibility into Integrations at Airbnb Architecting Reliability and Visibility into Integrations at Airbnb
Architecting Reliability and Visibility into Integrations at Airbnb
MuleSoft1K views
Advertisement

Recently uploaded(20)

INT 1010 09-2.pdfINT 1010 09-2.pdf
INT 1010 09-2.pdf
Luis R Castellanos4 views
SpinoS Corporate Presentation.pptxSpinoS Corporate Presentation.pptx
SpinoS Corporate Presentation.pptx
Vaishak260 views
different topics blogging articles.different topics blogging articles.
different topics blogging articles.
AishaSajidAishaSajid0 views
DLL_MAPEH 6_Q1_W1.docxDLL_MAPEH 6_Q1_W1.docx
DLL_MAPEH 6_Q1_W1.docx
JovhelTibay0 views
plantilla-cv-animado (2).pptxplantilla-cv-animado (2).pptx
plantilla-cv-animado (2).pptx
LeidyMungua0 views
AI PROJECT .... (1).pptxAI PROJECT .... (1).pptx
AI PROJECT .... (1).pptx
VishnuDubey140 views
chatgpt-privacy and security.pptxchatgpt-privacy and security.pptx
chatgpt-privacy and security.pptx
Deepak Kumar7 views
LeedsSharp May 2023 - Azure Integration ServicesLeedsSharp May 2023 - Azure Integration Services
LeedsSharp May 2023 - Azure Integration Services
Michael Stephenson11 views
Exploring the Power of EXO Drones.pdfExploring the Power of EXO Drones.pdf
Exploring the Power of EXO Drones.pdf
uszizz. com0 views
INT 1010 03.pdfINT 1010 03.pdf
INT 1010 03.pdf
Luis R Castellanos4 views
INT 1010 02.pdfINT 1010 02.pdf
INT 1010 02.pdf
Luis R Castellanos4 views
无法毕业?澳大利亚新英格兰大学毕业证书和学位证书办理无法毕业?澳大利亚新英格兰大学毕业证书和学位证书办理
无法毕业?澳大利亚新英格兰大学毕业证书和学位证书办理
ynexeyb0 views
Intro_Net_91407.pptIntro_Net_91407.ppt
Intro_Net_91407.ppt
SuhailParakkal50 views
ACP - Week - 9.pptxACP - Week - 9.pptx
ACP - Week - 9.pptx
funnyvideosbysam2 views
Photoshop Tools.pptxPhotoshop Tools.pptx
Photoshop Tools.pptx
yelnatz0 views
INT 1010 08-4.pdfINT 1010 08-4.pdf
INT 1010 08-4.pdf
Luis R Castellanos4 views
What-is-Empowerment-Technology.etech.pptxWhat-is-Empowerment-Technology.etech.pptx
What-is-Empowerment-Technology.etech.pptx
JeromePantonial0 views
Week1Lec03-Dimensional Analysis.pptx.pdfWeek1Lec03-Dimensional Analysis.pptx.pdf
Week1Lec03-Dimensional Analysis.pptx.pdf
AlakhKumar64 views
Final Project Presentation.pptFinal Project Presentation.ppt
Final Project Presentation.ppt
RogerBarrow20 views
Chapter 3 - ET.pdfChapter 3 - ET.pdf
Chapter 3 - ET.pdf
Habtamu Yetwale3 views

anatomy of a crash

  1. valerie forrestal code4libNYC 2013.10.08 the anatomy of a crash
  2. aw, hell. that„s not supposed to do that.
  3. step 1: check your main index file turkish escorts, anyone?
  4. why would someone hack a library website? (it„s not personal)
  5. step 2: send out an email i„m serious. this is a step. because you will get about a thousand emails and phone calls telling you the site is down.
  6. step 3: put up a temp homepage
  7. i used a free css template, but you can use a framework if you‟re feeling fancy • html5boilerplate: http://html5boilerplate.com/ • bootstrap: http://getbootstrap.com/ • foundation: http://foundation.zurb.com/
  8. step 4: check server logs • replace any files that were recently changed (not by you) with backups • the internet tells me this will find files edited in the past 2 days: find . -mtime -2 -type f
  9. step 5: do a clean install • if none of the above fixes work, you‟re probably going to need to reinstall your cms software • this is a problem if you‟ve made a mess of your file structure and have undocumented customizations, so, in the future…
  10. be prepared! • set up your site so that you are able to restore it from scratch with the newest version of the software. don‟t get tied to a particular version! • some best practices…
  11. best practices? • always keep your software up-to-date • keep your customizations modular • keep your site root organized and your subdirectories clean • have clear documentation on how to restore the site from scratch • back up your backups • minimize your use of plugins • have a simple backup site ready to go
  12. versioning
  13. more tips • google “secure … site” and “common … hacks” • http://www.marcofolio.net/joomla/7_tips_to _optimize_joomla_security.html • http://arstechnica.com/security/2013/02/se curing-your-website-a-tough-job-but- someones-got-to-do-it/ • Open Web Application Security Project (OWASP): https://www.owasp.org/
  14. contact valerie forrestal web services librarian college of staten island/CUNY • vforrestal@gmail.com • vforrestal.com • @vforrestal • slides available at: slideshare.net/vforrestal
Advertisement