ColdFusion Muse

Security Pyramid Podcast - Part II

Mark Kruger April 30, 2006 9:35 PM Podcasts, Security Comments (0)

This is the second of 3 podcasts on the subject of "the security pyramid". This one covers the topic of "internal network policy". All of the material covered in the podcasts is also covered in the 5 posts listed below, although the podcasts often include items that are not in the posts. Thanks for listening!

Listen Here



  • Share:

Security Pyramid Podcast - Part I

Mark Kruger April 28, 2006 11:54 AM Podcasts, Security Comments (0)

This podcasts covers the first 2 sections of my recent series on the security pyramid, the introduction and the border patrol. The podcasts often include items that are not in the posts. Thanks for listening!

Listen Here

  • Share:

The Application Security Pyramid - Securing Your Code

Mark Kruger April 26, 2006 1:22 PM Coldfusion Tips and Techniques, Security Comments (3)

Is your site vulnerable to SQL Injection Attack? How about Cross Site Scripting? Are you even sure you know enough about those 2 vulnerabiities to protect against them?

This post is a continuation of a 5 part series on security called "The Application Security Pyramid". The introduction introduced a new metaphor for dealing with security that loosely mimics Maslow's heirarchy of self-actualization. In Part I I discussed the importance of "border patrol" technology to safeguard your network. In part II I discussed internal Policing and People Policy. In Part III I discussed the importance of managing the security framework of your actual application and how it relates to it's specific environment. In this, our final post in the series, we will discuss securing your application code itself.

Read More
  • Share:

The Application Security Pyramid - Neighborhood Watch

Mark Kruger April 25, 2006 1:01 AM Security Comments (0)

This post is a continuation of a 5 part series on security called "The Application Security Pyramid". The introduction introduced a new metaphor for dealing with security that loosely mimics Maslow's heirarchy of self-actualization. In Part I I discussed the importance of "border patrol" technology to safeguard your network. In part II I discussed internal Policing and People Policy. In this post we will deal with the importance of maintinaing a secure "environment" for your application.

Read More
  • Share:

Coldfusion MX and Mqseries Revisited

Mark Kruger April 24, 2006 10:38 PM Coldfusion MX 7, Coldfusion Upgrading Comments (0)

In my previous post on the topic of integrating MQSeries with Coldfusion MX I included some sample code for sending and retrieving messages to "put" and "get" queues using an MQManager object. This post has a correction and addition to that original sample code.

Read More
  • Share:

Configuring CF 7 Multiserver Instances - Including Custom JVM Settings

Mark Kruger April 17, 2006 10:31 PM Coldfusion MX 7 Comments (41)

Multi-server Installation have some distinct advantages. Process isolation is the one that makes the most sense to me. Many, maybe most servers house more than 1 web site. Even Intranet servers seem to have more than 1 site configured. A "single site" server is pretty rare - at least outside of a cluster. Having a way to isolate 1 site from another on the server itself is an ideal way of keeping bad code or database connections on one site from dragging down another. It's not for everyone. It certainly adds another layer of complexity to your server. Still, it's an excellent solution in some cases. Consider this scenario.

Read More
  • Share:

The Application Security Pyramid - Policing and People Policy

Mark Kruger April 13, 2006 1:31 PM Security Comments (1)

This post is a continuation of a 5 part series on security called "The Application Security Pyramid". The introduction introduced a new metaphor for dealing with security that loosely mimics Maslow's heirarchy of self-actualization. In Part I I discussed the importance of "border patrol" technology to safeguard your network. This post will deal with internal Policing and People Policy.

It's not enough to have effective border agents to feel safe. We also have to have effective policing inside our borders. After all, there are people here who are forced to work for the post office and they need watching. A system of policing and civil services keep us operating in safety and harmony with one another. This is the next two blocks on our pyramid - internal policing and people policy.

Read More
  • Share:

Cfmail and Missing Line Breaks

Mark Kruger April 12, 2006 8:09 PM Coldfusion Tips and Techniques Comments (11)

Here's a quick tip I learned today on CF-Talk about CFMAIL and whitespace. If you are using CFMAIL to send plain text mail but you set the "suprressWhitespace" attribute to YES it will strip out the whitspace and cause the mail to be sent without line breaks. To fix it, simply wrap your cfmail tag in a cfprocessingdirective tag, like this:

<cfprocessingdirective suppresswhitespace="No">
<cfmail from="blah" to ="blah" subject="more blah">
even more blah with a linebreak
some more blah

sincerly

blah blah
</cfmail>

</cfprocessingdirective>
While I have not had this problem I now know the solution.

  • Share:
Google Search
Google
Subscribe
Enter your email address to subscribe to this blog.
Recent Comments
  • Remembering Wil Genovese
    Mary Jo said: Wil's presence here will be sorely missed. We became good friends over the years and I will miss our... [More]
  • Remembering Wil Genovese
    charlie arehart said: Very sad news, and a real loss for the CF community which was blessed with so much of his knowledge ... [More]
  • Remembering Wil Genovese
    Mark A Kruger said: @Mike, Ha - yes! He was always a hoot at staff meetings. :) To be clear to the rest of the world ... [More]
  • Remembering Wil Genovese
    Mike Letson said: On several occasions, Will led me through deep technical waters that enabled me to serve my clients ... [More]
  • Remembering Wil Genovese
    Russ said: Rest in Peace man, my condolences to the family. Cancer seems to kill so many people now. :-( Both ... [More]
Archives By Subject
Twitter
    Facebook
    Aggregators


    Subscribe in NewsGator Online

    Add to Google
    RSS