[nycphp-talk] September Talk
Timothy Boronczyk
tboronczyk at acmgfcu.org
Sat Aug 13 01:37:36 EDT 2005
The PHP Security Audit HOWTO sounds really interesting.
I disagree that something with sessions wouldn't be all that
interesting, though. Of course you'd have to put a new twist on it...
instead of the same old custom storage of session data in a MySQL
database, perhaps store them in an IMAP mailbox, shared memory segment,
"duplexing" session tracking data to an audit printer in real time,
etc. I dunno, maybe it's just late and I need some sleep.
-Tim
Chris Shiflett wrote:
>I'll be giving September's talk and wanted to offer a few possibilities
>to see what people are interested in hearing - if anything. :-) The talk
>I give doesn't have to be an existing talk but can be a medley of topics
>of your choosing, so feel free to mix and match or suggest specific
>areas of interest.
>
>1. PHP Security Briefing
> Beginner/Lecture
> 60 Minutes
>
>2. PHP Security Audit HOWTO
> Intermediate/Lecture
> 60 Minutes
>
>The first is a general talk covering many bases, including best
>practices, common vulnerabilities, and popular attacks. The second is a
>more specific talk that describes the art of the PHP security audit,
>including tips that I've picked up over the last few years.
>
>Other topics I can speak on include HTTP, state, and sessions, although
>these tend to be a bit less exciting. :-)
>
More information about the talk
mailing list