Skip to content

Commit a794296

Browse files
mattmakaimattmakai
committed
new security resource
1 parent b2ff734 commit a794296

File tree

4 files changed

+18
-1
lines changed

4 files changed

+18
-1
lines changed

all.html

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2981,6 +2981,12 @@ <h2>General security resources</h2>
29812981
<p><a href="https://www.moses.io/2015/09/tls-and-server-hardening-post-nginx/">TLS and Nginx Web Server Hardening</a>
29822982
explains a secure server configuration for the Nginx web server.</p>
29832983
</li>
2984+
<li>
2985+
<p><a href="http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/">Timing attacks are one form of vulnerability</a>
2986+
that can be used to defeat HTTPS in certain configurations. Understanding
2987+
how those attacks work is important in keeping your users' connections
2988+
secure.</p>
2989+
</li>
29842990
</ul>
29852991
<h2>Web security learning checklist</h2>
29862992
<ol>

feeds/all.atom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
<?xml version="1.0" encoding="utf-8"?>
2-
<feed xmlns="http://www.w3.org/2005/Atom"><title>Matt Makai</title><link href="http://www.fullstackpython.com/" rel="alternate"></link><link href="http://www.fullstackpython.com/feeds/all.atom.xml" rel="self"></link><id>http://www.fullstackpython.com/</id><updated>2015-11-07T15:14:47Z</updated></feed>
2+
<feed xmlns="http://www.w3.org/2005/Atom"><title>Matt Makai</title><link href="http://www.fullstackpython.com/" rel="alternate"></link><link href="http://www.fullstackpython.com/feeds/all.atom.xml" rel="self"></link><id>http://www.fullstackpython.com/</id><updated>2015-11-08T11:25:12Z</updated></feed>

source/content/pages/04-web-development/15-web-app-security.markdown

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,11 @@ securing Linux distributions.
129129
* [TLS and Nginx Web Server Hardening](https://www.moses.io/2015/09/tls-and-server-hardening-post-nginx/)
130130
explains a secure server configuration for the Nginx web server.
131131

132+
* [Timing attacks are one form of vulnerability](http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/)
133+
that can be used to defeat HTTPS in certain configurations. Understanding
134+
how those attacks work is important in keeping your users' connections
135+
secure.
136+
132137

133138
## Web security learning checklist
134139
1. Read and understand the major web application security flaws that are

web-application-security.html

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -185,6 +185,12 @@ <h2>General security resources</h2>
185185
<p><a href="https://www.moses.io/2015/09/tls-and-server-hardening-post-nginx/">TLS and Nginx Web Server Hardening</a>
186186
explains a secure server configuration for the Nginx web server.</p>
187187
</li>
188+
<li>
189+
<p><a href="http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/">Timing attacks are one form of vulnerability</a>
190+
that can be used to defeat HTTPS in certain configurations. Understanding
191+
how those attacks work is important in keeping your users' connections
192+
secure.</p>
193+
</li>
188194
</ul>
189195
<h2>Web security learning checklist</h2>
190196
<ol>

0 commit comments

Comments
 (0)