Practical auditing of HTTP(s) servers presented at SummerCon 2001

by Roelof ( RT ) Temmingh,

Summary : HTTP is a ubiquitous and (frequently) an easily compromised service.
Through regular auditing, many of the risks of operating web servers
can be minimized. This presentation will cover a number of topics,
such as common problems on web servers and running well-known tools
against HTTPS servers. Other areas include: a cursory introduction to
PKI, weaknesses of SSL-enabled web servers, IDS evasion and
Microsoft, the impact of the web server compromise (and how to take
it further), common application level weaknesses and future problems
around the use of web servers, and the Internet as an information
medium.

Roelof ( RT ) Temmingh: Roelof completed his electronic engineer degree in 1995 and has been involved in the security industry for some years now. He started SensePost with some friends in 2000, left SensePost in 2007 and has been running Paterva since then. He has spoke at numerous international conference including BlackHat, Defcon, Cansecwest, FIRST, Hack in the box and co-wrote some book with the rest of the Syngress crowd. He likes to think about and create new and innovative technology is and the driving force behind Maltego.