Task #31780
Change suggestions for chapter "After an attack"
| Status: | Closed | Start date: | 2011-11-13 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assignee: | Michael Schams | % Done: | 100% |
|
| Category: | - | |||
| Target version: | 1.0.0 | |||
| Votes: | 0 |
Description
Georg Ringer commented on chapter "After the Attack":
missing: check the change time of files, check for new versions of extensions/core, if an insecure extension was found which is not known to Security Team, it should be reported (also including that the ext has been used in real world for hacking)
Possibly:
check your legal rights. some countries (e.g. AT): if sensitive data has been stolen/copied, the law says that the website owner must inform the users.
Associated revisions
[TASK] chapter "Types of Security Threats -> Information disclosure" extended
[TASK] chapter "Types of Security Threats -> Code injection" (RFI and LFI) added
[TASK] chapter "Types of Security Threats -> Authorization bypass" added
[TASK] chapter "After an Attack" completely rewritten (named "Detect, Analyze And Repair A Hacked Site" now) (resolves: #31780)
[TASK] chapter "Detect, Analyze And Repair A Hacked Site -> Detect a hacked website" added (resolved: #30733)
History
Updated by Michael Schams over 1 year ago
Encouraged by Georg's suggestions, I have decided to re-write and extend the chapter "After an attack" completely. This would also address Christopher's concerns about information about kinds of attacks, see #30733.
The new chapter should cover the following sub-sections:
- how to detect a hacked website (typical scenarios)
- take the website offline (first action)
- repair/restore (second action)
- analyze the hacked site (third action)
- update (fix vulnerability)
Updated by Michael Schams over 1 year ago
- % Done changed from 0 to 90
Updated by Michael Schams over 1 year ago
- Status changed from Accepted to Resolved
- % Done changed from 90 to 100
Applied in changeset r1070.
Updated by Chris topher about 1 year ago
- Status changed from Resolved to Closed