Java Developers Guide to Securing a production linux box
In small organizations, developers are often called on to also be the 'Information Technology Infrastructure' group… At least, this is why I became the reluctant system administrator at my small company. I found myself not just developing applications, but responsible for their production environment on the open internet. Learning this aspect of the application made me a better developer. It can do the same for you.
In this session we'll look at:
- installing and maintaining a production Java Environment
- tools for scanning your server to understand what services you are exposing.
- techniques (like address service isolation) for limiting your application's exposure to the web
- tools like mod_security, logwatch, denyhosts, monit, and munin to monitor your box and even proactively take defensive action
and more
About David Bock
David Bock is a Principal Consultant at CodeSherpas, a company he founded in 2007. Mr. Bock is also the President of the Northern Virginia Java Users Group, the Editor of O'Reilly's OnJava.com website, and a frequent speaker on technology in venues such as the No Fluff Just Stuff Software Symposiums.
In January 2006, Mr. Bock was honored by being awarded the title of Java Champion by a panel of esteemed leaders in the Java Community in a program sponsored by Sun. There are approximately 100 active Java Champions worldwide.
David has also served on several JCP panels, including the Specification of the Java 6 Platform and the upcoming Java Module System.
In addition to his public speaking and training activities, Mr. Bock actively consults as a software engineer, project manager, and team mentor for commercial and government clients.
More About David »