Intro:

-----------------------------------------

These are the files from a presentation I gave on Web Application

Security, not to be confused with security related to web servers or network

security in general.  These slides aren't that great, and neither are my examples,

but I figure it might be a good starting point for those of you that are 

looking to make your own presentations.  You shouldn't be LEARNING from this

presentation, as most of the information was in my head.  If you want to learn

about web app security, check out the links at the end of my PowerPoint.  They

are a decent starting point and should have you on your way.



Note: Examples use PHP and MySQL, but I stayed away from concepts that aren't

cross-language.  You can give this presentation using any technology.



Contents:

-----------------------------------------

site_files.zip - contains all the files needed to demonstratethe examples

in the PowerPoint presentation



websecDB.mysql - schema for the DB used in the presentation



Web_Application_Security.ppt - PowerPoint which is a good starting point

for learning about Web App Sec



How to setup:

-----------------------------------------

1) First, you have to import/setup the MySQL DB.  Ask your host/administrator

how to do this.  Typically, if you have shell access, you can do something

like this (after having created the DB in the first place):

	

mysql -u USER -p DBNAME < websecDB.mysql

	

Where DBNAME Is the name of the database you created, and USER is the name

of user you assigned to the database.  If these instructions are completely

out of the scope of anything you've done, you probably shouldn't be worried

about web app security anyway.



2) Once you setup the database, unzip the files in site_files.zip onto your host.



You only need to edit Database.php in web_security/include/Database.php to 

point to the database you created earlier.



3) Edit the hyperlinks in the PowerPoint to link to your site.



Good luck!