Chapter 2
[ 57 ]
While creating a task we assign a Start Date and End Date, assign the Priority (in
relation to the success of the project as whole), and then assign the resource to test it.
In this demonstration, the engineer, John Smith will be testing the SQL injection x.
As you can see, this would roll up to your dashboard and show you where the
project is, keeping it on the track.
One major aw with many software packages, GNU/GPL, and commercial products
for Joomla! is the lack of good documentation. While it's difcult to write good
documentation, it is not impossible. Having a process and a tool to assist you is one
way to deliver on that need. Lighthouse gives you a central repository to create,
track, and distribute documentation.
With this, you can track emails, project notes, conversations with the client and
your team, memos, and so on. All this can be used to quickly create polished and
professional documentation that will ow into your customer's hands, your disaster
recovery handbook, and your user guides. This will provide an excellent historical
resource to fall back on in times of trouble.
In the following gure, you can see that Lighthouse has covered all the bases when it
comes to document and record collection.
My background is in the role of technical presales support, working for large,
multinational computer system vendors. In that role, I author worked closely with
all types of companies, from their CIO, down to their technicians. This unique
employment gave the opportunity of seeing both good and bad practices. One of the
very good practices in those companies is documenting up front the tests they wish
to conduct on a given piece of hardware or software.
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Test and Development
[ 58 ]
You have the same need and responsibility to your project, website, or client of
establishing test parameters, test scripts, processes to conduct the test, and document

service if running. The instance will generate an error if IIS is running.
Roll-out
You've tested your patches, changes, upgrades, or whatever you have. You have
also crafted your documentation, and re-tested your disaster recovery plan. You
have obtained the client sign-off where necessary, now that the project or x is ready
to go live.
Now what? Now you will deploy it.
The steps necessary to deploy xes, changes, or new installations to create a highly
secure environment are as follows:
1. Dene what a successful upgrade is.
2. Make sure you and your team are all in agreement on tasks.
3. Assign tasks to team members. An example is assignment of BACKUPS.
4. Set a scheduled time for the upgrade; the best time is when you have low
periods of trafc.
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Test and Development
[ 60 ]
5. Craft a rollback plan in the event of something that does not work
as planned.
6. Write out the steps to do installation, with the documentation you created
using the Lighthouse SDM tool.
Example:
a. Copy new extension over to the site.
b. Install new extension from Document xyz123.
c. Down the site.
d. Install extension, test.
e. If everything is ne,—turn on the site.
f. If everything is not ne,—refer to the rollback plan.
g. Close the project.

Joomla! HISA Joomla! Tools Suite v1.0-3F
Joomla Tools Suite Assurance
Joomla Diagnostics
JCheck
Nmap (version 4.20 and 4.50)
Wireshark
Metasploit
Nessus vulnerability scanner
•
•
•
•
•
•
•
•
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Tools
[ 62 ]
Tools, Tools, and More Tools
The Joomla! community has many highly talented and creative thinkers. These
wonderful programmers have created several important tools for protecting and
diagnosing potential security threats to our Joomla! sites.
Some of these tools, such as the HISA tool set, are released under the GNU/GPL
license, while some are released under a commercial license.
Each of these coders, who developed these tools, offers a great commercial service
that you may wish to take advantage of.
In our tour of the Tools section, we'll begin with a wonderfully well-written set
of tools from www.justjoomla.com.au. The rst tool is known as the Health,

This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Tools
[ 64 ]
Web-Server Environment
The Web-Server Environment is a vulnerable part of your site as this is where
Joomla! is based. Using the following screenshot, we can determine very quickly, the
critical nature of Apache and some of our other modules. We can see in the following
image that we have FrontPage/5.0.2. This could leave us vulnerable (through the
FrontPage extensions) and so we would want to remove this.
Here is a treasure trove of information about our environment. Again, some
information has been removed from publication. (In this case, the Site IP and Server
Admin e-mail). If we do a quick search for vulnerabilities in Apache 1.3.39, we will
nd that a x was released in September. More information can be found at:
http://httpd.apache.org/security/vulnerabilities_13.html:
Fixed in Apache httpd 1.3.39
moderate: mod_status cross-site scripting CVE-2006-5752
A aw was found in the mod_status module. On the sites where the server-status
page is publicly accessible and ExtendedStatus is enabled, this could lead to a cross-
site scripting attack. Note that the server-status page is not enabled by default and it
is best not to make this publicly available.
Update Released: 7th September 2007
Affects: 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27,
1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4,
1.3.3, 1.3.2
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Chapter 3
[ 65 ]
moderate: Signals to arbitrary processes CVE-2007-3304

Apache/1.3.39 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_
bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.30 OpenSSL/0.9.7a
PHP-CGI/0.1b

X-Powered-By: PHP/4.4.4
its a cpanel install. i
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008
1010 SW High Ave., , Topeka, , 66604
Tools
[ 66 ]
The site recently moved to dedicated server (VDS?) i tried snifng ports but
nothing came up. also looked in the joomla bugtracker but couldnt nd much.
a simple rhs attach but the site isnt cashed (Cache-Control: no-store, no-cache,
must-revalidate, post-check=0, pre-check=0) so its useless too
_____________________________________________________________________
A simple search for MOD_SSL/2.8.30 uncovered this person's angst and desire
for revenge.
It surely sounds a lot like my conguration, doesn't it? Why did I show this to you? If
you were running a version with a known vulnerability, this fellow would know and
might be able to exploit you. And keeping track of this, even we could become the
target for the same exploit.
Meanwhile, in HISA, we see the version of SSL running, we have the Front Page
Extensions installed, and so forth. We need to have quite a bit of information
at hand.
Required Settings for Joomla!
Joomla! runs best if you set up the settings! Yes. it is cliché, but it's still important.
The following screen will give us a view of the critical settings. Again, we see that the
Session save path is Unwriteable. This is the only item of medium concern in
our install.
This material is copyright and is licensed for the sole use by Thomas Rosenblum on 4th December 2008