content management ...
 
Notifications
Clear all

content management systems

3 Posts
3 Users
0 Likes
257 Views
(@tootypeg)
Posts: 173
Estimable Member
Topic starter
 

Anyone done any work into content management systems and dabbled in this area? every come across the need?

 
Posted : 03/02/2016 2:52 am
(@athulin)
Posts: 1156
Noble Member
 

Anyone done any work into content management systems and dabbled in this area? every come across the need?

A bit, but CMSs can be very diverse beasts.

Typically, you have a database. What database depends on the CMS and sometimes on the preferences of the system owner. How it is configured may be automatic, or it may be under strict control. Again, depends on what the CMS allows. But basically, there is database forensics.

Then, you have some way of adding and removing information. Again, typically CMS dependent. Is it logged? Are there time stamps?

And some way of administrating the whole or parts of this. Could be web application, could be platform application. Same questions here.

And then there's the end user part. Are there accounts or not?

This is usually web-based. So does the web platform log anything?

And you have a network infrastructure and operating system.
Load balancers – present? do they log anything useful? Firewalls? IDS's?

The 'forensic' part does not differ materially from anything else what does the various software/hardware layers allow you to state with any degree of confidence? For that, you need to be an expert on those layers. And you need to understand the CMS itself. You should preferably have managed an instance of the CMS for a year or so. There's no way around it.

I've looked at systems where SQL injection vulnerabilities allowed attackers to modify database contents, thus what the users would see when they visited a particular page, and systems where user authorization was not strictly enforced, allowing one knowledgeable user to access and sometimes even manipulate other users information. But these systems were not set up to log anything really important, so it was more or less a question of trying to identify the vulnerability mechanism, and not anything really 'forensic', in the strict sense of the word.

If you are asking about some particular CMS, better say what it is. And if you are asking about any particular forensic questions, better state them.

 
Posted : 07/02/2016 1:36 pm
(@trewmte)
Posts: 1877
Noble Member
 

tootypeg I haven't worked in this area but if you haven't already try a research-look at DRUPAL - https://www.drupal.org/project/drupal

There is a large collection of info on security https://www.drupal.org/search/site/security which might help.

 
Posted : 08/02/2016 11:30 am
Share: