Fyodor has posted interesting news in nmap-hackers yesterday. First, a new beta version of Nmap is available for a few days (4.85BETA4). What’s new? Ncat and Ndiff tools are included, a lot of new NSE scripts, more than 5,000 version detection signatures, 2,000 OS fingerprints, improved scan performance and much
Month: March 2009
Yubikey Authentication on Linux
In a previous article, I presented the Yubikey product. I also explained why, for security reasons, the usage of two separate Yubikeys could be a plus. One converted to provide a static password and the second left as is (to provide one-time passwords). I received my 2nd Yubikey a few
Infosecurity.be 2009 is Over
A few words about infosecurity.be. This edition was held at Brussels Expo. It’s without doubt the only Belgian event where you can meet so much security consultants per square-meter! As said on the Belsec blog, this event is first of all a sales event. I’ll not be too critical about
Local Conference about Internet and Associated Risks
I’m back from a local event organized in my village: “Ce qu’il faut savoir pour surfer sans risque” what can be translated by “How to use the Internet in a safe way“. I heard about this conference via the local newspaper and found interesting to attend. Not to learn new
Family Security Awareness Training
For a while my daughters are using a laptop at home for games. A specific account was created for this purpose with limited access rights (no Internet at the moment!), access time and no password. Now, the youngest (six years old) has enough knowledge to type words on the keyboard.
Virtual Banking, Real Risks?
Announced on BBC News, Mindark, the developers of Entropia, get their license to perform on-line banking! Entropia is an online game defined as “The first virtual universe with a real cash economy”. The Swedish Financial Supervisory Authority accepted and issued a license to Mindark. It allows players to convert their
Introduction to SEAT
SEAT – Search Engine Assessment Tool – is a tool dedicated to security professionals and/or pentesters . Using popular search engines, it search for interesting information stored in their caches. It also uses other types of public resources (see later). Popular search engines like Google or Yahoo! (non-exhaustive list) use
Oups! Gmail Undo Function
Gmail Labs are back with a new feature for Gmail… A few months ago, they introduced a feature to help users to not send e-mails at the wrong moment (late night, after a party, …) Now, there are back with a new protection: An undo function! It’s very simple: once
ISSA-Be Event: Targeted attacks: Balancing FUD, Reality and the Future
Back from the last ISSA Belgium Chapter event about targeted attacks. The speaker was Swa Frantzen. This is really a great guy who’s also a SANS ISC handler. Last year, he already made a presentation for ISSA about one day @ ISC. Less than twenty people attended the meeting today,
Dynamic Signature Verification
Authentication is a key point in security. How to be sure that the user behind the keyboard is really the one he pretend to be? A hand-written signature can by used as an authentication factor (but combined with another one – remember – strong authentication requires multiple factors). Basic signature