Infosec guys are lazy people. At least in my case! There is nothing much boring that typing long shell commands or to perform recurrent tasks. After all, computers are made to make our life easier. Let them work for us! UNIX is a wonderful environment. There are plenty ways to
Month: October 2010
Hack.lu Day #3 Wrap-up
The third day is just over, I just arrived at home in Belgium. Let’s write a quick review! The day started with Tom Keetch who demonstrated how to escape the protected mode of IE8. The feature is available with Internet Explorer 7 and requires at least Vista. Unfortunately, nothing is
Hack.lu Day #2 Wrap-up
The second day is over! Here is my wrap-up. After some doses of caffeine, the day started with the “Red Team Testing” workshop by Chris Nickerson (@indi303). He explained a methodology to conduct penetration tests. Good examples are the ones of the Tiger Team. The goal is to revamp the
Hack.lu Day #1 Wrap-up
We are already in November, fall is back! This is also the sign of the new edition of hack.lu, a classic security conference organized in Luxembourg. The first day started with workshops. I attended the crypto analysis workshop prepared by Eric Filiol, an expert in this domain. Cryptography is certainly
Implementing Active Lists in OSSEC
The second OSSEC week just ended. Here is a reflection about a feature that does not exist (yet?) in OSSEC. The goal of a SIEM (“Security Incidents and Events Management“) is to collect logs from multiple non-heterogeneous sources and process them to add some extra value to the events. To
This Blog is Monitored by OSSEC
As part of the second edition of the OSSEC week, I’d like to give some information about my daily usage of OSSEC. This week is an initiative from Michael Starks of Immutable Security and aim to promote OSSEC to the security community. I’m fully supporting such great initiatives. What about
Protect Your Applications Using EMET
Is there a way to make your Windows environment certainly not bullet-proof but stronger enough against attacks? A few weeks ago, Microsoft released an interesting add-on called EMET for its Windows operating systems range. EMET stands for “Enhanced Mitigation Experience Toolkit” and is designed to increase the security of your
PaloAlto Firewall Threat Monitoring Using OSSEC
Usually, I don’t speak or even try to give references to commercial security products on my blog. Why? Just because, my philosophy is the following: “First analyze the problems and then choose the right solution(s)“. The proposed solution could be commercial or free, hardware or software based, who cares? If
Wall Of Shame: Pros & Cons
A “Wall of Shame” or “Wall of Sheep” is a real-time demonstration application which searches for non secured (read: sent in clear text) login/passwords sent through a network. One of the well-know wall of sheep is the one operated every year during the Defcon conference in Las Vegas. A few