I’m writing the final touch of my PH-Neutral wrap-up from the Berlin airport waiting for my flight back to Belgium. The 0x7DB edition was the first time for me but also the latest one as FX, the founder, decided to not organize the event next year. A page is over!
Month: May 2011
May 2011 OWASP/ISSA Belgium Meeting Wrap-up
Tonight was held a joined OWASP and ISSA Belgium Chapters meeting with three speakers. Very interesting content, here is a small wrap-up in “bullet-point” mode due to a lack of free time… First speaker, Tom Van Der Mussele from Verizon Business spoke about the “non-conventional attacks“. Tom explained that those
HITB2011Ams Wrap-up Day #2
After a cool dinner with other Belgian infosec people, the second day started with a discussion panel about the “Economics of vulnerabilities“. The panelists were: Lucas Adamski (Mozilla), Steve Adegbite (Adobe), Aaron Portnoy (Tipping Point),Adrian Stone (Blackberry / RIM), Chris Evans (Google),Katie Moussouris (Microsoft), Dhillon Kannabhiran (HITB – moderator). Almost
HITB2011Ams Wrap-up Day #1
Welcome back in Amsterdam! This is the second edition of the Hack In The Box (HITB) security conference in Europe. Let’s go for a quick wrap-up! I woke up too early (04:00AM) to drive to Amsterdam and arrived without any traffic jams (rare in Amsterdam)! Enough time to perform the
IPv6 Backdoor for the Best and Worst!
I’d like to come back to an issue I faced yesterday with one my servers. I think that this story could be a good example as part of an IPv6 awareness program… One of my servers in my home lab runs several virtual machines. This server is reachable from outside
HITB Amsterdam 2011 Coverage
In exactly one week, the 2nd edition of HITB Amsterdam (“Hack In The Box“) will be already over. As you see their logo on the left, I’ll attend the event and perform a coverage via Twitter and my Blog (Thanks against to the organization for the invitation!). I’ll be in
OSSEC Speaks “ArcSight”
Log management… A hot topic! There are plenty of solutions to manage your logs. Like in all IT domains, there are two major categories: free and commercial tools. Both have pro and cons. No big debate here, contrariwise I’ll show you a good example of a mix between both worlds.
ISSA Belgium Chapter Review of the Verizon DBIR
I’m just back from the last ISSA Belgium event organized tonight at Verizon premises. Wade Baker, director of risk intelligence for Verizon and creator, author and primary analyst for Verizon’s DBIR series, presented the analysis, findings and recommendations of the 2011 version of Verizon’s DBIR. If you are an infosec
/bin/bash Phone Home
I found UNIX a wonderful OS, whatever the flavors! I use it for 17 years and almost every week, I learn new stuffs. One of the particularities of UNIX is the way it communicate with devices. Except some specific devices, most of them are managed and visible as files or
Log Management: Don’t be an Ostrich!
I would like to tell you about the situation I experienced this afternoon. The goal of a log management solution is to collect and store events from several devices and applications in a central and safe place. By using search and reporting tools, useful information can be extracted from those