Today I participated in a survey organized by a major Belgian bank. The goal was to improve their web services (which is always a nice initiative). At the middle of the survey, came the following question: Of course, I answered “I don’t know“. How can they restrict the choice to
Month: April 2009
Use Google Mail as a Sandbox
Google announced via his Official Gmail Blog the support of TIFF and Powerpoint files in their Gmail application. PDF files were already supported for a while. For a few months, PDF files have been hit by several security issues and recently, a zero-day exploit targeted Powerpoint files. Why not use
Tell Me How You Work and I’ll Monitor You!
Today, I read an interesting story in Datanews, a Belgian IT newspapers. To briefly resume, “Company A”, the customer, complains about “Company B”, the telecom operator, which installed a telephone central at the first one premises. During a weekend, hackers took control of the system and used it perform calls
The Great Firewall of Belgium
Due to an official request from the federal authorities, Belgian Internet Service Providers are preventing their customers to access four very-controversial URLs (all of them pointing to the same website). When I say “controversial”, it means, regarding the Belgian law, “illegal”. This website publishes personal information about people who performed
When a Picture is Worth a Thousand Words
A security awareness is mandatory but can become quickly boring! Sometimes, a good picture is worth a thousand words. During a Google Image search, I found this one excellent! (Source: Minnesota States Colleges and Universities)
Black Hat Europe is Over…
End of four days of high quality conferences, social networking and fun! This was my first Black Hat experience and it was really exciting! Some presentations were already known to me (presented during other events) and sometimes choices were difficult between two interesting tracks scheduled at the same time. But
Forensics: Reconstructing Data from Pcap Files
Sometimes during forensics investigations, it can be useful to recover deleted or temporary files transferred by users and/or processes with protocols like FTP or HTTP. Let’s see how to achieve this using pcap files! libpcap is an API which provides network packets capture facilities. Very common on Unix, there is
Black Hat Europe 2009
Yeah! Black Hat Europe 2009 started today in Amsterdam! I was previously registered for the briefings sessions on Thursday and Friday but, in last minute, I add the opportunity to replace a sick colleague. The two first days are reserved for trainings and I’m following “TCP/IP Weapons School 2.0” given
Strong Authentication with Linux
Next step in my investigations to implement a strong authentication process on my Linux laptop using the Yubikey. In a previous post, I explained how to use a Yubikey to authenticate on Linux with a PAM module. It works very well but, like I said in the previous article conclusion,
Boring Tasks Automation with Expect
It’s by human nature, we hate repetitive tasks! We always try to perform our job using the minimum actions possible. This is particularly true for Network or System administrators! There is nothing more boring than repetitive tasks… A good example? In the scope of a new monitoring platform, fifty Cisco