I got my new corporate notebook a few days ago and I’m now busy with the setup (an article will follow soon). I need to run a Windows XP guest in a VM. I’m a mobile user and never directly connected to the company LAN. I had to join the
Microsoft offers a free e-book “Writing Secure Code for Windows Vista”. Check out here. Dear developers, don’t forget that security aspects must be taken into account at the early stage of software development!
When you use a workstation (PC, laptop or thin client), it’s important to lock it when you are away for a while or funny things may happen. Usually, the screen is automatically locked after a configurable inactivity period. To unlock it you need to type a password or, on some
OpenBSD is my favorite OS and one more time, it makes the difference! The latest OpenBSD CVS version introduces the “SSH Fingerprint ASCII Visualization“. What does it mean? When you connect to remote host via SSH, your SSH client performs some checks on the server key. If it changed, you
Four Minutes! This is the actual survival time on the Internet for an unpatched system (sources: ISC and the Survival Time Graph). Good practice: Always perform a full patch before connecting a new server on the Internet (even under pressure). A good deployment procedure must be in place.
HP announced that the AdvFS source code will be made open source. A few years ago, I worked with Tru64 and AdvFS. It was a wonderful file system but, unfortunately, Tru64 development stopped after the Compaq take over by HP. Let’s hope that the AdvFS source code will provide benefits
Microsoft (via the Solutions Acceleratos team) published an interesting document about NAP: “ Selecting the Right NAP Architecture“.
The following story has been relayed by several blogs and newspapers. An employee was fired for violation of its company computer usage policy: Child porn was found on his laptop. The first human reaction facing such evidences is not always the best one: “Guilty!”. A computer forensics analyst spent one
We are all vulnerable! Yesterday, it was my turn… Infected by a trojan. Up to 04:00 AM to fix the problem! The culprit was Vundo. A well-known (and quite old) Trojan which slows down the system, display pop-ups etc… Nothing very malicious but it was difficult to get rid of
Events centralization is a must-have in your security policy. Using a central place where reside your logs has many advantages: Reduction of the resources usage on the source device (disk almost) No need to take care of local logs: logs contain critical data and must be secured. In case of