Today, at a customer premises, I had to print a document on a local printer. Out of the Windows domain, I decided to use a printer by connecting directly to its IP address. nmap is your best frien in such case. Here is the scan result against the printer: H:\>nmap
Category: Security
~0.1 se/s in UK
According to this document, more than three millions computer crimes where performed in 2006 in UK! 3000000 / (3600*24*365) = 0.095 One security event every ten seconds!
OpenSSH 4.7
Release 4.7 of OpenSSH is available right now! Here is the ChangeLog.
WP-Scanner
This blog runs under WordPress as many other blogs on the Internet. WordPress is also known to not be very secure: lot of vulnerabilities have already been discovered and more will come! On blogsecurity.net, a security tool is proposed to check your own blog: WP-Scanner. It’s like a Nessus scanner
Data Center Nightmare
Don’t try this in your data center! In this example, it was not possible to close the floor anymore. If you’re responsible of a data center (whatever the size! One rack is enough), follow simple rules: Arrange cables in separate cable-ways (power, data, voice); Use colored cables (red for backbone,
WiFi in unusual environment
WiFi technology is more and more used in industrial environment and sometimes for entertainment purposes. In Belgium, Walibi opened a new attraction called “Le Vertigo“. Last week, the attraction malfunctioned and 20 people were blocked during one hour up to 50 m above the ground! In this case, it was
GPS hacking
When I read articles about the potential security issue with GPS, my fist reaction was “How can they hack a GPS without interfering with the satellite signals?“. In fact, it’s much more simple! More and more GPS models on the market come with a builtin TMC receiver (Traffic Message Channel)
Portable == Vulnerable
Interesant article read on USB Hacks: It explains how the protection of a “bullet-proof” USB-stick can be easily removed in case of physical access to the stick! Read more here. Conclusion: Everything that is portable is vulnerable!
Events centralization: the normalization problem
In a previous article, I talked about SIEM. SIEM is not for small organizations. But, if you really need to analyze logs, the first step is to concentrate them in one central place. The syslog standard is available on almost all devices having IP connectivity (routers, switches, servers, appliances) and
Extrusion Detection?
For those who are active in the network security domain, IDS is well-known acronym. With an IDS system, you analyze the traffic hitting your network and try to detect bad or unwanted packets. But how many companies look at their outgoing traffic? First, your firewalls must restrict the outgoing traffic