During the last BruCON edition, I grabbed some statistics about the network usage of our visitors. Every years, I generate stats like the operating systems types, the top-used protocols, the numbers of unique MAC addresses, etc. But this year, we also collected all traffic from the public network. By “public“,
Category: Security
BruCON 0x05 Wrap Up
BruCON 0x05 is already over! What an exciting week! After months of preparation, the event went very smoothly without big issues. Here is my quick wrap-up. This time, it’s not a wrap-up about the talks. I don’t have time to follow them, keeping an eye on the network all the
Grepping Live Windows Events
Today, we have powerful tools to take care of our logs. There are plenty of solutions to collect and process them in multiple ways to make them more valuable. Of course, I have one of those tools to process my logs. However, I’m still often using the old good “tail
“The Weakest Link” is Back!
Yesterday, I went to bed very late after writing some documentation. Everythink looked quite on the Intertubes. A last check on my Twitter timeline and I felt quickly asleep. This morning, I woke up and started my daily ritual… Coffee, mail, RSS feeds, Coffee, Twitter timeline… Wooow! Did I miss
Review: Instant OSSEC Host-Based Intrusion Detection System
The guys from Packt Publishing asked me to review a new book from their “Instant” collection: “OSSEC Host-Based Intrusion Detection“. This collection proposes books with less than 100 pages about multiple topics. The goal is to go straight forward to the topic. OSSEC being one of my favorite application, I
Bypassing Premium LinkedIn Restriction with Google
Social networks are wonderful sources of information when you need to collect data about a potential target. That’s the way humans work, just like you and me: we like to share, we like to show what we do, where we travel. In short… we exist! During some projects, it’s very
DNS Amplification Attack: Is Belgium Safe?
For a while, DDoS are back on stage and one of the classic techniques still used today is the DNS Amplification attack. I won’t explain again the ins and outs, there are plenty of websites available which describe it – like the good article from CERT.be. This type of attack is
No Customers Were Harmed In This Attack…
I don’t know if you already noticed but it looks to be a never-ending story: Companies got pwned and data leaked on the Internet pastebin.com. Then starts the game of press releases… Most companies try to reduce the impact of the breach they suffered and it looks like Holliwood movies
Post-Analysis of My WordPress Bruteforce Attack
A few days weeks ago, I wrote a blog post (link) about a (unsuccessful) WordPress bruteforce attack agains this site. I captured the attackers’ traffic in a big pcap file. It was a good opportunity to perform a quick analysis to try to extract some statistics. Here follow more details
The Belgian SIEM… wounds my heart with a monotonous languor!
Lot of Belgian newspapers and sites reported today (Example of  article – in French) that a project of law will be discussed soon (deriving from the EU Data Retention Directive) to request providers of telecommunications (Internet – Mobile services) to keep a trace of electronic communications. Wait, the article should say