Information security is a recurrent process. New threats arise and must be properly handled. In Augustus 2009, I already reported a story and came to the following conclusion: The principle of “action – reaction” as described by Newton is not applicable in information security! Here is another good example with
Category: Security
Easy Decryption of Facebook Passwords
All good pentesters have their own “survival kit” with a lot of tools and scripts grabbed here and there. Here is a new one released a few days ago: FacebookPasswordDecryptor. “FacebookPasswordDecryptor – small, simple, free, and yet truly reliable application that helps you recover stored Facebook account passwords, quickly and
Be the Conductor of Your Security!
I’m visiting organizations and companies for miscellaneous projects and I’m often scared by the lack of “visibility” they have on their infrastructure. For years now, new components have been deployed by pure requirements or (honestly) by the business “pressure”: Firewalls, IDS/IPS, (reverse)proxies, WiFi, SSL VPNs, etc. All those solutions, hardware
Is BGP the Next Threat on Internet?
When Internet ARPAnet was invented in the seventies, its goal was to interconnect military resources using packets based networks and to be strong enough to resist to “attacks”. Loosing some devices in the network could not affect the communications. Later, the same technology was re-used to build the public network
Searching for Sensitive Data Using URL Shorteners
URL Shorteners are online services which reduce the length of URL’s. Web applications are more and more complex and their URL’s can have multiple parameters like pages, sessionsID’s and much more. At the same time, we use services which limit the messages size (like Twitter) or devices (like SmartPhones) which
Bruteforcing SSH Known_Hosts Files
OpenSSH is a common tool for most of network and system administrators. It is used daily to open remote sessions on hosts to perform administrative tasks. But, it is also used to automate tasks between trusted hosts. Based on public/private key pairs, hosts can exchange data or execute commands via
Hack.lu Day #3 Wrap-up
The third day is just over, I just arrived at home in Belgium. Let’s write a quick review! The day started with Tom Keetch who demonstrated how to escape the protected mode of IE8. The feature is available with Internet Explorer 7 and requires at least Vista. Unfortunately, nothing is
Hack.lu Day #2 Wrap-up
The second day is over! Here is my wrap-up. After some doses of caffeine, the day started with the “Red Team Testing” workshop by Chris Nickerson (@indi303). He explained a methodology to conduct penetration tests. Good examples are the ones of the Tiger Team. The goal is to revamp the
Hack.lu Day #1 Wrap-up
We are already in November, fall is back! This is also the sign of the new edition of hack.lu, a classic security conference organized in Luxembourg. The first day started with workshops. I attended the crypto analysis workshop prepared by Eric Filiol, an expert in this domain. Cryptography is certainly
Implementing Active Lists in OSSEC
The second OSSEC week just ended. Here is a reflection about a feature that does not exist (yet?) in OSSEC. The goal of a SIEM (“Security Incidents and Events Management“) is to collect logs from multiple non-heterogeneous sources and process them to add some extra value to the events. To