Hack In The Box (or “HITB“) is a well known community on the security landscape which defines itself as “a single place, or community, on the Internet where people and corporations can go to find security information and the latest news from the underground and computer technology sectors“. HITB maintains
Category: Security
Analyzing your Pcap Files with the Cloud
pcapr.net is a cloud (again!) service available for a while. Basically, it’s a repository of pcap (“packet capture”) traces uploaded by members. The packets are dissected and presented in a human readable form. Once inspected and indexed, a search engine helps you to find interesting traces using a simple syntax
Increase your Surf Privacy with IPFuck
The debate is ongoing for a while and has partisans on both sides: Can an IP address be considered as private data? Europe said yes and the “fight” between privacy protectors and authorities is still present. Having your IP address considered as private from a legal point of view or
Identification is not Authentication
I received a notification from my bank about the availability of my new credit card. This morning, I went to my local agency to pick it up. Because I don’t receive a new credit card every six months, I always discover the new procedure implemented by my bank. This time,
Bad Example of Data Management
There is an ongoing communication campaign for a big interim company on the Belgian radio stations. The message they are broadcasting is: “Do not rely on your company physical assets but more on people“. And they are right! People are the most important value of a company. Even if you,
Vulnerability Scanner within Nmap
Port and vulnerability scanners are common tools used by good as bad guys. Performing a port scanning is one of the first operations required to find potential vulnerabilities on a target system. That’s why vulnerability scanners have built-in port scanners. Writing a port scanner is really easy with a few
OWASP Belgium Chapter Meeting Wrap Up
I’m back from the latest OWASP Belgium Chapter meeting. Belgium is a small country with lot of political issues (off-topic here 😉 ) but also a great electronic identify card or “eID“. Almost all Belgian citizens have an eID for a while (8.2 millions of cards have been delivered up
ISACA-BE Round Table: the Impact of Cloud Computing
“Cloud computing”… A buzz word for a while now! It’s a fact that security professionals will face, one day or another, a situation where the company applications and data will be hosted “in the cloud” and whatever your activity is! (auditor, system admin, investigator, etc). This evening, the ISACA Belgium
Wiping & Protecting Data from SSD/Flash Drives
I received a comment from a reader of this blog (hi Ziyad!) about an very old article posted in 2008 (!) about tools to wipe files from drives. I reviewed a list of tools available on Linux (or other UNIX flavors) to safely delete files. As you probably already know,
Detecting Rogue Gateways on a LAN
There was an interesting thread on the pentest@securityfocus.com mailing list a few days ago. A member asked how to detect illegal or “rogue” gateways in a big international organization. Rogue devices can be seen from different point of views. For the network administrators or the security auditors, it’s really a