The following case happened in France: A Court of Cassation rejected a simple data file as an evidence. The evidence proposed by one of both parties was a data file with information about an e-mail transmission (a log?) send from company A to company B. According to the Court, the
Category: Security
Quick and Dirty Integrity Check Script
Here is a quick and dirty bash script which will take care of your files integrity. Integrity is a component of the CIA triad, I’ll not come back on this. For a personal project, I should be able to monitor any change in a specific file. I quickly wrote the
DShield Web Honeypot – Alpha Preview Release
isc.sans.org announced today the Alpha availability of the DShield Web Honeypot: “The goal of the Web honeypot project is inline with the original DShield project, the data collected through the sensors feed the Dshield web database where human volunteers as well as machines pour through the data looking for abnormal
Monitoring: The Right Info at the Right Place
When I talk to customers about monitoring, they often have a vague idea about the way to implement a solution. Monitoring must be part of your security policy. Your tools (whatever the product you choose – no name here) must help you to stick to the CIA principle: Confidentiality (to
What if… or Crisis Management
Back from the ISACA Belgian Chapter meeting. Today’s topic was “Crisis Management”. As usual, very interesting and lot of experiences shared between the participants. What first emerged from the meeting was the different types of definitions companies have of a “crisis”. For some of them, a crisis must be fixed
Fuzzing?
During the last FOSDEM (see a review here), I attended a presentation about fuzzing techniques with Fusil. It looked interesting to me and I started to grab more information about this attack method. Krakowlabs released a interesting paper about fuzzing. After a short introduction, they reviewed the different types of
First OWASP Belgian Chapter Meeting of 2009
I’m back from the first OWASP Belgian Chapter meeting
Introduction to Nmap Scripting
All people working with networks know the wonderful tool called Nmap. Basically, Nmap is a network scanner. It allows you to detect hosts on a network and services running on them. Just type “nmap <hostname|ip>” to perform a simple port scan. But Nmap can do much more! Host discovery, multiple
DLP – Where are my Data?
Today, I attended a meeting at a well-known security firm (no name given here). The topic was a presentation of their DLP (or “Data Loss Prevention“) solution. I’ll not come back on the product itself. Such meetings, organized by companies to present their own product, are not very relevant. Often,
SANS Reading Room: Security Incident Handling in Small Organizations
Potentialy, all companies can face IT incidents (attacks, stolen data or material, disasters, …). Unfortunately, they cannot react in the same way: Compared to the small business, big companies are able to dedicate more resources to incident handling. Worst, in case of incidents, smallest organizations will suffer a lot more!