An interesting article on SecurityFocus today: Password Management Concerns with IE and Firefox. I agree, we have more and more passwords to remember: intranets, webmails, e-commerce, … Let the browser manage and fill by itself logins and passwords is nice. But don’t be lazy! Do not use this feature and
A new release of Nmap is out! Release 4.20. This release implements a new 2nd generation OS detection system.
Fighting against spam is one of the worst job for forum or blogs owners… As everybody, I was hit by nasty bots. It was time to take concrete actions… First, I don’t like the “quick and dirty” fix “Do not allow comments nor trackbacks”. If used correctly, they can greatly
Great tutorial about OpenBSD’s PF… http://home.nuug.no/~peter/pf/
As everybody, I’ve too fight against spammers! I’m running my own MTA for several domain names and the box get it 24 hours a day by spammers. I’ve a quite performant SpamAssassin solution in place (~95% of spam is catched) but I’d like to prevent them to reach my SpamAssassing
After Mc Donalds, which distributes infected MP3 players, Apple detected that some iPods were infected by a Windows virus! When a label “Certified 100% virus free” on the consumer products boxes?
Fast food is not good for your health… But this time, Mc Donalds is really a bad thing… even for your PC! 🙂 Source: Spyware infection prompts McDonalds MP3 recall.
A new physing method appeared a few days ago: now stolen data are sent back to the attackers via ICMP packets! Source: WebSense: Malicious Code / Phishing Alert: Data Stolen via ICMP.
To sync files or export data between servers, I usually use rsync on top of ssh. With public/private key pairs, you can easily automate the jobs via a cron without password issues. I also create a dedicated user who has only the required privileges to run rsync on the destination.