A new document available in the SANS Reading Room: “This paper will explore Microsoft’s EVTX log format and Windows Event Logging framework. The EVTX data stream and structure will be defined as a basis for the Windows Event Logging framework and log subscription components that can be used to collect
Category: Security
The Brute Force Calculator
A brute force attack is a common way to discover user passwords or keys. The goal is very simple: try all possibilities until a successful authentication is accepted by the server. Simple and easy, with the power of recent CPU’s, easy to launch! The number of probes is directly related
The Story of a Hack
Here is an interesting series of posts from SynJunkie. He’ll show us how to conduct a pentest against a fictive company called “HackMe Ltd.“. “The goal of this series of posts is to demonstrate how simple it is to penetrate a network, steal some data, and then erase the evidence
Belsec Turns One!
Belsec turns one! Happy Birthday! Follow the online event tomorrow via Twitter!
Educational Software Don’t Care For Security!
I’m pissed off! Educational softwares don’t care for security at all! I have two daughters and, like all children, they like to play on the computer. As they cannot use my own systems (of course!), they have access to a laptop where games and educational softwares are installed. They have
iPhone – Linux VPN
The iPhone 3G firmware is really open to the world via 3G or Wi-Fi. Compared to Wi-Fi, mobile networks are quite secure. Warning, I never said that they are bullet-proof, but tapping a mobile network requires much more resources than Wi-Fi! Wireless network are widely available, which make them a
Detecting Rogue Access Points Using Nmap
Rogue Wi-Fi access points are a pain for network administrators! A rogue access point is an unofficial device installed by somebody in a secure environment without authorization. Often, a rogue access point is installed not to perform malicious activities but is connected on the corporate network by a employer to
Beginner’s guide to OpenID phishing
I already talked about OpenID (here or here). OpenID is a web based solution which provides single sign-on to other websites: once authenticated via a “provider“, you are able to use a lot of services (websites) via “consumers“. This system is very user-friendly but is also a good target for
Twitter Squatting at Our Doors?
Twitter is a system to perform “micro-blogging”. Like SMS, your posts are limited to 140 characters. A lot of interfaces exists to tweet from laptops, mobile phones, PDAs, … It’s really easy to tweet from everywhere. According to a post on /., squatting of Twitter IDs will become soon a
Critical dns2tcp Vulnerability!
More than one year ago, I wrote a post about dns2tcp. I’m a regular user of this application and Secunia released yesterday a highly critical advisory (#32514) regarding a remote buffer overflow vulnerability. If you’re a dns2tcp user, please upgrade as soon as possible!