Today, the second edition of “Security Friday” was held in Brussels. As mentioned on the website, the goal is “a gathering of people in the IT security field. Getting together for a drink on the last Friday of the month in a bar near you we talk amongst peers about
Category: Software
Tracking your Github Security Events
A few days ago, I wrote a blog post about a Python script that I use with the new Amazon CloudTrail feature to grab logs from my Amazon cloud services. Because we use more and more cloud services in our digital life, the same principle should apply to all our
Keep an Eye on Your Amazon Cloud with OSSEC
The Amazon conference “re:Invent” is taking place in Las Vegas at the moment. For a while, I’m using the Amazon cloud services (EC2) mainly to run lab and research systems. Amongst the multiple announcements they already made during the conference, one of them caught my attention: “CloudTrail“. Everything has already
Integrating OpenERP Within a Cisco IP Phone
For once, this article is not directly related to “infosec“. My blog  isn’t called “/dev/random” for nothing, right? In parallel to my dayly job as an Information Security Consultant and my blogger experience at night, I’m also doing business via my own company, TrueSec (<advertising>Feel free to contact me if you’re
ownCloud and VirusTotal Integration
For a few days, I switched from DropBox to ownCloud and I’m now playing more with the available ‘apps‘. Besides the privacy context, ownCloud seduced me with its add-on feature. Is it possible to install external plug-ins (called ‘apps‘) to add new or improve native features. Of course, downloading and
Goodbye Dropbox!
There is one fact with humans: once they took some habits (in this case – bad habits), it’s very difficult to ask them change their behavior! It’s even true in information security. Today, we have access to plenty of awesome online applications which help us in our day-to-day activities. Thank
XenServer & Port Mirroring
Blogs are made to provide valuable content to readers (well, I hope for my readers). This time, nothing related to security though… Recently, I built a new virtualization platform at home based on XenServer 6.2. Why the Citrix solution? Just because the box has 72GB of memory and the free version
Proud of My First Targeted Attack… or Not!
Connecting a server to the Intertubes is like connecting it to the wild. There are plenty of bots (thousands? millions?) scanning IP addresses for vulnerable services. Once a service is enabled on an IP address, you don’t have to wait a long time before detecting incoming traffic! One of the
Improving File Integrity Monitoring with OSSEC
FIM or “File Integrity Monitoring” can be defined as the process of validating the integrity of operating system and applications files with a verification method using a hashing algorythm like MD5 or SHA1 and then comparing the current file state with a baseline. A hash will allow the detection of files content modification but
The Race For Resources
Today, disk space is not an issue for most of us. I remember when my father came back at home with my first hard drive (80MB!) for my Amiga in the Nineties. My reaction was “Wow, we will never fill it!“. Today, if I make a sum of all my