Back in December 2010. During the OWASP Benelux Day, Nick Nikiforakis presented an ongoing study about the privacy of file sharing services. Big players are services like rapidshare.com or megaupload.com. The principle is very simple: you upload your files to a virtual storage space in the cloud and you get
Category: Software
Yeti – Footprinting your Network
“Footprinting” is a technique to gather information about information systems. The goal is to collect as much information as possible and correlate them to build some kind of “business card” of the target. Relevant information are: DNS names, network topologies, software versions, localization and much more. To achieve footprinting, lot
My FOSDEM Yearly Visit
This weekend is the FOSDEM event held in Brussels. This is a major event for the open source software landscape in Europe. Thousands of geeks coming from several countries to discuss about software freedom during a full two-days planning. All major projects are represented, core-developers are present and always available
Tracking Malicious IP & Users with OSSEC
A few months ago I blogged about Active Lists in OSSEC. Active lists are common in SIEM environments to store temporary sensitive data like IP addresses, user names or any other relevant information. Once stored in active lists, data can be reused in rules and the security of an infrastructure
URL Filtering with Squid
Next to my digital life, I’m also the happy father of two young girls. The first one is already ten years old and smoothly discovers the “Wonderful Internet“. Being an Infosec guy, it sounds logical for me to implement some safeguards. First, let the technical stuff aside and talk! Some
Auditing MySQL DB Integrity with OSSEC
Databases are a core component in lot of applications and websites. Almost everything is stored in databases. Let’s take a standard e-commerce website, we can find in databases a lot of business critical information: about customers (PII), articles, prices, stocks, payment (PCI), orders, logs, sessions, etc. Like any component of
Security: DIY or Plug’n’Play?
Appliance or not appliance? That is the question! A computer appliance is a dedicated hardware which runs software components to offer one of more specific services. Information security has always been and is, still today, a common place where to deploy appliances: firewalls, proxies, mail relays, authentication servers, log management,
Send Events Safely to the Loggly Cloud
I received my Loggly beta account (thanks to them!) a few days ago and started to test this cloud service more intensively. I won’t explain again what is Loggly, I already posted an article on this service. For me, services like Loggly are the perfect cloud examples with all the
Iptables Logs Mapping on GoogleMaps
My Linux servers are all protected by a local iptables firewall. This is an excellent firewall which implements all the core features that we are expecting from a decent firewall system. Except… logging and reporting! By default, iptables send its logs using the kernel logging facilities. Those can be intercepted
Easy Decryption of Facebook Passwords
All good pentesters have their own “survival kit” with a lot of tools and scripts grabbed here and there. Here is a new one released a few days ago: FacebookPasswordDecryptor. “FacebookPasswordDecryptor – small, simple, free, and yet truly reliable application that helps you recover stored Facebook account passwords, quickly and