Ah, backups… What a nice boring topic! Everyone agrees on the fact that a strong backup procedure is mandatory for any computer (server, workstation, PDA or anything else which carry data). But lot of us also agree to say that backup are so boring to perform and, even more, maintain!
Category: Software
Bruteforcing SSH Known_Hosts Files
OpenSSH is a common tool for most of network and system administrators. It is used daily to open remote sessions on hosts to perform administrative tasks. But, it is also used to automate tasks between trusted hosts. Based on public/private key pairs, hosts can exchange data or execute commands via
Socat, Another Network Swiss Army Knife
Infosec guys are lazy people. At least in my case! There is nothing much boring that typing long shell commands or to perform recurrent tasks. After all, computers are made to make our life easier. Let them work for us! UNIX is a wonderful environment. There are plenty ways to
Implementing Active Lists in OSSEC
The second OSSEC week just ended. Here is a reflection about a feature that does not exist (yet?) in OSSEC. The goal of a SIEM (“Security Incidents and Events Management“) is to collect logs from multiple non-heterogeneous sources and process them to add some extra value to the events. To
This Blog is Monitored by OSSEC
As part of the second edition of the OSSEC week, I’d like to give some information about my daily usage of OSSEC. This week is an initiative from Michael Starks of Immutable Security and aim to promote OSSEC to the security community. I’m fully supporting such great initiatives. What about
Protect Your Applications Using EMET
Is there a way to make your Windows environment certainly not bullet-proof but stronger enough against attacks? A few weeks ago, Microsoft released an interesting add-on called EMET for its Windows operating systems range. EMET stands for “Enhanced Mitigation Experience Toolkit” and is designed to increase the security of your
PaloAlto Firewall Threat Monitoring Using OSSEC
Usually, I don’t speak or even try to give references to commercial security products on my blog. Why? Just because, my philosophy is the following: “First analyze the problems and then choose the right solution(s)“. The proposed solution could be commercial or free, hardware or software based, who cares? If
Book Review: IT Inventory and Resource Management With OCS Inventory NG 1.02
During my holidays, I finally took the time to finish to read the book “IT Inventory and Resources Management with OCS Inventory NV 1.02” which covers the application with the same name. Even if the inventory of devices connected to a network is primarily a system administration task, it has
Configuring Conditional SSH Connections
Years after years, OpenSSH became the default SSH daemon on most of UNIX environments as well as other systems. It offers a lot of features which make it terribly customizable and powerful. For a while, the ‘Match” keyword appeared in the list of directives. It allows conditional blocks of configuration
Accessing (Safely?) Nagios on iPhone
I was looking for a Nagios application to install on my iPhone for tests purpose and I was surprised to find more hits than expected. It’s true that Nagios is one of the best (if not THE best) open-source monitoring solutions. There is a huge community of developers and contributors