When you are connected to a network (Internet or private), your TCP/IP stack must know which DNS server(s) use to resolve host names into IP addresses. For a while, publicly alternative DNS servers – like OpenDNS or Google DNS – implemented a blacklist protection mechanism. If a domain is suspected
Category: Software
Demystify the URL Shorteners
URL shortener on-line services are very helpful. You probably already use them every day. With mobile Internet and micro-blogging services like Twitter , it’s much more convenient to use short URLs. But the downside is, once again, the bad guys who quickly understood the opportunity of new type of attacks.
Packet Inspection Using Divert Sockets
For a long time ago, I did not write about OpenBSD which remains one of my favorite operating system. The last version (4.7) was released in May and introduced, as usual, a lot of interesting changes. OpenBSD comes of course with it’s own firewall called pf (“packet filter“). Plenty of
Attacking by Obscurity
Everybody agrees to consider “security by obscurity” a false sense of security. By using this principle, the security of an information system in (falsely) increased by hiding sensitive details. Such information can be removed like: by altering the application welcome banner (in Apache, sendmail, etc), by changing the default port
How to Prevent the Windows Screensaver Autolock Feature?
A quick and dirty tip if you need to keep a Windows workstation or server console unlocked. This can be required for several purposes, good or bad. In my case, I’m working on a workstation to access network resources. I don’t have a login and cannot know the local password.
The Cloud is (Sometimes) Your Best Friend!
Everything has been said about the “cloud”, or more precisely, “cloud computing”. Like any new technology, there are pro and con, good and bad things. BTW, the cloud is not so new. For a while, lot of organizations already used a cloud infrastructure but it remained a “private cloud”. Since
iOS4 from a Security Point of View
The brand new firmware for the iPhone announced by Apple a few weeks ago is publicly available since yesterday. Called “iOS4” (special dedicace for cisco.com), it includes more than 100 new features like multitasking, folders, etc. I won’t review them here, there are multiple complete reviews already available online. Google
Welcome to Maltego v3!
It was discussed during the last edition of BlackHat Europe: Maltego v3 was almost ready to be released. Today is the D-day: The latest version is out! A quick reminder for those who still not know the product: “Maltego is an open source intelligence and forensics application. It will offer
Never Trust the Files Downloaded from the Internet
It became a daily action for most of us: We are looking for a piece of software which could improve our tasks. Google provides us thousands of links, we select the most attractive, download it and install it (there is no restriction in the users not the operating systems). That’s
Analyzing your Pcap Files with the Cloud
pcapr.net is a cloud (again!) service available for a while. Basically, it’s a repository of pcap (“packet capture”) traces uploaded by members. The packets are dissected and presented in a human readable form. Once inspected and indexed, a search engine helps you to find interesting traces using a simple syntax