The debate is ongoing for a while and has partisans on both sides: Can an IP address be considered as private data? Europe said yes and the “fight” between privacy protectors and authorities is still present. Having your IP address considered as private from a legal point of view or
Category: Software
Vulnerability Scanner within Nmap
Port and vulnerability scanners are common tools used by good as bad guys. Performing a port scanning is one of the first operations required to find potential vulnerabilities on a target system. That’s why vulnerability scanners have built-in port scanners. Writing a port scanner is really easy with a few
Grabbing Devices Configuration Using Expect
Just a small post about an Expect script I quickly wrote to solve a backup issue. I already blogged about the “Expect” tool one year ago. I won’t explain again the basics of Expect, just read my previous post. This time, Expect is used to perform an automatic backup of
Keep an Eye on your Data using OpenDLP
A new tool has been released (version 0.1) today on code.google.com: OpenDLP. “DLP”, “Data Loss Protection” or “Data Leak Protection”, a buzz-word! Even if the problem is real and critical for some organizations, my opinion is the following: Instead of spending money in expensive solutions (and DLP solutions ARE expensive!),
Remote Nmap Scanning with Zenmap
I’m not going to insult you by describing the tool Nmap. This is probably the best scanner available on the Internet. Not because it is often used in movies, but just because it does an excellent job! Nmap has plenty of options. So much that reading the Nmap book is
Splitting OSSEC Events in Splunk
When you decide to implement a new software solution, one of the choices you’ll certainly face is: “Commercial vs. free software”. No debate here: you’ve to make the best choice depending on the requirements. They can be technical constraints, budget, support, etc. I’m working with commercial solutions which perform (generally)
Recovering VM Disk Images from Physical Bad Blocks
Shit happens! Still today, hard disks are the Achille’s heel of modern computers. My corporate laptop hard disk started to give some bad signs of tiredness a few days ago. After a brief analyze, only one file was affected by two bad sector! But it was a VirtualBox disk image
Detecting Fraud with OSSEC
For a while, it looks that “Fraud detection” is a hot-topic for many SIEM vendors (“Security Information and Event Management“). Recent presentations or webcasts I attended had always some time dedicated to “fraud”! The vendors can’t be blamed to find new opportunities to sell their products. Today they are solutions
Close the Security Holes in your Firewalls!
Who is not protected by a firewall today? Nobody! Our Internet (as well as local) traffic is inspected by multiple firewall layers. They are present everywhere: on Internet gateways, in front of data-centers, between departments, even your workstation is running a firewall. For a few years, a new type of
Detecting USB Storage Usage with OSSEC
Next step in my investigations with OSSEC. The possibilities of OSSEC are awesome and could clearly, in some case, replace a commercial log management solution! After collecting the Secunia vulnerabilities into OSSEC, I switched to the “dark side”: the Microsoft Windows agent. The USB sticks are very popular at users