The new version (5.4) of OpenSSH has been released early this morning. OpenSSH is THE free implementation of the SSH protocol available on common devices and operating systems. The primary goal of OpenSSH is to allow remote access to hosts for management purpose. But many other features make OpenSSH a
Category: Software
Applications White List by ISC/NIST
In security, when you have to restrict access to “resources” (websites, files, IP addresses, ports, etc), you can deploy while or black lists. The term “white list” refers to a list of resources which are allowed or granted. At the opposite, a black list refers to resources which are denied
Show Me Your Browser, I’ll Tell You Who You Are!
To surf the web, you need a specific application: a browser. Today, this piece of software is delivered by default with all operating systems and becomes more and more used, even for non-related Internet stuff (Lot of applications or devices are manageable using a web interface). For some companies, the
Manifest for a Standard of Priorities Order
Priorities are a common parameter in applications. Examples are multiple. In support applications, priorities are used to define the urgency of the reported problem. When you configure softwares, priorities may help to re-order similar actions. In protocol specifications, priorities are also used to perform decisions (routing protocols are a good
FOSDEM Turns Ten!
I’m back from my daily visit to the FOSDEM. This two-days event organized in Brussels hit the 10th edition! Congratulations! I attended FOSDEM for several years and the success is continuously growing. This is good! It means that the interest in free software is growing too! Even better, like any
OWASP & ISSA Belgium Chapter Meeting
I’m back from the last OWASP (organized together with ISSA) Belgium Chapter meeting. As usual, good times with friends from the Belgium Security landscape ;-). Two topics were covered today. First GreenSQL, a database firewall, then an overview of the mobile malwares by Mikko Hypponen. Almost one year to the
ISSA Belgium Chapter Meeting: Introduction to OSSEC
Back from the first ISSA Belgium Chapter Meeting of 2010. Today’s topic was “Introduction to OSSEC : Log Analysis and Host Intrusion Detection“. A very interesting topic for me. First because I’m involved in lot of SIEM projects. But especially because Wim Remes, the speaker, is a friend of mine.
Adding Data Leakage Protection into Apache
Data leakage is a major risk for many organizations today. As more and more data are used in a digital format, it’s easy to copy them or send them outside the security perimeter. Leaked data can have a major impact on the business (loss of revenue, loss of confidentiality or
Avoid the “Any” Rule Like the Plague!
Even if next generation firewalls are at our door (filtering at applications level – layer 7), most firewalls are still working with source and destination ports. I often see firewall change requests submitted by customers to add rules like: “Allow traffic between X and Y” without further details. And when
Book Review: Cacti 0.8 Network Monitoring
A few weeks ago, I received a copy of Cacti 0.8 Network Monitoring from Packt Publishing. Here is my review. The book has been written by Dinangkur Kundu and S.M. Ibrahim Lavlu, who have both strong open-source softwares knowledge. Their book covers Cacti, a well-known framework (running on top of