My second training week in London is done. This was a bootcamp organized by a well-known company active in log management solutions. Of course, the training focuses mainly on their own products but some reviewed principles are totally independent of any software or hardware solution and be can applied to
Category: Software
Stupid Compiler? Not sure!
A nice story reported by ISC today! A Linux kernel vulnerability has been discovered in the Linux kernel (and was present for a while IMHO!) The vulnerability origin was not the “human being the keyboard” but the compiler! GCC, the GNU C compiler has lot of optimization features (If you
Your Regex Coach
Regular expression (or regex) [Wikipedia] are a very powerful method to parse data and extract the information you need. But a regular expression can quickly turn into a nightmare due to its complexity. I often use a memo but testing the regexp live is the quickest way to debug them.
Add Custom Search Engines with the Google API
The Google toolbar is a powerful add-on for your browser. It adds very nice features (of course, to be used sparingly if you don’t want Google to know everything about you). There is also an API which offers extra features for webmasters such as creating custom buttons. Here is a
RSA Software Token for iPhone
Since the 6th of June, a great application is available (for free) in the AppStore. RSA released an iPhone version of its software token! I already spoke about strong authentication on this blog. To resume, strong authentication is achieved by mixing at least two different types of authentication methods from
Do You Trust Your Framework?
Frameworks are developer’s best friends. Frameworks are sets of libraries, scripts or piece of code reusable by developers. To make things more simple, why re-invent the wheel? There exist frameworks for all development platforms like .Net for Microsoft IIS or Zend for PHP. ZionSecurity, a Belgian security firm, released a
PDFiD Integration with Nautilus
I’m a big fan of Didier Stevens’s tool called PDFiD. But, like a lot of IT people, I’m also a lazy guy: less manipulations required makes me more happy! My professional environment is mainly based on Linux/Gnome but I also use virtualized Windows XP instances. As everybody I’m manipulating a
MultiTail, a Powerful Console Log Viewer
On UNIX systems, log files are everywhere. Application are often very verbose (which is good!) but keeping an eye on logs can quickly become a nightmare! I’m a big fan of the tail command, specially the “-f” flag which does not stop the command once the end of file is
Change Management Using CVS
All administrators already face the following nightmare: It’s 01:00am and you changed a parameter in an application. A few days later, due to instability, you need to rollback. What the hell did you change?”. Of course, changes “on the go” must be avoided like the plague but sometimes, they’re mandatory.
Do We Need Safer (Encrypted) SMS?
Today no one doubts the usefulness of data encryption. It’s a fact: IP traffic and stored data must be encrypted using more and more powerful tools. Data can also be encrypted on mobile devices like PDAs. But what about SMS? Tapping of mobile communications is not easy for the common