Logs are important in your security policy. Each devices in your infrastructure generate events and write them to log files. Log files are stored locally and can be reviewed via the tool provided by the device manufacturer. However, it quickly becomes a pain to manage if you’ve hundreds or thousands
Category: Software
Google Toolbar Breaks Juniper Network Connect on Linux?
I was fighting with my corporate SSL VPN setup (based on Juniper) for a while and finally found the cause of the problem: the Google toolbar! Juniper proposes a “network connect” mode: “Network Connect is a software package from Juniper Networks that interfaces with its Secure Access hardware and provides
Crypto KMS vs KPMI
Sun Microsystems (via the opensolaris.org project) released its encryption key management technology as open source. The offered toolkit allows developers and manufacturers of storage devices to write applications which will work together with the Sun Microsystems Crypto KMS (KMS stands for “Key Management System“). The Crypto KMS is an appliance
Monitoring Solutions Matrix
The choice of a monitoring solution is not easy! Free or commercial, required features, agentless or agent based, security aspects, etc… There are so many requirements that it’s difficult to find the best solution. I found a page on Wikipedia with a comparison of well-know monitoring solutions. It’s not complete,
Keep an Eye on SSH Forwarding!
OpenSSH is a wonderful tool box. The main purpose is to establish encrypted connections (SSH means Secure SHell) on a remote UNIX machine and, once authenticated, to spawn a shell to perform remote administration. Running on port 22 (default), the client (ssh) and the server (sshd) exchange encrypted information (what
Bash: History to Syslog
For those who still ignore, Bash 4 is out for a few days! Bash is the most used shell on UNIX hosts. Bash has a built-in mechanism to save a log of all commands executed by the user (default in $HOME/.bash_history) but this file belongs to the user itself and
Strange Firefox Behavior? (back, homepage, bookmarks disabled)
I faced a strange behavior with a Firefox running on an Ubuntu notebook today: No access to the homepage, bookmarks not manageable anymore, no back nor forward buttons (all greyed). Last release of Firefox on top of an up-to-date Ubuntu. After a few hours of investigations, the machine could be
Safe Access to a UNIX Filesystem from Windows
Sometimes, it can be useful to access data stored on a UNIX server from a Windows environment. Of course, access must be secured. Running on top of a SSH session, WinSCP is a great tool to transfer files. But drag-and-drop files from/to the WinSCP windows is sometimes irritating. An alternative
Quick and Dirty Integrity Check Script
Here is a quick and dirty bash script which will take care of your files integrity. Integrity is a component of the CIA triad, I’ll not come back on this. For a personal project, I should be able to monitor any change in a specific file. I quickly wrote the
DShield Web Honeypot – Alpha Preview Release
isc.sans.org announced today the Alpha availability of the DShield Web Honeypot: “The goal of the Web honeypot project is inline with the original DShield project, the data collected through the sensors feed the Dshield web database where human volunteers as well as machines pour through the data looking for abnormal