During the last FOSDEM (see a review here), I attended a presentation about fuzzing techniques with Fusil. It looked interesting to me and I started to grab more information about this attack method. Krakowlabs released a interesting paper about fuzzing. After a short introduction, they reviewed the different types of
Category: Software
Long Term Private Key Retention? Think of Paperkey!
Everybody is aware of the major problem with digital media: The retention time! The expected period can be critically reduced if the media (CD, hard-disk, tape, USB-key, flash, …) is not stored in safe environment (temperature, humidity, magnetic fields). Even if CD or DVD have a quite long retention time,
Introduction to Nmap Scripting
All people working with networks know the wonderful tool called Nmap. Basically, Nmap is a network scanner. It allows you to detect hosts on a network and services running on them. Just type “nmap <hostname|ip>” to perform a simple port scan. But Nmap can do much more! Host discovery, multiple
VMware to VirtualBox
Ok, next step in my VirtualBox adventure! I successfully installed VirtualBox on my new laptop, fixed some performance issues. Next one… Even if VirtualBox is a wonderfull free application, VMware is a standard in the virtualization world. Lot of products are released for demos or presales activities as VMware guests.
Speed up VirtualBox Shared Folders on XP Guests
I’m using a Windows XP guest in VirtualBox in a intensive way for a few days. The host and guest exchange their files via a shared folder. It’s a very convenient way to exchange data between virtual machines and the guest. In my case, the shared folders reside on an
Databases Protection with GreenSQL
Today, the majority of websites offer dynamic content to visitors. All information is stored in back-end databases and processed live. A classic infrastructure is based on LAMP (Linux, Apache, MySQL, PHP). Unfortunately, “database” means also a broaden surface attack. And risks are multiple: SQL injections, data leak, data alteration or
iPhone + iTunes + VirtualBox
As posted a few days ago, I configured my new corporate laptop. But iTunes was still missing (to sync my iPhone). I’m using iTunes to sync some Outlook content (contacts and agenda) and security podcasts (ok, and some MP3s too &59#;-). Unfortunately, VirtualBox is known to be very sensitive regarding
New Corporate Laptop Setup
I got my new corporate laptop today, a Dell Latitude E6500, very nice computer. Working as a security consultant, I’m always on the road, connecting my laptop on customers or evil (free Wi-Fi access point or conference) networks . Fortunately, my company allows consultants, if they want, to manage their
How to Join a Microsoft Domain Behind a VPN
I got my new corporate notebook a few days ago and I’m now busy with the setup (an article will follow soon). I need to run a Windows XP guest in a VM. I’m a mobile user and never directly connected to the company LAN. I had to join the
Book Review: Learning Nagios 3.0
I received a copy of Learning Nagios 3.0 for review. The book was written by Wojciech Kocjan. As I’m a Nagios users for years now (started around 2000 if I’m right), I was interested in learning more about the new 3.0 features. IMHO, Nagios is one of the most powerful