Nessus is a well-known security scanner used by many administrators, consultants or independant. Tenable, which promote the Nessus product, announced big changes in the licensing model of Nessus. Read all details here.
Category: Software
Shit Happens!
We are all vulnerable! Yesterday, it was my turn… Infected by a trojan. Up to 04:00 AM to fix the problem! The culprit was Vundo. A well-known (and quite old) Trojan which slows down the system, display pop-ups etc… Nothing very malicious but it was difficult to get rid of
Windows Events Centralization
Events centralization is a must-have in your security policy. Using a central place where reside your logs has many advantages: Reduction of the resources usage on the source device (disk almost) No need to take care of local logs: logs contain critical data and must be secured. In case of
Ooops! I Made a Boo Boo!
Do you have a good backup? Read the following story. Having redundant disk systems (RAID), database replicas and high-availability servers is not enough! More than third of data lost is caused by human mistakes! A good backup procedure is mandatory, with off-site storage of course. Last advice: the procedure must
Do not Underestimate Physical Security
Security in IT is everywhere: firewalls, proxies, anti-[spam|virus], IDS and more! But what about physical security to your IT infrastructure? Read the following story: Peter Gabriel‘s web site was off the web due to a server theft! I would like to know how the thieves performed! Why spend money to
Secunia NSI 2.0 Final Release
Secunia announced today the final release of NSI (“Network Software Inspector“) 2.0! This application performs scans of your network devices and reports vulnerabilities to a centralized dashboard. This is a must to maintain a good level of security inside your network. You can test if for free for 7 days
Anonymous Packet Capture
Using packet capture softwares or “sniffers” can be often useful to debug network issues or for educational purposes (they can also be used to perform malicious activities but let’s stay on the visible side of the iceberg ;-)). Well known softwares are tcpdump on UNIX and Wireshark on Windows platforms
XP SP3 Changelog
The 3rd service pack for Windows XP will be released soon. Here is a changelog. It seems that the pack is already available for download ( ~350MB). The new features regarding security are: Network Access Protection Credentials Security Service Provider Enhanced security for Administrator and Service policy entries Microsoft Kernel
Cisco Routers : Penguins Inside?
It has been officially announced by Cisco: Application eXtension Platform (AXP) enhances the capabilities of the Cisco Integrated Services Router (ISR) by enabling a tighter integration between the branch network, IT and application infrastructure. Ok, what does it mean? High-end routers were already able to run TCL scripts. Now, thanks
Symantec ThreatCon Level 2
Symantec raised the Threatcon Level to two. The reason? They detected in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (MS08-021). More info about Symantec DeepSight Threat Management here.