Release 4.7 of OpenSSH is available right now! Here is the ChangeLog.
Category: Software
WP-Scanner
This blog runs under WordPress as many other blogs on the Internet. WordPress is also known to not be very secure: lot of vulnerabilities have already been discovered and more will come! On blogsecurity.net, a security tool is proposed to check your own blog: WP-Scanner. It’s like a Nessus scanner
New NAS @ home
Ok, my summer holidays started a few hours ago and I’m still online ;-). The first project will be to reinstall my home server and enforce its primary functionality: provide storage for the whole family. My server runs OpenBSD. First step is done: I found a extra 250GB disk on
nagiosexchange.org Turns Three
Happy birthday to NagiosExchange! Involved in monitoring and/or reporting projects with Nagios or Groundwork, this website was always a must! Why re-invent the wheel when somebody already contributed to the plugins base?
Events centralization: the normalization problem
In a previous article, I talked about SIEM. SIEM is not for small organizations. But, if you really need to analyze logs, the first step is to concentrate them in one central place. The syslog standard is available on almost all devices having IP connectivity (routers, switches, servers, appliances) and
Speakers management by Vista
Recently, I bought a new notebook. My wife complained for a while about our good old Armada E500. I found a very interesting promotion for a Packard Bell notebook with a up-to-date configuration: Dual-core/2GB of RAM. Just enough to run the new Vista GUI (“Aero”). It’s time to use the
SpamAssassin upgrade
On Saturday, I just upgraded my SpamAssassin to the latest release (3.2.1). For a few weeks, more and more bad emails were not properly tagged as “spam”. The upgrade went smoothly as usual but, a few hours later, my /var file system was fulfilled by the MTA logfiles. Thousands of
word_press_upgrade_count++;
One more time, it was time to upgrade my wordpress instances… Who said that computer security was exciting? forever() { if (security_issue_fount) { wait_patch(); install_path(); congratulate_yourself(); } } According to this blog, the WordPress community is vulnerable! Soon, a MoWB [1] ? [1] “Month of WordPress Bugs”
OpenSSH 4.6 is out
OpenSSH 4.6 is out! What’s new? I like the new feature which allow to [dis|en]able authentication method(s) on a per user, group, host or network basic… Ex: your local users may use .rhost authentication while remote users need a valid key pair.
C for dummies
WTF! A critical daemon (vmpsd) crashing due to this piece of code: function(char *s) { // bla bla bla fprintf(stderr, “%s\\n”, s); // bla bla bla } main() { // bla bla blah function(NULL); // bla bla bla }