I won’t come back on password policies. Everything has already been covered multiple times on this topic! Regular password changes might be forced in your organization. When you use the same password multiple times a day, you finally don’t think about it and type it “blindly”. When my passwords need
Category: Websites
Importing Secunia Advisories into a SIEM/OSSEC
Secunia is a security company which, amongst other activities, maintains a huge database of vulnerabilities. On their website, they describes their business like this: “Secunia collects, evaluates, verifies, and analyses security information. This security information is available through our databases and is distributed to our customers, segmented according to their
Adding Data Leakage Protection into Apache
Data leakage is a major risk for many organizations today. As more and more data are used in a digital format, it’s easy to copy them or send them outside the security perimeter. Leaked data can have a major impact on the business (loss of revenue, loss of confidentiality or
Web Scanning Comes to the Cloud…
iiScan is a new on-line vulnerability scanner for websites. It is developed by a Chinese company called NOSEC Technologies [Note: I found the name funny for a company which develops a security solution]. What’s new with iiScan? It is based on a cloud-computing! The service is free but you have
There is no smoke without fire!
One more time, companies asked the help of the Justice to fight against Google. This time, the Google Suggest tool is the target. This service is quite simple and you probably use it on a daily basis. When you type your search terms in the search engine, Google offers keyword
Damn! I’ve been Discovered!
No, no, I didn’t perform a SQL injection attack against the FNAC website! 😉 (Thanks to Bart for the idea)
Google Goes to DNS Resolving
Once again, Google hit hard! They announced yesterday a new service via their blog: Google Public DNS. The new Google baby is a public DNS resolver open to everyone. Just reconfigure your TCP/IP stack to use the following DNS server and you’re done! 8.8.8.8 8.8.4.4 Google’s arguments are in direct
SHODAN, The Computer Search Engine
Search engines are well-known on-line tools. But not only websites can be indexed. They are plenty of search engines to find multimedia content, news and more. A new one is born: SHODAN. From the quick guide: “SHODAN lets you find servers/ routers/ etc. by using the simple search bar up
QOTD: “HTTP Became the New TCP”
I heard the following quote today in a online video about a commercial product and I found it so true: “HTTP became the new TCP!” TCP, or “Transmission Control Protocol“, runs at the transport layer (4th) of the OSI model. HTTP runs on an upper one, the application layer. Historically,
Information about Microsoft Projects Leaked
What a coincidence! Yesterday I posted an article about protecting your brand in the web 2.0 jungle and today a nice story was reported on Slashdot. A very nice example of bad communication on the web 2.0. Robert Morgan, a Microsoft Research employee, wrote on his LinkedIn profile: “Working in