On UNIX systems, log files are everywhere. Application are often very verbose (which is good!) but keeping an eye on logs can quickly become a nightmare! I’m a big fan of the tail command, specially the “-f” flag which does not stop the command once the end of file is
Change Management Using CVS
All administrators already face the following nightmare: It’s 01:00am and you changed a parameter in an application. A few days later, due to instability, you need to rollback. What the hell did you change?”. Of course, changes “on the go” must be avoided like the plague but sometimes, they’re mandatory.
Database Crash
Due to a database failure, the blog was empty (no post found) during a few hours. This has been fixed right now! Sorry for the inconvenience.
Security Fail
Remember: even the best bullet-proof security solution will not protect you if not included in a global security policy… Source: failblog.org.
Social Dictionary Generator
Fighting weak passwords is a pain for all security professionals. Security awareness trainings may help your users to increase the strength of their passwords. That’s the main problem: humans have difficulty to remember complex informations like strings of characters and numbers. That’s also why the DNS was invented: it’s much
Comments are Welcome
A reader suggested to not require user registration to post comments on this blog. This could increase the number of comments and the exchange of point of views… As I’m always open to suggestions, let’s test if it’s positive (more comments and no spam of course). Feel free to post
Security Professionals, the Uptime is not Your Best Friend!
Today, I worked on a customer server running Fedora Core 5. You read correctly, five. The uptime was more than 851 days (~2.5 years)! System administrators will immediately think “Cool! That’s a very reliable server!” but what about the security aspects? I exchanged some very interesting tweets with @ChrisJohnRiley in
1000 Posts!
Woooow! Today I reached 1000 posts on my blog! I started “/dev/random” in January 2003. Why? I don’t remember exactly but the name says it: a potpourri of everything coming to my mind but always related to “IT”. Months after months, posts were oriented to my favorite topic: IT security.
Secure Amsterdam Workshop 2009 Review
Back from a one-day trip to Amsterdam where I attended the “Secure Amsterdam Workshop 2009” meeting organized by ISC2. This year topic was forensics IT investigations. The first speaker was Matthijs van der Wel from Verizon Business who reviewed the 2009 Data Breach Investigations Report. It was interesting to have
DNS, Your Achilles’ Heel?
A few days ago, the site google.co.ma, the Moroccan version of the well-known search engine was reported as defaced (screenshot here). Only the URL ‘google.co.ma’ was defaced, the long version ‘www.google.co.ma’ was still working properly. What happened? In fact, Google was clearly not the target in this case but the