A security awareness is mandatory but can become quickly boring! Sometimes, a good picture is worth a thousand words. During a Google Image search, I found this one excellent! (Source: Minnesota States Colleges and Universities)
Black Hat Europe is Over…
End of four days of high quality conferences, social networking and fun! This was my first Black Hat experience and it was really exciting! Some presentations were already known to me (presented during other events) and sometimes choices were difficult between two interesting tracks scheduled at the same time. But
Forensics: Reconstructing Data from Pcap Files
Sometimes during forensics investigations, it can be useful to recover deleted or temporary files transferred by users and/or processes with protocols like FTP or HTTP. Let’s see how to achieve this using pcap files! libpcap is an API which provides network packets capture facilities. Very common on Unix, there is
Black Hat Europe 2009
Yeah! Black Hat Europe 2009 started today in Amsterdam! I was previously registered for the briefings sessions on Thursday and Friday but, in last minute, I add the opportunity to replace a sick colleague. The two first days are reserved for trainings and I’m following “TCP/IP Weapons School 2.0” given
Strong Authentication with Linux
Next step in my investigations to implement a strong authentication process on my Linux laptop using the Yubikey. In a previous post, I explained how to use a Yubikey to authenticate on Linux with a PAM module. It works very well but, like I said in the previous article conclusion,
Boring Tasks Automation with Expect
It’s by human nature, we hate repetitive tasks! We always try to perform our job using the minimum actions possible. This is particularly true for Network or System administrators! There is nothing more boring than repetitive tasks… A good example? In the scope of a new monitoring platform, fifty Cisco
How a Buffer Overflow Works
Seen on blog.wired.com, a very good explanation about a buffer overflow attack (a very common method to compromize a system or application): blog.wired.com/27bstroke6/2009/03/conficker-how-a.html.
Nmap News
Fyodor has posted interesting news in nmap-hackers yesterday. First, a new beta version of Nmap is available for a few days (4.85BETA4). What’s new? Ncat and Ndiff tools are included, a lot of new NSE scripts, more than 5,000 version detection signatures, 2,000 OS fingerprints, improved scan performance and much
Yubikey Authentication on Linux
In a previous article, I presented the Yubikey product. I also explained why, for security reasons, the usage of two separate Yubikeys could be a plus. One converted to provide a static password and the second left as is (to provide one-time passwords). I received my 2nd Yubikey a few
Infosecurity.be 2009 is Over
A few words about infosecurity.be. This edition was held at Brussels Expo. It’s without doubt the only Belgian event where you can meet so much security consultants per square-meter! As said on the Belsec blog, this event is first of all a sales event. I’ll not be too critical about