The Internet is a wonderful media, based on strong routing protocols like BGP. Originally, the Internet was designed to be “unbreakable” (of course, it is not): If a path to a network is unavailable, an alternative (or backup) path will be used. BGP is designed in this way: based on
Stuck Payment Terminal
I’ll not trust this terminal anymore! (Picture taken in the Louvain-La-Neuve shopping center last Friday) Fail!
NIST: Guidelines on Cell Phone and PDA Security
NIST released a new document: Guidelines on Cell Phone and PDA Security. New cell phone provides more and more functions and are able to handle lot of data types. They are also widely open to the world (Infrared, Bluetooth, Wi-Fi, 3G, …). It’s important to have a clear view of
Network Monitoring and Accounting Using OpenBSD
“Know your Network!” All network administrators have to know what append on their networks: what are the flows of information between hosts, to Internet, between VLANs. This is a requirement for security or provisioning purposes but also for business when the amount of IP traffic has to be billed to
Good Security Feeling
Today, I started the procedure to change my domain registrar. My final choice was to move it to OVH, a well-known French registrar. Once the procedure started, I received my credentials, all the welcome messages and the whole pack of information. I immediately logged in my manager to track the
Ubuntu on Medion Akoya e1210
Yesterday, I bought a new toy. There was a special offer in Aldi shops: A mini-notebook Media Akoya. The announced price was 399€. Arrived on site earlier (to avoid retired people waiting in front of the doors), it was available for 369€ but with a 80GB disk. Once at home,
Lack Of Security!
I just discovered the following fully-open-ADSL router due to a typo error in the IP address! Fully open, no password, WiFi configured with WEP, fully unsecured! Even the SSID was based on the company name! The name contained “fin…” like “financial”! Fail!
“Fun At Work” Increases Costs and Reduce Security
No employee works at 100% of his full time! From time to time, we send a personal e-mail or surf the web to grab personal data. CNet News released an interesting article about the cost of “fun at work” for a company. Costs are not only due to employee no-rentability
hack.lu Part #10
Here we go! Last half-day which started with “Browser Rootkits” presented by Julien Lenoir and Christophe Devaux (both from Sogeti). As already said yesterday, browsers are now fully part of the users desktop and installed by default. They presented their rootkits developed for Internet Explorer and Firefox! First idea: “browser
hack.lu Part #9
Back from coffee break, let’s play with hardware now. Philippe Teuwen talked about smart cards and how they are protected. First attack is performed via the power line but recent smart cards are quite well protected. Flash attacks and electromagnetic attacks are other possibilities. Philippe’s slides were based on nice