OpenVAS (Open Vulnerability Assessment System) is a free alternative to the well-known Nessus vulnerability scanner. With the latest Nessus version, the licensing model changed and the latest plugins are only available to paying customers. Based on Nessus 2.2, OpenVAS is deployed in the same way: a server is installed to
Twitter Weekly Updates for 2008-08-17
Definitively need an iPhone! # After reading http://tinyurl.com/5uj4eu, I really need an iPhone 😉 # patching time.. # Just reserved my iPhone… # Arrived at a customer office, everybody is on vacation 😉 # http://tinyurl.com/5zslty # received his iPhone! # Holiday!!!!!!! #
Defcon 16 Archive
A copy of all the Defcon 16 material is available on a CDROM. Download the ISO file here.
Holiday
Cool, I just got my iPhone in time! Holiday can really start now! I’ll have some free time to play with it.
nBox – Packet-to-Disk Recorder
NMon provides a new appliance ‘nBox Recorder‘ or ‘The Packet-to-Disk Recorder‘. The goal is simple: lot of security analyzis are based on packet captures. This box just performs a simple but critical tasks: It captures the traffic and stores it under the pcap format. Then? Just take your time to
Google Encryption Toolkit
Google released a interesting toolkit for all developers: KeyCzar. Data encryption is a requirement in most of modern applications. Developers have to be “security minded” (it’s also our goal as security professional to perform a continuous awareness to security). But cryptography, if badly implemented, can lead to enormous security breaches.
CISA!
I successfully passed the CISA certification exam in June’08 and received today the official news from ISACA: <quote>Congratulations! We are pleased to inform you that on 12 August 2008 the CISA Certification Board approved your application and awarded you the Certified Information Systems Auditor (CISA) designation.</quote>
The Monitoring Pyramid
I found this pyramid in a document written by Groundwork. It resumes perfectly how to deploy a monitoring solution in the best way. This post is completely independent of the monitoring tool, choose the best one to meet your expectations. Often, when a company decides to implement a monitoring/reporting tool,
Twitter Weekly Updates for 2008-08-10
following BlackHat’08 via Twitter. # Crossbeam suxx!!! # Testing Twitter-Tools #
Phone Call Strong Authentication
OpenID is a free service which offers strong authentication to websites (already covered by a previous post). Strong authentication is based on a two factors authentication: something you know, something you have or something you are (more details here). Trustbearer offered strong authentication via, as example, the Belgian eID Card.