“CAPTCHA” ? What’s this? Everybody already used CAPTCHA (or “Completely Automated Turing Test To Tell Computers and Humans Apart“). You know those pictures made of deformed letters that you need to understand and type in a specific field to perform some operations like creating some accounts, authenticating, etc. Almost all
Windows Events Centralization
Events centralization is a must-have in your security policy. Using a central place where reside your logs has many advantages: Reduction of the resources usage on the source device (disk almost) No need to take care of local logs: logs contain critical data and must be secured. In case of
KUL + SANS = Safe Programmers?
The KUL is the first European university to set up a partnership with the SANS Institute. The goal is to train the students to be more focussed on security during the development of new applications. Programmers are very good in writing applications but, unfortunately, are not aware of security issues.
Be Multi Homed!
Are you multi-homed? In short terms, are you connected to the Internet via more than one Internet Service Provider? Today, more and more business activities rely on Internet: corporabe website, emails, online shopping. Loosing your Internet connectivity is a major risk. Could you evaluate it? What will happen if your
Ooops! I Made a Boo Boo!
Do you have a good backup? Read the following story. Having redundant disk systems (RAID), database replicas and high-availability servers is not enough! More than third of data lost is caused by human mistakes! A good backup procedure is mandatory, with off-site storage of course. Last advice: the procedure must
Users Learn More with Fun
From a end-user point of view, security is boring. It’s part of the human behaviour: if it’s too much annoying, people will not follow the rules! Even more in the IT security domain. I read the following story on the CISSP forum today. The question was: “We are doing a
Do not Underestimate Physical Security
Security in IT is everywhere: firewalls, proxies, anti-[spam|virus], IDS and more! But what about physical security to your IT infrastructure? Read the following story: Peter Gabriel‘s web site was off the web due to a server theft! I would like to know how the thieves performed! Why spend money to
Belgian NSA?
According to Datanews, A federal project in Belgium to fight online criminality will start soon. Something like a “National Security Agency“? This project exists since… 2005! The article is here. BTW, nsa.be is already registered by a ex-colleague/friend! He has maybe a good opportunity to get some €€€ 😉
Secunia NSI 2.0 Final Release
Secunia announced today the final release of NSI (“Network Software Inspector“) 2.0! This application performs scans of your network devices and reports vulnerabilities to a centralized dashboard. This is a must to maintain a good level of security inside your network. You can test if for free for 7 days
Anonymous Packet Capture
Using packet capture softwares or “sniffers” can be often useful to debug network issues or for educational purposes (they can also be used to perform malicious activities but let’s stay on the visible side of the iceberg ;-)). Well known softwares are tcpdump on UNIX and Wireshark on Windows platforms