With the recent buzz arround the pwnage of the fist Belgian telco operator, media are again surfing the wave of cyber-[threats|criminality|espionage|*]. They know that, today, an article with the word “cyber” in the title will attract more people! Usually, I try to not trust (or at least to be very careful) with
Grepping Live Windows Events
Today, we have powerful tools to take care of our logs. There are plenty of solutions to collect and process them in multiple ways to make them more valuable. Of course, I have one of those tools to process my logs. However, I’m still often using the old good “tail
XenServer & Port Mirroring
Blogs are made to provide valuable content to readers (well, I hope for my readers). This time, nothing related to security though… Recently, I built a new virtualization platform at home based on XenServer 6.2. Why the Citrix solution? Just because the box has 72GB of memory and the free version
SushiCon 0x05
BruCON is fast approaching! In a few weeks, hackers will invade the center of Ghent! This year, we will celebrate the fifth edition of this conference! Already five years and our motivation remained the same, even more, it increased! I’m speaking here about myself but I’m sure that my colleagues
“The Weakest Link” is Back!
Yesterday, I went to bed very late after writing some documentation. Everythink looked quite on the Intertubes. A last check on my Twitter timeline and I felt quickly asleep. This morning, I woke up and started my daily ritual… Coffee, mail, RSS feeds, Coffee, Twitter timeline… Wooow! Did I miss
Review: Instant OSSEC Host-Based Intrusion Detection System
The guys from Packt Publishing asked me to review a new book from their “Instant” collection: “OSSEC Host-Based Intrusion Detection“. This collection proposes books with less than 100 pages about multiple topics. The goal is to go straight forward to the topic. OSSEC being one of my favorite application, I
Bypassing Premium LinkedIn Restriction with Google
Social networks are wonderful sources of information when you need to collect data about a potential target. That’s the way humans work, just like you and me: we like to share, we like to show what we do, where we travel. In short… we exist! During some projects, it’s very
DNS Amplification Attack: Is Belgium Safe?
For a while, DDoS are back on stage and one of the classic techniques still used today is the DNS Amplification attack. I won’t explain again the ins and outs, there are plenty of websites available which describe it – like the good article from CERT.be. This type of attack is
No Customers Were Harmed In This Attack…
I don’t know if you already noticed but it looks to be a never-ending story: Companies got pwned and data leaked on the Internet pastebin.com. Then starts the game of press releases… Most companies try to reduce the impact of the breach they suffered and it looks like Holliwood movies
Post-Analysis of My WordPress Bruteforce Attack
A few days weeks ago, I wrote a blog post (link) about a (unsuccessful) WordPress bruteforce attack agains this site. I captured the attackers’ traffic in a big pcap file. It was a good opportunity to perform a quick analysis to try to extract some statistics. Here follow more details