During the last BruCON edition (0x03), we operated our own DNS resolver. Instead of using public servers or the ones proposed by our ISP, pushing our own DNS resolver to network visitors can be really interesting. Of course, addicted to logs, I activated the “queries_log” feature of bind to log
Hit by the RSA Attackers == Potential Target for V€ndor$?
Just a small reflection about the list of potential victims of the RSA attackers published by Brian Krebs a few days ago… I won’t come back on this attack, almost everything has been said on this topic. Brian’s post reports a list of AS (“Autonomous Systems“) which exchanged some traffic
Book Review: BT5 Wireless Penetration Testing
Finally, I found some time to write my review of another book: “BackTrack 5 Wireless Penetration Testing“. The book was written by Vivek Ramachadran. Good coincidence? Vivek was present during the last edition of BruCON and gave a workshop called “Wi-Fi malware for fun and profit“. Being quite busy during
Detecting Defaced Websites with OSSEC
In the scope of the OSSEC Week, here is a quick contribution which can greatly help you to monitor suspicious changes on a website. Today, your corporate website is the very first contact you have with your customers, partners, press, etc. It’s your window to the world. Nobody can pretend
Mapping OSSEC Alerts with AfterGlow
This week is the third annual OSSEC week! A good initiative to promote this open source log management solution. This post is my first contribution to the OSSEC community, I hope to publish more posts if I’ve enough time. OSSEC is a excellent tool to collect and analyze the events
Quick ISSA-Be Meeting Wrap-Up
Quick wrap-up about the last ISSA-Be chapter meeting… Wim Remes (@wimremes) was on stage to speak about visualization and his project to join the (ISC)² board. In our world (information security), we collect a lot of (technical) data. How to present them in an efficient way to manager or non-techies?
Use the Ports, Luke!
Last week, I went to London to attend the RSA Conference Europe (my wrap up is here). One of the sessions I followed was presented by Eric Vyncke about “forensics in a post IPv4 exhaustion“. You should live on another planet if you’re not aware of the coming IPv4 exhaustion.
RSA Conference Europe 2011 Wrap-Up
This is my wrap-up of the last RSA Conference which occurred in London. As usual, it’s a mix of t-shirts and ties. But, vendors followed the rules of the game and came with less promotional material for their next-top-ultra-last-generation-solution-to-beat-all-hackers-from-outer-space. As usual, the first half-day was dedicated to keynotes with great
The Great Firewall of Belgium is Back!
Waaaaaaarning! Evil leechers! Internet censorship is back in Belgium! The “DNS blocking” technique was already applied in Belgium in 2009 to block access to some controversial websites (read my old post here). Today, we learned that the “Belgium Antipiracy Federation” finally won its court case against two major Belgian ISPs.
Post #BruCON Network Analyzis
BruCON is over! As usual, when I attended a security conference, I’m trying to write a small wrap-up for me followers. With BruCON, it’s completely different: I’m on the other side of the stage. For the “0x03” edition, I was again involved in the “bits & bytes” stuff. I did