A few weeks ago, I received a copy of Cacti 0.8 Network Monitoring from Packt Publishing. Here is my review. The book has been written by Dinangkur Kundu and S.M. Ibrahim Lavlu, who have both strong open-source softwares knowledge. Their book covers Cacti, a well-known framework (running on top of
Damn! I’ve been Discovered!
No, no, I didn’t perform a SQL injection attack against the FNAC website! 😉 (Thanks to Bart for the idea)
Why Should I Give Money to Backup my Data?
On the 17th of December, the Belgian citizens (like me) had the “good” surprise from our Minister (certainly not a X-mas gift)! A Royal Decree was published in the “Moniteur” about the tax on the private copy of digital data. From now (or from 1st of January, I suppose), when
Bash Syslog History Could Lead to Data Leakage?
A few months ago, I posted an article about how to add extra logging facilities to the Bash shell. For specific users, it can be useful to have a complete history of their activity on your server (for audit purposes). The first release candidate of Bash 4.1 is available for
Full-Disclosure is now Illegal in France
The principle of full-disclosure is to publish all the details of a discovered security problem (a software vulnerability). By doing this, the security researchers try to fight against the other principle of “Security by Obscurity”. Once a vulnerability has been found, the “normal” way of working should be to contact
Hello Karmic Koala!
Finally, I did it! I just upgraded my corporate laptop with the latest release of Ubuntu (9.10) aka “Karmic Koala”. Available for a few weeks, I preferred to wait for some holidays before the upgrade. First, because without laptop, I can’t work! In case of big issue, my off-days would
Security Starts with Confidentiality…
I read this morning an article in DataNews, a Belgian IT security newspaper, about a big contract won by a security integrator to deploy a brand new e-mail platform for the Belgian Federal Police. Good news for them! But, why did the journalist disclose in his article sensitive information like
Use the Right Tool!
A well-known expression says “The right people at the right place!“. I would like to extend it to the security perimeter, saying “Use the right tool at the right place!” or “Use the right tool for the right purpose!“. Today’s security landscape is extremely large so complex! Lot of raptors
ISSA Belgian Chapter Meeting: DNS & Security
Back from an ISSA Belgian Chapter event about DNS & Security. As says Kris Buytaert on his blog: “Everything is a Freaking DNS problem!“. Today’s speaker was Marc Lampo who has a great DNS experience (a long time ago, he gained several years of experience as hostmaster while working for
Protect your Infrastructure with IRON!
Question: Do you remember the Amiga computer? I was an early fan is this wonderful machine and operating system. Starting with AmigaOS 2.0, a macro language called ARexx (with a letter “A” like “Amiga) was added. This language, derived from REXX (“REstructured eXtended eXecutor“) developed initialy by IBM. The power