pfSense is a very popular free and open source firewall solution. It does not only provide classic firewall services but has plenty of features like VPN server or can offer DNS, DHCP, proxy services… and many more. pfSense is also proposed by some companies as a commercial service with support.
A quick blog post about an issue I faced this morning. While drinking my morning coffee and reviewing what happened during the last night in my logs, I detected that one of my website (leakedin.com) was entirely mirrored by a guy from Brazil. I’m not against sharing information but in this case,
It has been a while that I did not write an article on log management. Here is a quick how-to about the integration of Check Point firewall logs into ELK. For a while, this log management framework is gaining more and more popularity. ELK is based on three core components:
Today, the second edition of “Security Friday” was held in Brussels. As mentioned on the website, the goal is “a gathering of people in the IT security field. Getting together for a drink on the last Friday of the month in a bar near you we talk amongst peers about
The security market is constantly changing! A few years ago, there was the “UTM” (“Unified Threat Management“) market which offered to customers all-in-one solutions (firewall, anti-virus, IDS, VPN, load-balancing, etc). Some of them were close to make coffee! Then, the “Next Generation” wave started. On top of it, all those
Waaaaaaarning! Evil leechers! Internet censorship is back in Belgium! The “DNS blocking” technique was already applied in Belgium in 2009 to block access to some controversial websites (read my old post here). Today, we learned that the “Belgium Antipiracy Federation” finally won its court case against two major Belgian ISPs.
The primary goal of a log management solution is to receive events from multiple sources, to parse and to make them available for multiple purposes: searching, alerting and reporting. But why not send some interesting events to another log management system or application? Usually, some inputs are added in the
The title of this post may sound extreme but it describes exactly the story below. Never forget that firewalls (like any other security device or application) is just a tool that must be used in the right way. If you use a drill with the wrong bit, you will miss
My Linux servers are all protected by a local iptables firewall. This is an excellent firewall which implements all the core features that we are expecting from a decent firewall system. Except… logging and reporting! By default, iptables send its logs using the kernel logging facilities. Those can be intercepted
For a long time ago, I did not write about OpenBSD which remains one of my favorite operating system. The last version (4.7) was released in May and introduced, as usual, a lot of interesting changes. OpenBSD comes of course with it’s own firewall called pf (“packet filter“). Plenty of
