pfSense is a very popular free and open source firewall solution. It does not only provide classic firewall services but has plenty of features like VPN server or can offer DNS, DHCP, proxy services… and many more. pfSense is also proposed by some companies as a commercial service with support.
How to Kick-Out the Bad Guy?
A quick blog post about an issue I faced this morning. While drinkingÂ my morning coffee and reviewing what happened during the last night in my logs, I detected that one of my website (leakedin.com) was entirely mirrored by a guyÂ from Brazil. I’m not against sharing information but in this case,
Check Point Firewall Logs and Logstash (ELK) Integration
It has been a while that I did not write an article on log management. Here is a quick how-to about the integration of Check Point firewall logs into ELK. For a while, this log management framework is gaining more and more popularity. ELK is based on three core components:
OS X: How to Avoid the VPN “Grey Zone”?
Today, the second edition of “Security Friday” was held in Brussels. As mentioned on the website, the goal is “a gathering of people in the IT security field. Getting together for a drink on the last Friday of the month in a bar near you we talk amongst peers about
And I Thought to be Protected!
The security market is constantly changing! A few years ago, there was the “UTM” (“Unified Threat Management“) market which offered to customers all-in-one solutions (firewall, anti-virus, IDS, VPN, load-balancing, etc). Some of them were close to make coffee! Then, the “Next Generation” wave started. On top of it, all those
The Great Firewall of Belgium is Back!
Waaaaaaarning! Evil leechers! Internet censorship is back in Belgium! The “DNS blocking” technique was already applied in Belgium in 2009 to block access to some controversial websites (read my old post here). Today, we learned that the “Belgium Antipiracy Federation” finally won its court case against two major Belgian ISPs.
Feeding DShield with OSSEC Logs
The primary goal of a log management solution is to receive events from multiple sources, to parse and to make them available for multiple purposes: searching, alerting and reporting. But why not send some interesting events to another log management system or application? Usually, some inputs are added in the
Your Firewall is Stupid!
The title of this post may sound extreme but it describes exactly the story below. Never forget that firewalls (like any other security device or application) is just a tool that must be used in the right way. If you use a drill with the wrong bit, you will miss
Iptables Logs Mapping on GoogleMaps
My Linux servers are all protected by a local iptables firewall. This is an excellent firewall which implements all the core features that we are expecting from a decent firewall system. Except… logging and reporting! By default, iptables send its logs using the kernel logging facilities. Those can be intercepted
Packet Inspection Using Divert Sockets
For a long time ago, I did not write about OpenBSD which remains one of my favorite operating system. The last version (4.7) was released in May and introduced, as usual, a lot of interesting changes. OpenBSD comes of course with it’s own firewall called pf (“packet filter“). Plenty of