Infosec people must keep their knowledge at the highest level. New threads, new technologies arise all the time. If you don’t perform a continuous education, you’ll are dead, so simply! There are plenty of ways to keep learning: books, forums, podcasts. Those are based on self-learning. Trainings and security conferences
Tag: Security
Tracking Malicious IP & Users with OSSEC
A few months ago I blogged about Active Lists in OSSEC. Active lists are common in SIEM environments to store temporary sensitive data like IP addresses, user names or any other relevant information. Once stored in active lists, data can be reused in rules and the security of an infrastructure
Keep Big Brother away from Your Privacy!
Tomorrow, Friday 28th (or today depending on your timezone) is the Data Privacy Day. Today’s technologies make our day so funny. Could you imagine going back to the eighties and live without Internet, mobile phones, GPS, social networks, credit cards? Funny but so easy to divert and abuse. All services
URL Filtering with Squid
Next to my digital life, I’m also the happy father of two young girls. The first one is already ten years old and smoothly discovers the “Wonderful Internet“. Being an Infosec guy, it sounds logical for me to implement some safeguards. First, let the technical stuff aside and talk! Some
Security Awareness Through Proverbs
In big organizations with lot of employees, not all people have the right attitude or knowledge to use information assets in a good safe way. This is not a complain, just a fact. To educate these people, a security awareness program must be implemented to make them aware of the
Tunisia Tracks Users with JavaScript Injection?
Disclaimer: The information reported below has been translated from French to English with the approval of a friend who also released the information on his blog. His server was hit by a DoS attack. Feel free to relay the information! When you try to access big websites like Facebook, Google
Use your Logs to Detect Fraud
I was invited by the ISSA Belgium chapter to talk last night about log management & SIEM (“Security Information and Event Management“). This is a very interesting topic but almost everything has been said (good as bad) on SIEM. I decided to innovate and to use some articles posted in
Auditing MySQL DB Integrity with OSSEC
Databases are a core component in lot of applications and websites. Almost everything is stored in databases. Let’s take a standard e-commerce website, we can find in databases a lot of business critical information: about customers (PII), articles, prices, stocks, payment (PCI), orders, logs, sessions, etc. Like any component of
Security: DIY or Plug’n’Play?
Appliance or not appliance? That is the question! A computer appliance is a dedicated hardware which runs software components to offer one of more specific services. Information security has always been and is, still today, a common place where to deploy appliances: firewalls, proxies, mail relays, authentication servers, log management,
Send Events Safely to the Loggly Cloud
I received my Loggly beta account (thanks to them!) a few days ago and started to test this cloud service more intensively. I won’t explain again what is Loggly, I already posted an article on this service. For me, services like Loggly are the perfect cloud examples with all the