In exactly one week, I’ll fly to Barcelona to attend the SOURCE Conference. Flight and hotels are booked for a while, it’s now time to prepare to cover the event. The schedule has been published for a while with a good balance between technical and business talks. Here is my
Tag: Security
Configuring Conditional SSH Connections
Years after years, OpenSSH became the default SSH daemon on most of UNIX environments as well as other systems. It offers a lot of features which make it terribly customizable and powerful. For a while, the ‘Match” keyword appeared in the list of directives. It allows conditional blocks of configuration
BackTrack4-R1 + AWUS036NH = Win!
This is a long story… but it is finally solved thanks to the developers of the BackTrack distribution! For a long time, I used a good old Orinoco PCMCIA card to play around with WiFi networks. But it died and I was looking for a brand new toy. After reviewing
The Good Security Recipe
The job of security professional is definitively not an easy one! You have to be dedicated to your job and, once your business hours completed, there are all the remaining tasks which help us to keep your expertise level at the highest level. Hopefully, we do this with passion (otherwise,
Accessing (Safely?) Nagios on iPhone
I was looking for a Nagios application to install on my iPhone for tests purpose and I was surprised to find more hits than expected. It’s true that Nagios is one of the best (if not THE best) open-source monitoring solutions. There is a huge community of developers and contributors
Integrate Blacklisting in your Own DNS Server
When you are connected to a network (Internet or private), your TCP/IP stack must know which DNS server(s) use to resolve host names into IP addresses. For a while, publicly alternative DNS servers – like OpenDNS or Google DNS – implemented a blacklist protection mechanism. If a domain is suspected
SCADA or Medical Devices, Insecure by Default?
SCADA systems are in front of the security scene for a few days since the disclosure of the Siemens default password story. SCADA stands for “Supervisory Control And Data Acquisition“. It’s a set of tools and protocols used in industrial environments. I wrote an article about security & SCADA a
SOURCE Barcelona – A Great Cocktail!
The next SOURCE Conference will be held in Barcelona in September (21 & 22). If you plan to travel across Europe in September, have a look at the current schedule and stop in Spain. Immediately you will notice that talks are split in two categories: “Security & Technology” and “Security
Attacking by Obscurity
Everybody agrees to consider “security by obscurity” a false sense of security. By using this principle, the security of an information system in (falsely) increased by hiding sensitive details. Such information can be removed like: by altering the application welcome banner (in Apache, sendmail, etc), by changing the default port
How to Prevent the Windows Screensaver Autolock Feature?
A quick and dirty tip if you need to keep a Windows workstation or server console unlocked. This can be required for several purposes, good or bad. In my case, I’m working on a workstation to access network resources. I don’t have a login and cannot know the local password.