Who is not protected by a firewall today? Nobody! Our Internet (as well as local) traffic is inspected by multiple firewall layers. They are present everywhere: on Internet gateways, in front of data-centers, between departments, even your workstation is running a firewall. For a few years, a new type of
Tag: Security
Security Policies Must Be Enforced!
Last week, I had a very interesting meeting with the Belgian FCCU (“Federal Computer Crime Unit“) about the security of “public” networks. The FCCU is the Federal Police division involved in all kind of computer forensics investigations. By the way, they also have their own Linux live-CD called “Lnx6N4” which
Detecting USB Storage Usage with OSSEC
Next step in my investigations with OSSEC. The possibilities of OSSEC are awesome and could clearly, in some case, replace a commercial log management solution! After collecting the Secunia vulnerabilities into OSSEC, I switched to the “dark side”: the Microsoft Windows agent. The USB sticks are very popular at users
SCADA, from a Security Point of View
Recently, I read a RFP issued by a customer. The main topic focused on a perimeter security but a paragraph mentioned the protection of SCADA environments. I’ve no practical experience with SCADA and I tried to find relevant information about the deployment of security solutions in such environments. Here follows
BruCON 2010 CFP Announced!
After a great first edition in 2009, BruCON will be back in 2010! Two days of trainings and two days of talks. The Call for Papers (CFP) has been announced and will remain open until 30th of April 2010. Submit directly your propositions via the dedicated tool, here.
Show Me Your Browser, I’ll Tell You Who You Are!
To surf the web, you need a specific application: a browser. Today, this piece of software is delivered by default with all operating systems and becomes more and more used, even for non-related Internet stuff (Lot of applications or devices are manageable using a web interface). For some companies, the
Yellow? Green? Red? The Security Rainbow Sky…
There was an interesting post on the diary page of isc.sans.org yesterday: Some readers asked why ISC did not switch the InfoCon status to yellow due to the recent IE 0-day exploit. The on-duty ISC handler explained the situation and why they decided to stay “Green”. The following question popped
Full-Disclosure is now Illegal in France
The principle of full-disclosure is to publish all the details of a discovered security problem (a software vulnerability). By doing this, the security researchers try to fight against the other principle of “Security by Obscurity”. Once a vulnerability has been found, the “normal” way of working should be to contact
ISSA Belgian Chapter Meeting: DNS & Security
Back from an ISSA Belgian Chapter event about DNS & Security. As says Kris Buytaert on his blog: “Everything is a Freaking DNS problem!“. Today’s speaker was Marc Lampo who has a great DNS experience (a long time ago, he gained several years of experience as hostmaster while working for
Protect your Infrastructure with IRON!
Question: Do you remember the Amiga computer? I was an early fan is this wonderful machine and operating system. Starting with AmigaOS 2.0, a macro language called ARexx (with a letter “A” like “Amiga) was added. This language, derived from REXX (“REstructured eXtended eXecutor“) developed initialy by IBM. The power