Today, I started the procedure to change my domain registrar. My final choice was to move it to OVH, a well-known French registrar. Once the procedure started, I received my credentials, all the welcome messages and the whole pack of information. I immediately logged in my manager to track the
Tag: Security
Lack Of Security!
I just discovered the following fully-open-ADSL router due to a typo error in the IP address! Fully open, no password, WiFi configured with WEP, fully unsecured! Even the SSID was based on the company name! The name contained “fin…” like “financial”! Fail!
“Fun At Work” Increases Costs and Reduce Security
No employee works at 100% of his full time! From time to time, we send a personal e-mail or surf the web to grab personal data. CNet News released an interesting article about the cost of “fun at work” for a company. Costs are not only due to employee no-rentability
hack.lu Part #10
Here we go! Last half-day which started with “Browser Rootkits” presented by Julien Lenoir and Christophe Devaux (both from Sogeti). As already said yesterday, browsers are now fully part of the users desktop and installed by default. They presented their rootkits developed for Internet Explorer and Firefox! First idea: “browser
hack.lu Part #9
Back from coffee break, let’s play with hardware now. Philippe Teuwen talked about smart cards and how they are protected. First attack is performed via the power line but recent smart cards are quite well protected. Flash attacks and electromagnetic attacks are other possibilities. Philippe’s slides were based on nice
hack.lu Part #8
Welcome back to the last day of hack.lu! First presentation was made by Philippe Langlois about the diversity of network perimeters available for companies today. Philippe was a founder of Qualis! Today everybody uses SS7 networks! Do you remember phreaking using blue boxes? SS7 was deployed by operators and prevented
Recovering Censored Text Using Photoshop and JavaScript
On Thomas Robinson’s blog, there is a nice article about a way to recover censored text using Photoshop! Take care if you protect some text on confidential documents with the Photoshop Mosaic filter! Recovering Censored Text Using Adobe Photoshop CS3 from Tom Robinson on Vimeo.
SANS Reading Room: Era of Spybots – A Secure Design Solution Using Intrusion Prevention Systems
There is a new document available in the SANS Reading Room: A case study about a fictive company infected by a spybot. How it was detected and eradicated. Finallly, solutions are proposed by avoid the same problem in the future. The document is available here.
ISC Threat Level: YELLOW
Due to the Microsoft out-of-band patch (declared as critical), the ISC threat level has been raised to yellow! Please install the patch asap. See the SANS ISC webpage for details.
hack.lu Part #6
Back from lunch, the conference continues with ligthing talks… First one, “NF3D and associates, firewalls get fun” from Eric Leblond, INL. NF3D is a vizualization tool for Netfilter logs. Logs (packets logged by Netfilter) are displayed in three-dimension like a GANTT diagram. Ulogd2 is a userspace logging daemon for Netfilter.