We are all vulnerable! Yesterday, it was my turn… Infected by a trojan. Up to 04:00 AM to fix the problem! The culprit was Vundo. A well-known (and quite old) Trojan which slows down the system, display pop-ups etc… Nothing very malicious but it was difficult to get rid of
Secunia NSI 2.0 Final Release
Secunia announced today the final release of NSI (“Network Software Inspector“) 2.0! This application performs scans of your network devices and reports vulnerabilities to a centralized dashboard. This is a must to maintain a good level of security inside your network. You can test if for free for 7 days
Anonymous Packet Capture
Using packet capture softwares or “sniffers” can be often useful to debug network issues or for educational purposes (they can also be used to perform malicious activities but let’s stay on the visible side of the iceberg ;-)). Well known softwares are tcpdump on UNIX and Wireshark on Windows platforms
OpenID – SSO for the Mass
User authentication is a key component of security practices. To allow certain operations in your websites, you first need to authenticate the user. To achieve this, there are plenty of methods. The most common is the login / password pair. Not the most secure but quite easy to deploy. One
Symantec ThreatCon Level 2
Symantec raised the Threatcon Level to two. The reason? They detected in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (MS08-021). More info about Symantec DeepSight Threat Management here.
Just Type And I’ll Tell You Who You Are!
User authentication or “who is behind the keyboard” is one member of the “triple-A” or “AAA” trilogy in security: Authentication : Who are you? Authorization : Are you allowed here? Accounting : From where, how and when did you come here? Regarding the authentication, there are a lot of methods/technologies
Today, EdgeSecurity released a new tool: ProxyStrike. Like the WebScarab project supported by OWASP, its a web application proxy which will help you to find potential vulnerabilities in your web applications (don’t use it on third parties sites without the owner acknowledgement). Once started, it acts as a normal proxy:
Cisco Acquired Sguil
Announced on TaoSecurity, Cisco acquired Sguil. Sguil is a monitoring tool for network security anaylists. It provides realtime traffic analysis and goes deeper up to the raw packet level. Why is Sguild a nice opportinity for Cisco? It’s developed in TCL and high-end Cisco routers and switches have TCL builtin!
OpenSSH 4.9 is out!
OpenSSH 4.9 is out! This is a “must have” tool for my day-to-day job. Secure remote management, tunneling or file transfer. As usual, lot of bug fixes and improvements. I found the following interesting to notice: Added chroot(2) support for sshd(8) Accept the PermitRootLogin directive in a sshd_config(5) Match block.
Upgraded to 2.5
WordPress 2.5 is out! I successfully upgraded without downtime. The new administration interface looks very nice but, more important, let’s hope that security has been increased. I found this interesting post regarding a WordPress hack here.