In the scope of the OSSEC Week, here is a quick contribution which can greatly help you to monitor suspicious changes on a website. Today, your corporate website is the very first contact you have with your customers, partners, press, etc. It’s your window to the world. Nobody can pretend
Tag: Software
Implementing Security Controls via Nagios
In my last post, I gave some inputs about the implementation of basic security. It can be increased by following simple rules and procedures. This was purely theoretical. So, I decided to continue on this topic and show you how basic security checks can be implemented without spending too much
Feeding DShield with OSSEC Logs
The primary goal of a log management solution is to receive events from multiple sources, to parse and to make them available for multiple purposes: searching, alerting and reporting. But why not send some interesting events to another log management system or application? Usually, some inputs are added in the
/bin/bash Phone Home
I found UNIX a wonderful OS, whatever the flavors! I use it for 17 years and almost every week, I learn new stuffs. One of the particularities of UNIX is the way it communicate with devices. Except some specific devices, most of them are managed and visible as files or
Junkie the Network Sniffer
I always try to keep my blog independent of all commercial products. I don’t like “v€ndor$” trying to sell you the “most-powerful-solution-ever-seen-on-earth”. For me, information security must be based on a deep analyze of the problems, then chose the best solution to match the requirements (features, budgets, ease-of-use, etc). This
Should Dropbox & Co be Killed?
I’m a big fan of the Dropbox application for a while. Dropbox helps you to synchronize your files within a personal deposit located in the cloud. If you have multiple Dropbox clients configured, your files will be instantly synchronized between all your devices when they come online. I use it
mysql.com pwn3d… so what?
This is probably the breaking news of this weekend on security blogs and websites: mysql.com and other related sites have been compromised! This was disclosed via an e-mail sent to the full-disclosure mailing list (copy here). If you take the time to read the message, you will learn that the
Tomahawk, your IDS/Firewall Best Friend
“Tomahawk” is the name of a popular cruise missile developed by General Dynamics in the seventies. But it is also the name of a free tool which helps to stress test security devices like firewalls or IDS. It has been written by Brian Smith from TippingPoint. This is well-known manufacturer
Developers, IPv6 is also a Challenge for You!
I hate situations like the one I faced this afternoon… I’ve a daemon, written in Perl, running on a Linux box for months now. When I say for months, it means: Without restarting the process or the host except regular upgrades. But, for maintenance reasons, I had to reboot the
Yeti – Footprinting your Network
“Footprinting” is a technique to gather information about information systems. The goal is to collect as much information as possible and correlate them to build some kind of “business card” of the target. Relevant information are: DNS names, network topologies, software versions, localization and much more. To achieve footprinting, lot