This weekend is the FOSDEM event held in Brussels. This is a major event for the open source software landscape in Europe. Thousands of geeks coming from several countries to discuss about software freedom during a full two-days planning. All major projects are represented, core-developers are present and always available
Tag: Software
Tracking Malicious IP & Users with OSSEC
A few months ago I blogged about Active Lists in OSSEC. Active lists are common in SIEM environments to store temporary sensitive data like IP addresses, user names or any other relevant information. Once stored in active lists, data can be reused in rules and the security of an infrastructure
URL Filtering with Squid
Next to my digital life, I’m also the happy father of two young girls. The first one is already ten years old and smoothly discovers the “Wonderful Internet“. Being an Infosec guy, it sounds logical for me to implement some safeguards. First, let the technical stuff aside and talk! Some
Security: DIY or Plug’n’Play?
Appliance or not appliance? That is the question! A computer appliance is a dedicated hardware which runs software components to offer one of more specific services. Information security has always been and is, still today, a common place where to deploy appliances: firewalls, proxies, mail relays, authentication servers, log management,
Back(Up) to the Future
Ah, backups… What a nice boring topic! Everyone agrees on the fact that a strong backup procedure is mandatory for any computer (server, workstation, PDA or anything else which carry data). But lot of us also agree to say that backup are so boring to perform and, even more, maintain!
This Blog is Monitored by OSSEC
As part of the second edition of the OSSEC week, I’d like to give some information about my daily usage of OSSEC. This week is an initiative from Michael Starks of Immutable Security and aim to promote OSSEC to the security community. I’m fully supporting such great initiatives. What about
Protect Your Applications Using EMET
Is there a way to make your Windows environment certainly not bullet-proof but stronger enough against attacks? A few weeks ago, Microsoft released an interesting add-on called EMET for its Windows operating systems range. EMET stands for “Enhanced Mitigation Experience Toolkit” and is designed to increase the security of your
PaloAlto Firewall Threat Monitoring Using OSSEC
Usually, I don’t speak or even try to give references to commercial security products on my blog. Why? Just because, my philosophy is the following: “First analyze the problems and then choose the right solution(s)“. The proposed solution could be commercial or free, hardware or software based, who cares? If
Book Review: IT Inventory and Resource Management With OCS Inventory NG 1.02
During my holidays, I finally took the time to finish to read the book “IT Inventory and Resources Management with OCS Inventory NV 1.02” which covers the application with the same name. Even if the inventory of devices connected to a network is primarily a system administration task, it has
Configuring Conditional SSH Connections
Years after years, OpenSSH became the default SSH daemon on most of UNIX environments as well as other systems. It offers a lot of features which make it terribly customizable and powerful. For a while, the ‘Match” keyword appeared in the list of directives. It allows conditional blocks of configuration