Back from the first ISSA Belgium Chapter Meeting of 2010. Today’s topic was “Introduction to OSSEC : Log Analysis and Host Intrusion Detection“. A very interesting topic for me. First because I’m involved in lot of SIEM projects. But especially because Wim Remes, the speaker, is a friend of mine.
Tag: Software
InfoSec + Physical Security = Security Convergence
Today, all organizations must take care of security. Not all of them have the same amount of data to protect nor the same level of confidentiality but they have to implement a security policy. If it’s rather easy to implement a security perimeter to protect against the Evil Internet, internal
What’s Behind Microsoft COFEE?
It was announced a few days ago: Microsoft COFEE has been leaked on the wild Internet! Microsoft COFEE stands for “Computer Online Forensic Evidence Extractor“. This “forensic swiss army knife” is available for free to police forces around the world to conduct official forensics investigations. Note: It’s reportedly illegal for
This Message Will Self-destroy in 30″!
“Cloud computing”! This is a hot topic in IT security for a while. I won’t explain why security is so importing within the cloud. To have a good overview, I recommend to follow Craig Balding’s blog. For sure, you already have personal data stored on the web. You use webmail
PGP Inside your Browser? Possible!
For years, I’m using Pine linked with GnuPG to sign and/or encrypt my e-mails (if you are interested in exchanging secure content with me, my PGP key is available here). I’m using SSH to connect to my server where I start Pine and manage my mailboxes. This is a secure
The Event Lifecycle
My second training week in London is done. This was a bootcamp organized by a well-known company active in log management solutions. Of course, the training focuses mainly on their own products but some reviewed principles are totally independent of any software or hardware solution and be can applied to
Stupid Compiler? Not sure!
A nice story reported by ISC today! A Linux kernel vulnerability has been discovered in the Linux kernel (and was present for a while IMHO!) The vulnerability origin was not the “human being the keyboard” but the compiler! GCC, the GNU C compiler has lot of optimization features (If you
Your Regex Coach
Regular expression (or regex) [Wikipedia] are a very powerful method to parse data and extract the information you need. But a regular expression can quickly turn into a nightmare due to its complexity. I often use a memo but testing the regexp live is the quickest way to debug them.
Add Custom Search Engines with the Google API
The Google toolbar is a powerful add-on for your browser. It adds very nice features (of course, to be used sparingly if you don’t want Google to know everything about you). There is also an API which offers extra features for webmasters such as creating custom buttons. Here is a
RSA Software Token for iPhone
Since the 6th of June, a great application is available (for free) in the AppStore. RSA released an iPhone version of its software token! I already spoke about strong authentication on this blog. To resume, strong authentication is achieved by mixing at least two different types of authentication methods from