Skip to content

Monthly Archives November 2009

OpenSSL : CVE-2009-3555 security fix and mod_ssl client authentication breakage

A security advisory on OpenSSL has recently been published. Details are there and there. It is vulnerable to a MiTM attack where the attacker can intercept and retrieve the credential to a trusted HTTPS website, by intercepting the session cookie sent back to the client. A proof of concept of an attack against Twitter was [...]

Posted 28 November 2009 § Admin § Cryptography § Linux § openSUSE § Security § System § Web Comments (2) ° Tagged: , , , , , ,

New book about ModSecurity

There will be a new book about mod-security coming out :  ModSecurity 2.5. ModSecurity is essential when it comes to secure any web site. It will make the work of the attacker much harder and  it may save you even if your favorite dynamic pages have a security hole. However, it must be configured wisely [...]

Posted 15 November 2009 § Defense § Firewalling § Security § Web Comments (0) ° Tagged: , , , ,

Netios

I just released an alpha release of a little tool that may help network administrators with a large park of Cisco routers or switches : Netios is a little tool aimed to help network administrators to administrate a large number of Cisco network devices. Providing it with a list of equipments, it connects within SSH [...]

Posted 07 November 2009 § Cisco § Defense § Network § Python § Scripts, Programs § Security Comments (0) ° Tagged: , , , ,

IPv6 tunneling and security

Interesting article to read about IPv6 tunneling and security aspects. The commends are worth reading too. Follow this link.

Posted 04 November 2009 § Defense § Network § Protocols § Security Comments (0) ° Tagged: , , ,