Skip to content

Category Archives: Security

Network virtualization and the DMZ paradigm

The virtualization buzz I have recently worked on network virtualization. Many people, especially the network guys, have been recently excited with the VMware Vswitch or Cisco Nexus stuff.  It is something that I understand because virtualization is cool. It brings many convenient features that truly make the life easier. But what about the security? Convenience [...]

Posted 30 April 2011 § Cisco § Defense § Network § Virtualization Comments (2) ° Tagged: , , , , , , ,

How do you manage your passwords?

We all know that passwords sucks, that they are the nightmare of all administrators and security guys. So many hacks have been eased because the victims reused the same password everywhere : email account, forum, bank, critical systems… Sadly, so far, there is even not the beginning of a replacement solution. Passwords will be there [...]

Posted 17 April 2011 § Admin § Cracking § Defense § Desktop § Linux § openSUSE § System § Web Comments (4) ° Tagged: , , ,

Disk wiping : Myth broken

There are many urban legends in the industry. I did believe in one of them : “wiping a disk to properly prevent data restore requires random writes and several passes”. At least until I found this very instructive article, “Disk Wiping – One pass is enough“. Don’t miss the second part which clarifies some points [...]

Posted 06 March 2011 § Linux § openSUSE § Privacy § System Comments (0) ° Tagged: , , ,

Cloud in the security sky or should I see a psychologist?

The “cloud” is a buzz word that has been around for months. The marketing guys are pushing it so hard that every IT guy will hear of that at work soon or later. Taking a decision whether to use it or not requires some deep knowledge, because if its pros are clear – you can [...]

Posted 05 February 2011 § Web Comments (0) ° Tagged: , , , , ,

Microsoft’s Zozzle, Javascript malware detector

In an effort to detect malicious Javascript code, Microsoft is developing a tool named Zozzle, aimed to be embedded into the Javascript engine of a browser. The authors claim that it is both fast and efficient with a very low rate of false positive. Here is the report for more details.

Posted 01 February 2011 § Defense § Web Comments (0) ° Tagged: , , ,

World’s worst hacker

That was so funny !

Posted 31 January 2011 § Admin § Hacking § Linux § openSUSE § System Comments (1) ° Tagged: , , ,

Debugging the MBR with IDA Pro and Bochs

Analyzing the MBR is sometimes required during a forensic process, if you suspect a malicious activity that is not detected on-line. With static analysis, you may see if an obvious corruption happened, but you will need to debug to learn more. Prerequisite : IDA Pro (6.0) with the IDA Python plug-in (1.4.3) Steps : Prepare [...]

Posted 20 January 2011 § Assembler / Reversing § Malware forensics Comments (6) ° Tagged: , , , , , , ,

A link between Stuxnet and the OpenBSD IPSEC backdoor rumor ?

Found on Full Disclosure, a weired but troubling connection of two security affairs : the OpenBSD backdoor rumor and the stuxnet worm.

Posted 16 January 2011 § Malware forensics § News Comments (0) ° Tagged: , , , ,