http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2009-07-05 08:56:28 - .Computer Defense. : I wanted to write a quick little post to let everyone know about a newblog that they should keep an eye on The Forage Security Inc blogcontains posts from a former colleague someone I consider to be agood friend and one of the brightest guys I know I expect that you'llsee http://www.secuobs.com/revue/news/116981.shtmlhttp://www.secuobs.com/revue/news/116981.shtml Secuobs.com : 2009-07-05 08:56:28 - .Computer Defense. - There's an interesting post on VitalSecurityorg by paperghost He'stalking about a feature in Gmail that allows you to see all IPAddresses logged into your Gmail account and even sign out all otherusers He has two interesting thoughts in the article That there'snow a privacy concern if an attacker is in your http://www.secuobs.com/revue/news/116980.shtmlhttp://www.secuobs.com/revue/news/116980.shtml Secuobs.com : 2009-07-05 04:35:01 - .Computer Defense. - Randy Abrams who's a great guy to share a beer with if you ever have thechance of ESET briefly mentioned the impact that Microsoft SecurityEssentials MSE will have on the AV market in a blog post a couple ofweeks ago A commenter mentioned that MSE meant that his father wouldnow install AV http://www.secuobs.com/revue/news/116968.shtmlhttp://www.secuobs.com/revue/news/116968.shtml Secuobs.com : 2009-07-04 09:50:22 - .Computer Defense. - Tonight I started thinking that one of the biggest problems affecting ITtoday is the lack of a clearly defined terminology both terms andacronyms Sure certain things have had standardization CPE comes tomind as a great example but generally terms are not common across theboard Let's consider a few examples VM - Do http://www.secuobs.com/revue/news/116889.shtmlhttp://www.secuobs.com/revue/news/116889.shtml Secuobs.com : 2009-06-26 10:20:11 - .Computer Defense. - I don't know about everyone else, but I tend to send hit 'Reply to All'much more frequently than just Reply So when the Gmail labs featureto make 'Reply to All' the default became available, I was ratherexcited It isn't much a simple click on a drop down but it madelife more http://www.secuobs.com/revue/news/113980.shtmlhttp://www.secuobs.com/revue/news/113980.shtml Secuobs.com : 2009-06-25 17:24:28 - .Computer Defense. - Q What is your role at $vendor A PCI QSA at TW or Payment CardIndustry Qualified Security Assessor at RSA Q What got you intoIT/IS A Innate geekiness Been playing with computers since theTi99/4a Q What do you do outside of IT/IS A There's a life outsideof IT/IS When I'm not on the computer, I'm spending http://www.secuobs.com/revue/news/113671.shtmlhttp://www.secuobs.com/revue/news/113671.shtml Secuobs.com : 2009-06-25 17:24:28 - .Computer Defense. - Q What is your role at $vendor A VP Product Management at nCircle Myjob is to make sure that nCircle continues to build the most effectiveand most competitive solutions to the most urgent customer securityand compliance audit problems Q What got you into IT/IS AActually, it was 1982 and I was just starting college http://www.secuobs.com/revue/news/113670.shtmlhttp://www.secuobs.com/revue/news/113670.shtml Secuobs.com : 2009-06-25 17:24:28 - .Computer Defense. - Q What is your role at nCircle A I am the Chief Technology Officer Interms of responsibility, it means that I try to add value in technicalareas of the company and stay out of areas where I don’t add valuenCircle has a ‘whatever it takes’ culture and it keeps things freshand new http://www.secuobs.com/revue/news/113669.shtmlhttp://www.secuobs.com/revue/news/113669.shtml Secuobs.com : 2009-06-25 17:24:28 - .Computer Defense. - Q What is your role at $vendor A Director Product Management Q Whatgot you into IT/IS A started programming in 5th grade on a CommodorePet, got an Atari 800, self-taught assemblymany yrs later studiedCS and went into a startup in early client-server out of college QWhat do you do outside of IT/IS A 6yr+4-yr old twinsReminiscehttp://www.secuobs.com/revue/news/113668.shtmlhttp://www.secuobs.com/revue/news/113668.shtml Secuobs.com : 2009-06-25 09:00:33 - .Computer Defense. - When you speak to individuals working in our industry, you'll get avariety of answers for what they do This near endless list of titlesincludes: Software Engineer Software Developer Security EngineerSupport Specialist Research Engineer Network Admin System Admin Thelist goes on and on Historically, I've divided those within IT intoone of four groups: Developer Information Security IS ProfessionalInformation Technology IT Professional Web http://www.secuobs.com/revue/news/113512.shtmlhttp://www.secuobs.com/revue/news/113512.shtml Secuobs.com : 2009-06-09 07:14:27 - .Computer Defense. - I use Windows XP on all of my 4 primary machines work, work, laptop ethome The only reason I like Windows XP is because it holds PuTTYwindows so nicely and allows me to Alt-Tab between them No Linuxdistro or Window Manager has ever really had the Alt-Tab experiencethat Windows XP provides The http://www.secuobs.com/revue/news/107275.shtmlhttp://www.secuobs.com/revue/news/107275.shtml Secuobs.com : 2009-05-06 03:46:35 - .Computer Defense. - One of the coolest booth prizes at RSA had to be from an appliancebuilder that was having a draw for a free prototype appliance $2000value Thinking this would be an awesome win, i quickly filled outthe form and placed it in the fish bowl That was the last I heard ofthis http://www.secuobs.com/revue/news/92431.shtmlhttp://www.secuobs.com/revue/news/92431.shtml Secuobs.com : 2009-05-04 08:18:49 - .Computer Defense. - Note: this was a series of posts following RSA but some personal issuesdelayed this and now I'm posting a single post on the subject Thiswas my first year at RSA, and via the wonder of blogging, I had apress pass I also, unfortunately, had an exhibitor badge That isn'tto say I didn't http://www.secuobs.com/revue/news/91656.shtmlhttp://www.secuobs.com/revue/news/91656.shtml Secuobs.com : 2009-04-23 21:37:40 - .Computer Defense. - Q What is your role at $vendor A Director Product Management Q Whatgot you into IT/IS A started programming in 5th grade on a CommodorePet, got an Atari 800, self-taught assemblymany yrs later studiedCS and went into a startup in early client-server out of college QWhat do you do outside of IT/IS A 6yr+4-yr old twinsReminiscehttp://www.secuobs.com/revue/news/87324.shtmlhttp://www.secuobs.com/revue/news/87324.shtml Secuobs.com : 2009-04-21 12:49:16 - .Computer Defense. - Q What is your role at nCircle A I am the Chief Technology Officer Interms of responsibility, it means that I try to add value in technicalareas of the company and stay out of areas where I don’t add valuenCircle has a ‘whatever it takes’ culture and it keeps things freshand new http://www.secuobs.com/revue/news/86003.shtmlhttp://www.secuobs.com/revue/news/86003.shtml Secuobs.com : 2009-04-21 12:49:16 - .Computer Defense. - I've arrived After almost being removed from the plane due to a doublebooked seat, I've finally made it to SF I visited Denny's and nowI'm going to grab ~3 hours sleep before I kick off my day I'll beblogging the conference, as well as mentioning it on twitter You canfollow treguly on http://www.secuobs.com/revue/news/86002.shtmlhttp://www.secuobs.com/revue/news/86002.shtml Secuobs.com : 2009-04-20 18:48:34 - .Computer Defense. - Q What is your role at $vendor A VP Product Management at nCircle Myjob is to make sure that nCircle continues to build the most effectiveand most competitive solutions to the most urgent customer securityand compliance audit problems Q What got you into IT/IS AActually, it was 1982 and I was just starting college http://www.secuobs.com/revue/news/85666.shtmlhttp://www.secuobs.com/revue/news/85666.shtml Secuobs.com : 2009-04-08 06:32:04 - .Computer Defense. - A recent SANS ISC diary entry mentions an interesting configuration pointthat I had been previously unaware of It seems that AddType doesn'tjust enable the extension, it enables all files containing thatstring Example: AddType application/x-httpd-php php In the aboveexample, both phpinfophp and phpinfophpbak would be parsed as PHPI found this to be rather http://www.secuobs.com/revue/news/80890.shtmlhttp://www.secuobs.com/revue/news/80890.shtml Secuobs.com : 2009-03-17 17:49:30 - .Computer Defense. - In 4 hours I'll be on a plane to Vancouver to enjoy CanSecWest If you'regoing to be there ping me and we'll grab a beer You can find me ontwitter treguly or email me ht at this domainhttp://www.secuobs.com/revue/news/71812.shtmlhttp://www.secuobs.com/revue/news/71812.shtml Secuobs.com : 2009-03-12 00:24:03 - .Computer Defense. - One of the patches released yesterday has a serious flaw, in that analready compromised host will not have the patch properly applied Iprovided a full write-up on this yesterday on the nCircle blog andfelt that the importance of the issue warranted posting a link here toincrease awarenesshttp://www.secuobs.com/revue/news/70291.shtmlhttp://www.secuobs.com/revue/news/70291.shtml http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2011-01-11 05:59:44 - . Computer Defense . : Warning this is a bit of a disjointed rant I won't reveal the person's name, but recently I chuckled when reading a Facebook status update from someone I knew in high school His comment was along the lines of, My boss asked me to label our switches with their IPs, so I asked if we http://www.secuobs.com/revue/news/277290.shtmlhttp://www.secuobs.com/revue/news/277290.shtml Secuobs.com : 2011-01-07 08:23:12 - . Computer Defense . - Lately I seem to have over extended myself I had multiple blogs on the go and on top of my full time day job, I was developing curriculum, teaching and doing some book editing Given my unnatural TV watching habits, that meant other things had to suffer One of my many resolutions this year was http://www.secuobs.com/revue/news/276467.shtmlhttp://www.secuobs.com/revue/news/276467.shtml Secuobs.com : 2010-09-17 00:08:21 - . Computer Defense . - UPDATE Just wanted to let everyone know that I managed to throw 4000 towards HFC, it wasn't much but I had forgotten PayPal fees and exchange rate which is close to par but still affects 2k Thanks again everyone I just wanted to let everyone know that I've reached my goal to cover my bandwidth costs I http://www.secuobs.com/revue/news/246176.shtmlhttp://www.secuobs.com/revue/news/246176.shtml Secuobs.com : 2010-08-01 04:41:02 - . Computer Defense . - After my last review of Note applications, I was asked to review a few more apps, some by the author and others by friends who wanted to know if programs were worth buying I guess they prefer I spend my money As last time, I'm using the Pogo Sketch for all on screen http://www.secuobs.com/revue/news/245715.shtmlhttp://www.secuobs.com/revue/news/245715.shtml Secuobs.com : 2010-07-22 20:17:13 - . Computer Defense . - Every now and then I encounter websites that have donate buttons, especially if they provide a service I've always wondered about this but figured Hey, if people want to give money why not I've decided today to become one of these Cyber Pan Handlers For quite a while I've been hosting DamnVulnerableLinux without any problems About http://www.secuobs.com/revue/news/242966.shtmlhttp://www.secuobs.com/revue/news/242966.shtml Secuobs.com : 2010-06-05 20:25:19 - . Computer Defense . - One of the biggest reasons to get an iPad, in my opinion anyways, is that a tablet seems like the perfect note taking platform So I was rather surprised when I first turned it on and encountered Notes, the built in software If Apple's goal was notepad, then sure mission accomplished but I expected more http://www.secuobs.com/revue/news/228911.shtmlhttp://www.secuobs.com/revue/news/228911.shtml Secuobs.com : 2010-05-22 12:04:15 - . Computer Defense . - In playing with my iPad, I determined that editing code in vi via SSH just wasn't going to be possible the on screen keyboard just doesn't work well for vi keyboard commands That meant I had to look at AppStore alternatives I came across two that advertised what I wanted to do for i 999 http://www.secuobs.com/revue/news/224691.shtmlhttp://www.secuobs.com/revue/news/224691.shtml Secuobs.com : 2010-05-20 10:01:31 - . Computer Defense . - I experienced a brief period of downtime 24 hours the other day on a server that I have hosted with 1and1 When I contacted them to find out about the outage, I was informed that my IP has been blackholed due to a DoS attack I was surprised to discover that they hadn t contacted http://www.secuobs.com/revue/news/223924.shtmlhttp://www.secuobs.com/revue/news/223924.shtml Secuobs.com : 2010-05-18 09:13:25 - . Computer Defense . - This would normally go on SSLFailcom but due to a server outage, I decided to just post it here Tim Callan, SSL Evangelist for Verisign, has posted a brief comment that Twitter now enjoys the added cost um protection of EV SSL I decided to check this out, so I visited https wwwtwittercom and was greeted by http://www.secuobs.com/revue/news/223038.shtmlhttp://www.secuobs.com/revue/news/223038.shtml Secuobs.com : 2010-05-18 07:39:17 - . Computer Defense . - It's been a while since I posted here I'll add another post with links to my recent postings but maybe this one will irritate enough people to make up for it -- Last weekend involved more playing with my iPad and given that it s my first Apple product since the original iPod mini, there are http://www.secuobs.com/revue/news/223027.shtmlhttp://www.secuobs.com/revue/news/223027.shtml Secuobs.com : 2009-10-28 21:51:13 - . Computer Defense . - I just got an email from my web host that I now have unlimited traffic, which means no worrying about overages and no worrying about extra fees As a result I've re-enabled the DVL mirror, DVL 15 is available here http://www.secuobs.com/revue/news/154950.shtmlhttp://www.secuobs.com/revue/news/154950.shtml Secuobs.com : 2009-10-13 11:56:45 - . Computer Defense . - When I started this site I did something called the daily link list Back then I had time to gather links of interest articles every morning and share them with some comments I don't have that kind of free time anymore but I noticed I've got a number of open tabs and decided it was http://www.secuobs.com/revue/news/149880.shtmlhttp://www.secuobs.com/revue/news/149880.shtml Secuobs.com : 2009-10-13 03:23:57 - . Computer Defense . - For my 500th blog post, I figured I'd share something amusing From time to time, my wife and I order from Swiss Chalet and the order it pretty standard, quarter chicken and a baked potato The one thing we've always found is that they don't provide enough sour cream with the baked potato but luckily, for http://www.secuobs.com/revue/news/149762.shtmlhttp://www.secuobs.com/revue/news/149762.shtml Secuobs.com : 2009-10-10 13:59:23 - . Computer Defense . - I guess it's time for that post SecTOR write-up Time to share every little thing I can remember which, luckily for you, isn't much I'm going to divide this up in sections to make it easier to organize my thoughts or for you to skip parts Canadian Information Security Awards Kudos to the organizers for attempting this, http://www.secuobs.com/revue/news/149247.shtmlhttp://www.secuobs.com/revue/news/149247.shtml Secuobs.com : 2009-10-06 08:53:51 - . Computer Defense . - Tomorrow is SecTor and I'm rather excited There are so many talks I want to take in that I, unfortunately, can't see them all On top of that the speakers dinner and meet-up at the Loose Moose should be awesome nCircle will have a booth this year and will be giving away T-Shirts and chocolate So http://www.secuobs.com/revue/news/147743.shtmlhttp://www.secuobs.com/revue/news/147743.shtml Secuobs.com : 2009-10-01 09:05:35 - . Computer Defense . - I remember one day in elementary school when we were dressing up for our future careers I don't remember why they had us perform this ridiculous act, but I do remember it happening I got up that morning, got ready for school, dressed up in nice clothes and picked up my brief case , in reality http://www.secuobs.com/revue/news/146306.shtmlhttp://www.secuobs.com/revue/news/146306.shtml Secuobs.com : 2009-08-10 20:04:06 - . Computer Defense . - If one of my college professors stumbled across this post she'd probably have a heart attack, since she taught an entire course on ethics Yet it seemed like the most appropriate title for this post Over years the years, how many countless inventions have improved mankind, yet have introduced a negative side effect The gun provides http://www.secuobs.com/revue/news/129495.shtmlhttp://www.secuobs.com/revue/news/129495.shtml Secuobs.com : 2009-08-07 14:14:04 - . Computer Defense . - I think that the Security Bloggers Network SBN is amazing, so please don't misinterpret this post I've provided the domain for the website and host a mailing list although it was infrequently used even during the 2 months when people used it Yet I have to wonder if it is perhaps becoming a little too http://www.secuobs.com/revue/news/128886.shtmlhttp://www.secuobs.com/revue/news/128886.shtml Secuobs.com : 2009-08-04 11:11:04 - . Computer Defense . - A couple of weeks ago, I posted regarding the logs of some SSH bruce force attempts I had logged on my server, and was looking through One of the comments was asking for geolocation of the IP Addresses Tonight I decided to make use of the service available at ip2locationcom and geolocate each of the http://www.secuobs.com/revue/news/127762.shtmlhttp://www.secuobs.com/revue/news/127762.shtml Secuobs.com : 2009-07-16 00:55:34 - . Computer Defense . - I have to say that I was completely shocked when I read this via SpywareGuide yesterday the first thing I did was send it to everyone I was talking to on IM Write to help protect people from phishing sites and have a complaint filed with the FBI There's something seriously wrong with this picture PayPal seems http://www.secuobs.com/revue/news/121188.shtmlhttp://www.secuobs.com/revue/news/121188.shtml Secuobs.com : 2009-07-14 20:47:15 - . Computer Defense . - I was reading about the Gmail Labs option to display a key icon if the sender's domain is signed using DKIM and the sender is eBay or PayPal This allows you to quickly verify if the email is legitimate by looking at the icon Now it apparently takes some work for a domain to be http://www.secuobs.com/revue/news/120461.shtmlhttp://www.secuobs.com/revue/news/120461.shtml Secuobs.com : 2009-07-13 20:17:07 - . Computer Defense . - Quite a while ago I modified an instance of sshd to log the client version and password for every attempted login I then set it listening on a seperate interface that I never log into I finally got a chance to parse the logs 3 grep lines to dump data from the auth logs and http://www.secuobs.com/revue/news/119881.shtmlhttp://www.secuobs.com/revue/news/119881.shtml Secuobs.com : 2009-07-11 22:45:34 - . Computer Defense . - Note this was a series of posts following RSA but some personal issues delayed this and now I'm posting a single post on the subject This was my first year at RSA, and via the wonder of blogging, I had a press pass I also, unfortunately, had an exhibitor badge That isn't to say I didn't http://www.secuobs.com/revue/news/119434.shtmlhttp://www.secuobs.com/revue/news/119434.shtml