public marks

PUBLIC MARKS from fredbird with tag securite

April 2007

KeePass Password Safe

by 2 others
This is the official homepage of KeePass, the free, open-source, light-weight and easy-to-use password manager.

March 2007

Password Gorilla

A cross-platform Password Manager

January 2007

December 2006

All about Linux: Various ways of detecting rootkits in GNU/Linux

Detecting rootkits on your machine running GNU/Linux I know of two programs which aid in detecting whether a rootkit has been installed on your machine. They are Rootkit Hunter and Chkrootkit.

November 2006

L'intégrité du système - eMerzh's Blog

Sur mon serveur web, j'ai une série de répertoires dont je voulais pouvoir garantir l'intégrité. Il me fallait savoir si quelqu'un ou quelque chose avait modifié mes fichiers. Comment vérifier?

October 2006

May 2006

Repérer automatiquement les failles de sécurité des sites Internet

Le logiciel, dénommé SecuBat Framework, agit comme le ferait un pirate informatique: il attaque les sites web dynamiques afin d'identifier les forces et faiblesses de leurs systèmes de sécurité. Il les sollicite par des attaques croisées XSS (Cross-Site Scripting Attacks) ou par des injections SQL, c'est-à-dire en insérant des scripts Javascript ou des fragments de code SQL dans leurs formulaires, pour interroger leurs bases de données ou modifier leurs pages.

Dynamic Drive: .htaccess password generator

by 4 others
Use this tool to generate all the necessary codes needed to password protect a directory or selects files within it on your site via .htaccess. It encrypts the desired passwords, then outputs the corresponding codes to put inside your .htaccess and .htpasswd files.

Five common Web application vulnerabilities

(via)
This article looks at five common Web application attacks, primarily for PHP applications, and then presents a case study of a vulnerable Website that was found through Google and easily exploited. Each of the attacks we'll cover are part of a wide field of study, and readers are advised to follow the references listed in each section for further reading. It is important for Web developers and administrators to have a thorough knowledge of these attacks. It should also be noted that that Web applications can be subjected to many more attacks than just those listed here.

KeePass - The Open-Source Password Safe

by 9 others
KeePass is a free/open-source password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk. So you only have to remember one single master password or insert the key-disk to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

Guarddog, graphic user interface for linux firewall

Guarddog is a firewall configuration utility for Linux systems. Guarddog is aimed at two groups of users. Novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters.

logwatch

Logwatch is a customizable log analysis system. Logwatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is easy to use and will work right out of the package on most systems.

Mes premiers pas vers un système linux sécurisé

by 1 other
Dans l'article suivant je vais essayer de faire un point sur la sécurité de Linux, et surtout donner quelques bases pour rendre votre système plus sécurisé. Je ne suis pas expert en sécurité, loin s'en faut, mais voici ce que j'ai appris au cours de ces années.

April 2006

CERIAS Weblogs » Security Myths and Passwords

(via)
In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology changes, the underlying (and unstated) assumptions underlying these bits of conventional wisdom also change. The result is a stale policy that may no longer be effective…or possibly even dangerous.

February 2006

January 2006

waste :: encrypted peer-to-peer

WASTE is an anonymous, secure, and encryped collaboration tool which allows users to both share ideas through the chat interface and share data through the download system. WASTE is RSA secured, and has been hearalded as the most secure P2P connection protocol currently in development. For technical information please see "information", but for more information on download and installation, please see "downloads". Looking for other WASTE projects? Please choose "projects", or if you are interested in the main WASTE sourceforge project, see "sourceforge". Or, if you just need some help with WASTE, see "documentation".

November 2005

October 2005

DMZ (Zone démilitarisée)

Les sytèmes pare-feu (firewall) permettent de définir des règles d'accès entre deux réseaux. Néanmoins, dans la pratique, les entreprises ont généralement plusieurs sous-réseaux avec des politiques de sécurité différentes. C'est la raison pour laquelle il est nécessaire de mettre en place des architectures de systèmes pare-feux permettant d'isoler les différents réseaux de l'entreprise : on parle ainsi de « cloisonnement des réseaux »

TCP/IP et la sécurité

La sécurité des hôtes sur un réseau, et donc sur le Net, est un vaste problème. L'objectif de ce document n'est certes pas d'être une référence à l'usage des spécialistes, mais plutôt un exposé des connaissances de base qui permettent d'entrevoir les dangers encourus par un utilisateur tel qu'un internaute câblé ou "ADSLisé".

September 2005

ProcessLibrary.com - The online resource for process information!

by 22 others
In the recesses of your computer, 20-30 invisible processes run silently in the background. Some hog system resources, turning your PC into a sluggish computer. Worse yet, other useless processes harbour spyware and Trojans - violating your privacy and giving hackers free reign on your computer. ProcessLibrary.com is an invaluable resource for anyone who wants to know the exact purpose of every single process

July 2005

Rats in the security world

We have been well conditioned to recognize and delete the endless stream of spam, phishing attempts, Nigerian scams, and virus attacks we get every day in our inboxes. We have been so far behind for so long in the battle with computer security that we have almost forgotten some of the most basic insecurities that we put up with day after day.

June 2005

Open Port Check Tool

by 7 others
This page will serve as a free utility for remotely verifying a port is open or closed. It will be useful for users who wish to check to see if a server is running or a firewall or ISP is blocking certain ports.

April 2005

Page Hijack Exploit: 302, redirects and Google

by 3 others (via)
302 Exploit: How somebody else's page can appear instead of your page in the search engines.

March 2005

Setting Up a Secure Apache 2 Server

This lesson covers how to configure SSL/TLS support for Apache. This enables sensitive information that flows between browsers and servers, such as credit card numbers, to travel securely and not be accessible by malicious third parties. The lesson starts with an overview of SSL and its cryptographic foundations and continues with step by step configuration of SSL certificates and the mod_ssl Apache module.

fredbird's TAGS related to tag securite

apache +   blog +   computer +   dmz +   encryption +   firewall +   free +   google +   hack +   hacking +   hijack +   lang:en +   lang:fr +   licence:gpl +   license:gpl +   linux +   logicel +   logiciel +   mac +   mod +   mod security +   mod ssl +   module +   mysql +   network +   open-source +   openid +   os-x +   p2p +   password +   phishing +   php +   process +   redirection +   reseau +   tech +   tool +   tutorial +   type:article +   type:log +   ubuntu +   web +   web-app +   web-dev +   windows +