Last weekend I delivered a presentation in a new graphic way and I must say I got very good feedback. Here it is :

How to prevent another SONY PS3 Attack

In my new job I encounter all sort of issues concerning ArcSight products and I was thinking to post my tips and observations here .

Tip #1 – careful what address you set as ArcSight Manager sender.
So, today's tip is about managersetup command. After you've set the notification details for the Whine daemon, the config script tests the outgoing email setup. All ok except the fact that this script will send a test email to the same email address set as notification sender and it will ignore all destination addresses you've set. I have the SMTP pcap capture to prove it.

I just received my CISSP exam results and I passed!  Best Christmas present I could get !

Since WikiLeaks started their epic disclosure, I have witnessed a lot of new stuff being shaped under our own eyes : socially, technically and nevertheless politically.

Since I'm more of a technical guy, I have seen more DDOS countermeasures than in any "peace-time" projects and today, actually right now I'm watching a live attack on www.visa.com called Operation:Payback .

It's like watching live TV on an ongoing natural disaster, only it's man made and it gives me the creeps. Or like seeing the movie V for Vendetta happening live.

In the current DDOS attack on www.visa.com there might be obscure interests and classic botnets involved, but what strikes me is the first ever voluntary botnet made of thousands of home user computers running a bot which is controlled via IRC channels by the attackers.

If you want to get involved, the attackers have presented detailed instructions on how to turn our PC into a voluntary-bot. This is a very scary phenomenon if you think of the combined broadband access available to the current US home computer which is online most of the time.

The result can be seen live on attacker's twitter page

If the twitter account is closed, here's a live screenshot :

Call me old fashioned but I think something is not right …  distributed computing started with seti@home and cancer research and now  ended up on cyber -warfare . maybe this is what we know to do best.

I love and support freedom of speech but I don't support cyber-vandalism, no matter which is the cause it fights for. There has to be a better way ..