avatar  

Muy buenas a todos,

para hoy tenía pensado hacer un nuevo Post sobre Responsible Disclosure, pero como envié un correo electrónico y me ignoraron de una manera muy fuerte, lo que voy a hacer es explicar como funcionan las vulnerabilidades (sin decir donde se encuentran, quien quiera que lo busque) para ver si a alguien le puede servir para aprender algo nuevo.

Además del correo electrónico también envie un MD por twitter, donde también me ignoraron, así que voy a publicar toda la información.

...

avatar  

When we transmit sensitive data through the network, we want to feel secure doing it. For that, we use HTTPS traffic, which is HTTP protocol secured via an SSL/TLS. It checks confidentiality and authentication, this last one is done through digital certificates. Let’s explore how to test vulnerabilities surrounding HTTP protocol transmission. What are we going to use?

Openssl

As explained in the official site, openssl is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It’s usually included in linux systems, but...

avatar  

DeepSec es un congreso internacional sobre seguridad en sistemas informáticos y comunicaciones electrónicas, así como la gestión de la seguridad y los aspectos sociales. Se celebra anualmente en Viena.

Este año, Paula participó con la charla “Open Source Network Monitoring”:

I'd like to offer an introduction into Network System Monitoring using different open tools available in linux. The talk is a technical approach to identify the best sniffing points in a network and how to orchestrate a full analysis of the content to secure the network, as well as showing ideas of collaborative and distributed hacking.

...

avatar  

Last week I skipped Security Sprint, oops! But today I’m bringing you another DevSecOps content. In this case we are learning about Seccomp and how to apply it for secure containers. Secure computing mode (seccomp) is a Linux kernel feature, as explained in the Docker documentation.

You can use this feature to restrict your application’s access, and making its security stronger. They’re defined in a JSON file that is applied when a container starts. This is only available if Docker has been built with seccomp and the kernel is configured with CONFIG_SECCOMP enabled. To check if our kernel...

avatar  

Hello guys, how are you doing? I’ve had in my mind a topic for a while now and I’d love to share and hear from you about it. It’s not quite technical but it’s important in any techie job, I think.

Not long ago, DEV went open source and it was pretty exciting for the ones who were following the development of the site. Some of us are very used to creating free and open content and happily joins Linux discussions, events and such. But, what’s the point on this, why are we in this train? I’d like to...