avatar  

Hello again! and welcome to the weekly Security Sprint :p

Today I’m going to introduce a very exciting thing. But before, let’s go back in time for a moment. We are in the late 80’s, internet is very exciting, everyone want to have a webpage… Communication has changed, and we are going into a new lifestyle, in which we can be anonymous, there are no walls between users and knowledge is open. But… uh-oh, some countries are not very happy with this statements… Internet begins to have such importance, it shapes society. If you where an ambitious company or country,...

avatar  

De nuevo nos reunimos para hablar de diversos temas de actualidad en el mundo los derechos digitales, la lucha por el software libre y nuestra cruzada a favor de la privacidad y seguridad en el mundo tecnológico. Como siempre, nos encantará tratar cualquier temática que se proponga, aunque de entrada sugerimos las siguientes:

  • La gran victoria que han logrado en Berlín contra Google, donde han conseguido mediante manifestaciones y acciones sociales que no siga adelante el proyecto de campus Google.

  • El intrínseco atentado contra la privacidad que supone la invasión del internet de las cosas en...

avatar  

Hello again and welcome back to the Security Sprint second edition ;)

Keeping with the topic of the last week, I’m going further in containers security. Now, we are going to learn the danger inside Elasticsearch, a distributed, RESTful search and analytics engine.

To clearly understand my point, let’s first launch a container running Elasticsearch. I’m using 1.4.2 version on purpose.

# docker run -d -p 9200:9200 --name es benhall/elasticsearch:1.4.2 

By default Docker drops certain Linux capabilities and blocks syscalls to add a default level of security.

...

avatar  

Hello again! Continuing with the security sprint articles, this week I’m going to talk about Falco. Nope! I’m not talking about the musician, I’m referring to an open source tool that allows us to monitor behavioral activity and detect anomalous activity in applications.

Some examples of anomalous detection are shell running inside a container in production, SQL injection attacks, rootkit’ed host, unauthorized process, write to non user-data directory, etc. An example of Falco rule is:

- macro: bin_dir condition: fd.directory in (/bin, /sbin, /usr/bin, /usr/sbin) - macro: open_write condition:...
  

avatar  

Long time not see! It’s been a while since I wrote about security over here, and I’d like to come back to my security sprints. This time, I’m talking about something I’ve been reading and studying about recently, Open Security Controller for open networking.

A network controller is similar to a brain that can manage a network. It consists of multiple physical or virtual switches and routers. A network controller knows all endpoints in the network, and programs the underlying network devices to enable communication between endpoints.

Open Security Controller allow us...