Risk identification

Risk identification is a difficult subject. Analysts need it to defend mitigation strategies or to suggest investments. Yet risk identification is often a subjective method, especially in the IT industry. How do you give a number on a certain risk? When do you believe that that number exceeds a threshold …

more ...

cvechecker 1.0 released

With only a few small bugfixes between this release and the previous one, cvechecker 1.0 has finally been released. It runs fine on my few systems and I have not gotten any bugreports from other users anymore. It can definitely need more rules to identify installed software (those rules …

more ...

SELinux quicky

I've been using SELinux for a few days now (in permissive mode, just to get to know things) and have learned a few interesting commands (or other nice-to-know's) for using SELinux. Since I'm going to forget those the moment all is running well, I'll "document" them here ;-) I'm not going …

more ...

Switching to hardened

Yesterday (and this night) I successfully converted my system to a Gentoo Hardened system. In my case, this currently means that PaX has been enabled and I am currently running the system (which is an x86_64 laptop) with SELinux in permissive mode (so it won't enforce the policies yet, but …

more ...

prezi presentations

While doing some research on current rich internet applications / web application platforms, I discovered an online presentation site/tool called Prezi. This online application allows you to make dynamic presentations differently from the standard presentation software like OpenOffice.org's Impress. A nice example can be found online as well of …

more ...

cvechecker 0.6 released

This release makes me quite happy, because it resolves one major PITA I had (performance), but you know how things go. If it works fine for the developer, it's probably an abomination for the rest of the world. Anyhow, cvechecker version 0.6 is now available. It improves reporting performance …

more ...




cvechecker 0.5 released

A new intermediate release of cvechecker is now released. The tool is reported to build properly on NetBSD and FreeBSD as well (although much user experience there is still welcome), introduces a cvereport command (example output), has lowered its initial dependency requirements and pullcves now only loads the CVE XML …

more ...