August 6, 2008 | Jaime Blasco

Scada: OPC Nessus Plugins

During the development of the Free Nessus Feed we are writing some interesting plugins about Scada. Today we released some plugins relating to OPC (OLE for Process Control) Servers, OPC standard specifies the communication of real-time plant data between control devices from different manufacturers. List of OPC Nessus Plugins: Multiple vulnerabilities in NETxEIB OPC server CVE-2007-1313 Multiple vulnerabilities in…

August 6, 2008 | Jaime Blasco

Showing relation graph between nessus scripts and include files

I have make an interesting graph showing the relation between nessus scripts and include files   …

Get the latest
security news
in your inbox.

Subscribe via email


August 6, 2008 | Dominique Karg

Plugin GPG signature verification script

Just had to write a quick script in order to regularly check the repository, wanted to share it. for i in *.asc; do gpg—verify $i 2>/dev/null; if [ $? == 1 ]; then echo; echo “Bad Sig: $i”; read; else echo -n “.”; fi; done …

May 15, 2008 | Dominique Karg

New Forums

I’m proud to announce the avilability of our brand new forum infrastructure. We were getting really tired in the end by the lack of features of the forums, so we decided to setup FUDForum on I for myself am very motivated by this changes, I was getting crazy with the old environment and promised…

March 17, 2008 | Dominique Karg

You are invited to take part in The Google Summer of Code(tm) 2008

Yay ! we’re proud to announce that ossim has been chosen to take part int he google summer of code program. Brian, now it’s your turn 😉. I’ll post another entry when we’ve got more information about how this works. Congratulations! Your organization "OSSIM: Open Source Security Information Management" has been accepted in to the Google…

March 11, 2008 | Dominique Karg

Tutorial 6: Plugin writing primer

A couple of days ago I was fixing the fortinet/fortigate with the kind help of a Swiss OSSIM user (thanks Mikael 😉 ) and I wrote this little piece of python in order to help me out with it. Now I’m using it a lot to debug plugins so I guess more people could benefit from this…

March 5, 2008 | Dominique Karg

User feedback

I wanted to point you at two things I think that are important, things that we’ve been neglecting in the past months. IRC Channel: we’ve ignored this way of communication for quite some time but enough of that, I added a “fire up BitchX” postit on my desk so from now on I&rsquo…

February 22, 2008 | Dominique Karg

OSSIM Installer 1.0.4 released

After having written the whole thing a reduced version for those with little time available seems in place. We’ve released OSSIM 0.9.9 this week, release which was followed by a post to BugTraq [no longer available] regarding some XSS and SQL vulnerabilities present on OSSIM. After having fixed those vulnerabilities we’re…

February 15, 2008 | Dominique Karg

Installer / updater coming :-)

We’re proud to announce the soon-to-be-available 1.0.4 installer (versioning wise it could be 1.1 or even higher because of all of the changes but, well, we called it 1.0.4), both as a standalone ISO image as well as the updater. We’ve been working very hard the past months on this, the updater has been a nightmare. It’s…

January 17, 2008 | Dominique Karg

OSSIM applied to ITIL

Recently I stumbled across an interesting article talking about Microsoft, Opensource and ITIL where ossim was being mentioned. (the article can also be found googling for “ossim itil microsoft” in case the link breaks). I’ve never been very keen about learning ITIL either (although I’ve heard about it everywhere during the last year) but…

January 1, 2008 | Dominique Karg

Greetings from Istanbul

After having spent five days in this nice city I wanted to say goodbye through a post. It’s the second time I went here (sadly both times I had to work but I’ll come back for fun someday, that for sure) and I really enjoyed the stay. This time I had a nicer Hotel than last…

December 19, 2007 | Dominique Karg

Tutorial 5: Windows event logging

The windows event log As an introduction to windows event logging I recommend reading the following article: Monitoring and Troubleshooting Using Event Logs. It’s the first interesting one I’ve found after googling for an introduction. Quoting the article, which also talks about EventCombMT.exe which we’ll mention later: This article reviews best practices for…