I attended the last joint TF-CSIRT / FIRST meeting in Riga. One of the most interesting talks was by Wayne Routly from Dante. He talked on Quantitative Cross Comparative Analysis of Tools for Anomaly Detection. He gave some very good information on StealthWatch and Netreflex. If you’re moving Gbs of data then the set of tools you can use to analyze traffic are limited. According to the presentation both tools did quite well though.

Deze avond was er op 2be de film Children of Men.

Wie er na de Al Gore campagne of de Big Ask nog steeds niet van overtuigd is dat er iets grondig mis is met onze planeet zal de film een kijk op de toekomst geven. Donker en deprimerend vooruitzicht.

I’ve recently set up some new msql-servers that had to fetch their data from a shared mountpoint. I changed the mysql configuration so that it was no longer looking in /var/lib/mysql but in /mounted/mysql. Unfortunately mysql failed to start because of insufficient permissions( type=1503 operation=â€?inode_permissionâ€? requested_mask=â€?rw::â€? denied_mask=â€?rw::â€? name=â€?/mounted/mysql/ibdata1″ pid=7588 profile=â€?/usr/sbin/mysqldâ€? namespace=â€?defaultâ€?

This is caused by apparmor. You need to edit the file /etc/apparmor.d/usr.sbin.mysqld and then look for the lines /var/lib/mysql. Replace this with your path and restart apparmor and mysql.

SSL Blacklist is a nice addon for Firefox that has the ability to detect MD5 signed certificates and block access. If you don’t know what’s the problem with MD5 signed certificates then enjoy reading this.