Que significa todo eso en el titulo?; estos son las iniciativas de la nueva corriente de profesionales de seguridad en PR. El pasado 21 de Agosto se reunió un grupo de entusiastas de la seguridad incluyendo profesionales, profesores y estudiantes para comenzar lo que será el futuro de la escena de seguridad en PR. Continue reading OC, GIpSISd, Ops/Sec, Hackea TC, CTF, etc.→
Recently a friend ask me how does he knows if his mail server is vulnerable to impersonation or relay attacks. (SPAM, Phishing, etc)
First we have to think why these attacks happen. For one thing there is no authentication/authorization on the SMTP connections between servers and mostly misconfiguration. Sometime we think we did all there is to do when configuring our serves an sometime we trust what vendors say (are we suppose to?), but that the way to tragedy in security. Continue reading Testing your mail server for impersonation or relay attacks.→