The Richard Stallman’s lectures

Posted by jmunhoz on May 07, 2009

This last Thursday I enjoyed two Stallman’s lectures in Vigo. Some mates blogged out about it in their blogs so you can know every detail in this event easily if you are interested. If you don’t know I am talking about you can read the last Juanjo’s or Joaquim’s post in order to get the full details :)

In this event I listened the Stallman’s message and his particular way to spread it with huge curiosity. He got some really interesting momentum in the lectures although I would like to highlight the Q&A time where he answered several interesting questions indeed. Specifically, he shared his thoughts and insights on the software libre movement (SLM) and how it fits in the software libre industry currently. Thereby he flied over hot topics such as the acquisition of Sun by Oracle, SaaS and the SLM or the GPL’s last version among others.

I have to recognize I was surprised when he talked about the GNU/Linux integration and how he was disappointed when the GNU project took off like a rocket with the Linux kernel on board while the different communities identified the GNU project with the kernel only calling it Linux alone instead GNU/Linux.

Stallman talked about the Linux community too and how the distributions share this piece of software and how their decisions, particularly those ones related to non free drivers and firmwares impact every distribution and the movement itself.

Last, but not least, he talked about his experience making decisions and how he made one difficult decision between the micro and monolithic kernel design and how it changed a lot of things in the project’s history.

Security Networking at MSWL’09

Posted by jmunhoz on February 01, 2009

Information security, network attacks, network defense and vulnerability management were the main topics this past weekend at Master on Free Software. Two days talking and playing with advanced networks attacks and defenses together with vulnerability management at Vigo (great city!)

As you know, the last year we handled different attacks and techniques showing practical countermeasures in order to get more secure configurations for our systems, so this year we decided to complete this approach including the best security management practices for persons in charge of security strategy and tactic in organizations.

In detail, we covered the following topics:

  • Benefits of good security practices
  • Security methodology
  • Risk analysis and defense models
  • Network architectures
  • Network device security
  • Integrity and availability architecture

Vulnerability management was a hot topic too. We introduced responsible disclosure and how it relates to the free software community …

Linux networking stack in depth

Posted by jmunhoz on December 18, 2008

This last friday I taught Linux networking at Master on Free Software. As you know it’s the second edition and this time I was in charge of setting the basis of Linux networking for the new students.

In this lesson we saw, other than typical configurations and trouble shooting, some theory covering the current networking models (concepts, protocols, applications and so on) and a full revision about the networking stack implementation together with source code for the Linux kernel.

Reviewing the planning, security is the next battlefield …

Back from Istanbul

Posted by jmunhoz on July 22, 2008

I’m coming back from Istanbul where I posted some quick notes from hotel and airports … awesome city and very good people :)

As you know, I landed this thursday at Coruña and on friday I was teaching at Master on Free Software the last security networking lesson. With this lesson we finished our first security block. This time we finished with a full laboratory covering practical corporative firewalling and a real web hacking session.

We played a dynamics group too where we were talking about security industry and how it impacts our enterprises and organizations. In particular we spoke about adding effective countermeasures in your organization/business, our current security situation, being productive with open security tools, handling vulnerability responsible disclosure or the new vulnerability markets among other topics.

We close this master class answering doubts and sharing our opinions and ideas about effective security.

Security and networking at Master on Free Software

Posted by jmunhoz on July 09, 2008

The last weekend I put my black hat on again. I was teaching network security at Master on Free Software talking and showing a lot of different and effective attacks targetting current networks with very practical examples.

Now, people attending those classes know about tactics and tools used by blackhats while breaking in real targets. We focused on different topics such as design flaws, protocol weakness, hijacking connections, fragmentation attacks, active/passive fingerprinting, switched sniffing, MITM attacks, advanced scanning and so far.

The next master class, scheduled on the 18th/July, we’ll see advanced and strategic defense for organizations. Among the practices we’re going to analyse real attacks and play dynamics group.

By the way, I’m blogging from Istanbul … see you guys at GUADEC!


Bad Behavior has blocked 14 access attempts in the last 7 days.