Episode243

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here



Announcements

Security Weekly - Episode 243 for Thursday May 12th, 2011.

  • Sign up for Blackhat Training Courses:
    • Security Weekly Blackhat Training Sign up for "Offensive Countermeasures: Making Defense Sexy" as a two-day course at Blackhat July 30-31. Every student gets a FREE "Hack Naked" t-shirt and sticker!
    • Tenable Security Blackhat Training Sign up for "Advanced Vulnerability Scanning Techniques Using Nessus" July 30-31 or August 1-2

Episode Media

MP3

Interview with Marcia Hofmann of the EFF

Media

Watch the live video version of this segment above. For more videos and to subscribe to Security Weekly TV visit http://blip.tv/securityweekly

COMING SOON: Download the Audio (MP3) Version of this segment here!

Background

Marcia Hofmann is a senior staff attorney at the Electronic Frontier Foundation, where she focuses on computer crime and security, electronic privacy, free speech, and other digital civil liberties issues. Prior to joining EFF, Marcia was staff counsel and Director of the Open Government Project at the Electronic Privacy Information Center (EPIC).

Marcia will talk about her ShmooCon presentation: Computer Search and Seizure

Questions

What do the police need to do to seize your laptop? Can the government force you to turn over passwords or encryption keys? What are the situations in which your data is particularly vulnerable, and what steps can you take to protect it? This talk will teach attendees about their legal rights in information stored on laptops and other digital devices, including at the United States border or other places where the data may be particularly at risk. This talk will also provide practical advice on when to do when the police want to seize computers and how to secure device accessible information, whether on a hard drive or stored remotely.

  1. Before we get started, tell us about your recent blog posts:
    1. Court Rejects Argument That All First-Time Email Hacking Offenses Are Felonies
    2. EFF campaign calling on companies to stand with their users when the government comes looking for data

Stories For Discussion

Media

Watch the live video version of this segment above. For more videos and to subscribe to Security Weekly TV visit http://blip.tv/securityweekly

COMING SOON: Download the Audio (MP3) Version of this segment here!

Paul's Stories

  1. Activating Nessus on Backtrack 5 - Let me first start by saying, yes, I work for Tenable Network Security. Okay, now that we have that out of the way, let me tell you how happy I am to announce that Nessus is the vulnerability scanner of choice for the Backtrack 5 Linux security distribution. The Nessus scanner code is included with Backtrack, and all you need to do it activate it with either a HomeFeed or ProfessionalFeed. Some little known facts are that you can use a HomeFeed to evaluate Nessus. I strongly suggest using Backtrack as a VM, USB bootable thumb drive, or installing on a hard drive as the distribution that runs. I will be posting some tips and tricks in the coming weeks on how to best use Nessus on Backtrack 5. One final thing, please seed the torrents :)
  2. Using SSH Logs For Remote File Include - I have to say, this is one of the coolest techniques I've seen in a really long time. LFI, or Local File Includes, are typically vulnerabilities that reveal information about a system, that then lead to shell access. However, some clever placement of PHP code in SSH logs, and you can turn your LFI into shell access. Sweetness!
  3. Virtualizing JunOS on VMware - I love this post for so many reasons. First, it was written by our very own Carlos Perez. Second, hardware is expensive, so many people forego the setting up of a test lab. By vritualizing your routers you can test the security of your configuration, test new configurations, and make changes without incurring the costs of hardware or disrupting operations. This is a win all around. The final thing I love is the detailed instructions and the fact that JunOS is essentially FreeBSD :)
  4. Extend Burp with Buby - A collection of Ruby scripts was published that can collect cookies, dump the body of HTML pages, and more! And really, I just wanted to say "Buby".
  5. /bin/bash Phone Home Commands - Very useful stuff! I always avoided installing tools on systems that could be used by attackers. If you run Linux, well, thats out the Window because sing /dev/tcp you can emulate functionality in tools like Netcat and Curl. However, if you are monitoring your systems and you see Bash communicating on the network, this could mean trouble.
  6. Skype Vulnerable to Remote Exploit - This has been fixed in the 5.1 version, no word on the 2.8 versions. This is for OS X only, no word on iOS versions. User just needs to receive a message via chat.
  7. Nasty Malware: Windows, Mac, Linux, iOS - If I were to deploy malware, this would be it. Java-based payload that is running on all platforms. This is where attackers need to be in order to maximize efforts, this way they can run on all systems and mobile platforms. It truly does not matter what OS you are running, malware will run and you will be targeted.
  8. How I Met Your Router - Using a DD-WRT information leak someone created a geolocation service of routers on the Internet. Since the routers leak the wireless MAC address, you can use Google to locate them and pinpoint it down to a street address. Pretty neat stuff! Props to Samy and his talk "How I met your girlfriend".
  9. Shout it out loud - So FBI can hear you - Rocker Gene Simmons gave a speech at a conference and called out music industry for not addressing piracy. Anonymous caught wind and attacked KISS's web sites. Evidence was turned over to the FBI, but no arrests have been made. Gene is quoted: Our legal team and the FBI have been on the case, and we have found a few, shall we say 'adventurous' young people, who feel they are above the law. And, as stated in my MIPCOM speech, we will sue their pants off." He also stated that he just wants his web sites to rock and roll all night and party every day without disruption.
  10. Hacking the WPA Airwaves - I like that when iPhones go to "sleep" they re-connect to the WPA wireless when they wake up. And who wants to enter a 16 character, completely random, string into their iPhone? #keyboardfail

Darren's Stories

  1. Here comes the Gov't agian... - The White House today announced that its going to be getting in on the drafting of a comprehensive Cyber ( DRINK NOW! ) law for the nation to protect our sensitive infrastructure and not violate our civil liberties too much. "Our critical infrastructure -- such as the electricity grid, financial sector, and transportation networks that sustain our way of life – have suffered repeated cyber intrusions, and cyber crime has increased dramatically over the last decade," the White House says in its cybersecurity proposal. "... It has become clear that our nation cannot fully defend against these threats unless certain parts of cybersecurity law are updated."
  2. iFixit tears down a FBI tracking Device - pretty neat the tech they packed into this. My understanding that this is older equipment and they have much more advanced and smaller devices now.
  3. Chris Nickerson's show was cancled - Breaking in is now broken...

Industry news:

  1. Microsoft to Acquire Skype
  2. Sophos Acquires Astaro