Episode322

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

Episode Media

MP3

Announcements & Shameless Plugs

Security Weekly - Episode 322 for Thursday February 21st, 2013

  • Come to Security BSides Rhode Island One-Day Conference on June 15th tickets are NOW ON SALE at WePay.com. Featured presentations from Josh Wright , Kevin Finisterre, Kati Rodzon and Mike Murray, Bruce Potter, Joe McCray,Ron Gula, Ben Jackson, Dave Maynor and the entire Security Weekly crew!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Thursday nights at 8:30PM EST. Come have a cigar with us!

Interview: Joe McCray

Joe McCray is an Air Force Veteran and has been in IT security for over 10 years. His background includes both Network and Web Application penetration testing as well as incident response and forensics within the DoD and commercial sector. Joe was last on Episode 227 and is on to give us an update on his current projects.

Five Questions:

  1. If you were a serial killer, what would be your weapon of choice?
  2. Three words to describe yourself?
  3. If you had to write a book about yourself, what would it be?
  4. Stranded on a deserted island, which tablet would you take with you if you could only choose one: iPad, Android or Surface?
  5. In the popular game of ass grabby-grabby would you prefer to go first or second?

Announcement

  • We are in the process of archiving and cataloging our technical segments, please visit the Security Weekly Technical Library and we indexed all of the interviews we have conducted. We are also working on updating all of the articles, so check the newsletter or if you want to help in exchange for some free guidance and security training please email me.

Tech Segment: Building a Security Lab On The Cheap

Having a home lab is really key in our field. There always seems to be projects you want to work on that require a specific OS or software. You just need hardware at home, whether you are pen testing or doing security research. I grew tired of using laptops, and especially my own laptop. Having some low-cost servers will open up the possibilities. I have two Nokia IP 440's that I just keep replacing the hardware in, you can buy them for $150:

http://www.ebay.com/itm/Nokia-IP440-Firewall-w-1-Year-Warranty-Fully-Tested-/170859016335

Probably score them for free if you look hard enough. I've had them for years and always swapped out the parts. You can also get a rack for cheap or free if you look hard enough. I put mine in my boiler room, and I also use a dehumidifier to keep down the moisture. Its not for everyone, and a cloud provider is nice, but the hardware itself you can find for free, and the hardware I bought has come so far down in price that it just makes sense to have your own lab. Here's what I got for hardware

System 1:

13-131-872R MB ASUS|M5A97 LE R2.0 970 AM3+ R $67.99

17-822-005 PSU DIABLOTEK| 350W PHD350 RT $19.99

19-103-996 CPU AMD|4-CORE FX-4100 3.6G 8M R $104.99

20-148-662 MEM 2X4G|CRUCAL BLS2K4G3D1609ES2LX0 $43.99

22-236-155 HDD 500G|WD WD5000AZRX 64M SATA6G % $54.99

I upgraded the RAM on the above system, and thinking of going full out 32GB. It was $80 per 8GB stick at Best Buy off the shelf. I installed Debian, but it booted to a flashing cursor. I think it had to do with the video card, which I also had to buy at Best Buy because the system did not come with one and I wanted to get it running. Bonus though, you can get CUDA cards and use it for password cracking. I went AMD, install was pretty easy. Turns out Debian did not like the video card, but Ubuntu server works well. I plan to run A LOT of VMs on this system with VMware Workstation. I also plan to get Qemu going on it to test firmware.

System 2:

2 x ($79.99) Seagate Barracuda ST1000DM003 1TB 7200 RPM 64MB Cache SATA 6.0Gb/s 3.5" Internal Hard Drive -Bare Drive - OEM $159.98

1 x ($139.99) ASUS F2A85-V PRO FM2 AMD A85X (Hudson D4) HDMI SATA 6Gb/s USB 3.0 ATX AMD Motherboard $139.99

1 x ($128.99) AMD A10-5700 Trinity 3.4GHz (4.0GHz Turbo) Socket FM2 65W Quad-Core Desktop APU (CPU + GPU) with DirectX 11 Graphic AMD Radeon HD 7660D AD5700OKHJBOX $128.99

1 x ($39.99) LG Black 10X BD-ROM 16X DVD-ROM 48X CD-ROM SATA Internal 12X Blu-ray Combo Drive Model UH12NS29 - OEM $39.99

1 x ($23.99) Diablotek PHD Series PHD350 350W ATX12V V2.2 Power Supply $23.99

1 x ($11.99) COOLER MASTER R4-L2S-122B-GP 120mm 4 Blue LED Case Fan 2 in 1 pack $11.99

1 x ($3.99) APEVIA Model CVTPWSW 25" Power switch cable for computer cases that connects to the motherboard

This system I plan to use for media, not much to do with security here though! Hence the Blu Ray drive. Graphics are built into this board, and its pretty low power. I had to buy a power switch too, as the one that comes in the case does not work with all motherboards (lights and switch are together).

You don't have to use all the hardware I have above, stuff goes on sale all the time, and you can build it up slowly. With hardware so cheap and the ability to just constantly swap out parts, you will have fun maintaining your own lab!


Stories

Paul's Stories

  1. How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Account (Without App Allow Interaction) | Nir Goldshlager Web Application Security Blog
  2. ISC Diary | SSHD rootkit in the wild
  3. 2 More Java Zero-Day Vulnerabilities Emerge
  4. RSA: Lawyers eschew self-defence hacking - IT News from V3.co.uk
  5. Black hat greed reducing software vulnerability report rate
  6. Vint Cerf: 'The internet of things needs to be locked down'
  7. Why Patching Your Software Matters!
  8. Anonymous leaks 'Bank of America secrets' in spy revenge hack • The Register

Larry's Stories

  1. EICAR? - [Larry] - I find it odd that Xprotect is just now adding definitions to detect EICAR…I'd love an overflow in EICAR processing…
  2. APT1, Netizens - [Larry] - More conformation on Mandiant's smoking gun. Apparently Chinese netizens are coming out of the woodwork with information and corroborating evidence. Also, who uses the word Netizens anymore? 2002 called and wants their word back. Now, we call them trolls.
  3. iPWN Emergency calls - [Larry] - W T F. How many times does this need to happen. How hard is this to learn the first time…not the 10th.

Jack's Stories

Allison's Stuff

Patrick's Stories