Episode356

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here


Episode Media

MP3 pt1

MP3 pt2

Announcements

Security Weekly - Episode 356 for Thursday December 12th, 2013

  • Come see me speak next year! First and foremost I will be speaking at S4x14 this year on Jan 14th (on "OTDay"). Visit the conference web site and come to Miami in January.
    • I will, reluctantly, be attending RSA this year as a booth babe. Any requests for outfits are appreciated, send them to me on Twitter @securityweekly using #whattowearatRSA2014
    • The Offensive Countermeasures Hack Lab at the Mid-Atlantic CCDC conference in 2014, and sticking around to MC the event and do a live Podcast!
    • I'm also slated to speak at the Charlotte ISSA conference in 2014 and the NOLA conference in New Orleans in June
  • We are looking for sponsors for our weekly webcasts and shows. Contact paul -at- hacknaked.tv for details, there are still a few slots available!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Thursday nights at 9:00PM EST. Come have a cigar with us! If you are in the Rhode Island area please visit our sponsor the Havana Cigar Club, its an awesome place to have a drink! Make sure you print out your $5.00 off coupon here!
  • Larry teaching SANS classes: Check out his SANS page for the details" 617 in DC in December, and in Orlando in March, Also 571 at RSA

Guest Interview: Champ Clark (@dabeave666)

Biography:

Champ Clark, also know as "Da Beave" in some circles, is the CTO of Quadrant Information Security headquartered in Jacksonville, Florida. He is one of the founding members of the VoIP hacking group Telephreakand runs the Deathrow OpenVMS cluster. He has co-authored books published by Syngress Publishing and has been interviewed by various magazines. He has spoken at conferences on topics such as "war dialing" the world with VoIP, exploring X.25 networks around the world, and most recently, real time log analysis with "Sagan", software he developed.


  1. How did you get your start in information security?
  2. What advice do you have for others getting their start in information security?
  3. What about phone phreaking and/or VoIP hacking, how does one go about getting started?
  4. What is the Deathrow OpenVMS cluster and what is it used for?
  5. Do people still war dial?
  6. Why is war dialing so useful?
  7. Why do most folks not opt to have war dialing be a part of their penetration test?
  8. Tell us about Sagan, what is it and what does it do?
  1. Three words to describe yourself
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of Ass Grabby Grabby do you prefer to go first or second?
  5. Stranded in a desert island, which tablet would you bring along: a) iPad b) Surface c) Android d) All of the above e) None of the above?


Links:


The Sagan log analysis engine. Currently my main project -

The Deathrow OpenVMS cluster: http://deathrow.vistech.net . At Deathrow, you can play/hack on the OpenVMS operating system.



Stories

Paul's Stories

  1. Important Security Update for D-Link Routers — Krebs on Security
  2. GCC Poison | Leaf Security Research
  3. Using a Hosts File To Make The Internet Not Suck (as much)
  4. "Mobile Device Tips
  5. "Nvidia exploit could turn render farms into password crackers
  6. The top 8 security threats of 2013
  7. Guilty Verdict in First Ever Cybercrime RICO Trial | Threat Level | Wired.com
  8. BBC News - Bots now 'account for 61% of web traffic'
  9. Errata Security: Literally the nicest thing I’ve ever done
  10. How to find out if your password has been stolen | ZDNet
  11. Network Security Tip of the Week
  12. "Installing PVS

Rob's Stories

Internet of things Worm

All Five Major carries agree to unlock phones

Zeus is back and targeting 64 bit systems

Developers no longer trust hardware entropy

VulnHub, cool place, cool people and cool hacking challenges

Everyone spies.

Advice for buying Clamato

Greg's Stories

Allison's Stories

Carlos Stories