(15 Seconds of silince)
(get all the laughter out)
(Record the Welcome Intro)
Theme Music, Episode 26 for May 4, 2006
"Welcome to Security Weekly, Episode 26 for May 4, 2006"
From the PSW studios
“Welcome to this edition of Security Weekly, where we sniff packets, not panties"
"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and twitchy is running a little late because his head wouldn't fit through the door today. Must be all that feedback from the listeners :)"
This episode is sponsored by Syngress Publishing, its like porn for hackers, crackers, and IT security professionals.
Listen to the question at the end of each show, then go to the Security Weekly blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
Last weeks winner was Ben who stated the correct answer of "There were 94 access points found, 86 of which were unencrypted"
The winner of the copy of Office 2003 sent us his name and address, but we seem to have misplaced it. Please send it again! (we want this MS product out of here :-) )
We are also still waiting to hear from "Ignorance" for his correct answer to Larry's first computer. Drop email@example.com an e-mail with your name and address.
This episode is also sponsored by Core Security Technologies.
Use Core impact to penetrate your network, Just like a South Carolina lacrosse team (Yikes, too soon, use next month). Use Core impact to penetrate your network like the bunny ranch.
Larry: Use Core impact to penetrate your network just like that special hug that mommies and daddies do Paul: Yeah, hard and fast. Ooh, did I just say that out loud
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!
Announcement: Don't forget about the Frappr slap! We got slapped, but please do put pins on our map!
Announcement: Logo and slogan contest, thanks Snort!
On to listener feedback...
NEW TMUP Promo - UTTechno-1 - Listner Feedback
Steve Holden from Tech News Radio has left some audio feedback....
Kevin writes in to tell us about a honeypot story:
Paul, Larry, and Twitchy:
I just thought I'd forward on a story about catching someone using Ethereal on my network after listening to Twitchy's story a last week.
After 4 years of college and no job I went back to the tech school and learned networking. Before I could complete my internship I was hired by a local school district to administrate thier network. It was a rag-tag network made up of tons of donated equipment and yes... running on hubs. I mentioned to one of my former instructors that I was working with hubs and that I was concerned about sniffing on the network. He said that there are programs that will look for NIC's in promiscuous mode but he had several reasons why that wasn't the way I should go.
He then handed me a two bootable linux cd's and two shell scripts. A few minutes of instruction (literally we didn't spend 15 minutes on this) he had showed me what he had setup.
He used one of the Linux systems to log onto the other one every hour and half hour with an account named "Administrator" (non privileged - but it didn't matter they were CD based) with a really good password - just transmitted in plain text.
The other system checked every 5 minutes to see if anyone was logged in at any times other than the hour and half hour. If anyone was, it captured all the data - ip, mac, etc and then sent me an e-mail saying someone was logging into it.
We named it "grades" and a week later I caught my first student with a sniffer - needless to say he was suspended and his computer use removed. So Honeypots do have a purpose!
I'd be interested in hearing your thoughts on programs that will capture NIC's in promiscuous mode like PromiscDetect etc and whether you audit for these.
Dustin writes in:
As of right now I have my own small business in Computer Repair and I enjoy Network Security. I want to start my own Security Consulting business in the area for mainly home and small businesses, I would want to do higher forms of businesses but I'm not sure on what it takes, that's my question. To get out and start in the business, what basic knowledge should I know to get started. What tools should I start using and what concepts should I learn to impose onto my customers.
I'm 20 years old, and actually turning 21 on May 21st. If you can remember to give me a shout out happy birthday on the podcast around that day it would be awesome! Just so you know I'm really into Networking and Security, its what I want to do for the rest of my life, and listening to your Podcast made me really motivated to do this and also its great experience.
Alastair writes in:
In episode 24 I could have sworn I heard someone use the term "zero day vulnerability".
Was that a mistake because the term doesn't have any meaning to me. Alternatively please explain because I don't get it.
I get zero day exploit, and zero day warez. But zero day vuln?
[Music] Story Time With Twitchy
Twitchy tells us a hacking story about something...
Sweeper Outtakes - News
Episode26 Show Notes
George Class Promo - Josh Sweeper
Syngress question of the week: How many licks does it take to get to the center of a tootsie roll pop?
Core discount code impactbsg
SANS discount code is <pauldotcom>.
Thank you for listening, firstname.lastname@example.org, http://securityweekly.com Phone number Security Weekly Security Weekly, PO Box 860, Greenville RI, 02828
CALL SISTER AND WISH HAPPY BIRTHDAY