From Security Weekly Wiki
Jump to navigationJump to search

(15 Seconds of silince)

(get all the laughter out)

(Record the Welcome Intro)

(More silence)


Theme Music, Episode 27 for May 13, 2006

"Welcome to Security Weekly, Episode 27 for May 13, 2006"

From the PSW studios

“Welcome to this edition of Security Weekly, "

"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and we've also got our extra pecial host Twitchy. Also joining us in the studio today is Kevin Amorin, author of PacketFence. Kevin, tell us a little about PacketFence!


This episode is sponsored by Syngress Publishing, its like porn for hackers, crackers, and IT security professionals.

Listen to the question at the end of each show, then go to the Security Weekly blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!

Last weeks winner was Christian who stated "the initial standard for 802.16 was 10-66 GHz freq. the updated 802.16a is sub 11ghz (2-11ghz)" Contact info for free book, etc....

This episode is also sponsored by Core Security Technologies.

Larry: Use Core impact to penetrate your network like a bunch of Johns at the the bunny ranch. Paul: Yeah, it is legal when you have permission.

Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.

We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!


Announcement: #securityweekly channel on irc - irc.freenode.net

Announcement: Don't forget about the Frappr slap! We got slapped, but please do put pins on our map!

Announcement: Logo and slogan contest, thanks Snort! Contest coming to a clost this weekend!

On to listener feedback...

TMUP Promo 100th show - IT Crowd - Listner Feedback

<DO NOT READ ON SHOW> Guys, maybe a little different format. Let's try to paraphrase, to shorten.<END>

Jon Barber writes:

Dear paul,

The recent item you had on rootkits has prompted me to write to mention a great site that I've really enjoyed, and maybe others would profit from. www.pulltheplug.org hosts some excellent wargames, especially the vortex games. These are a really excellent way of learning how to write exploits using shellcode & buffer overflows, some of which aren't that widely known about.

The community centred there are really knowledgeable and helpful with any problems playing the games. I learned a lot playing these games, and the sense of satisfaction you get from completing a level is immense.

Please check it out, and maybe give it a mention if you find it of use ?

Dustin writes:

Oh and what GPS device to you guys recommend for war driving? Also what card and external antenna to use? I have a Dell notebook with the Intel ABG wireless card in it but I wanna get a external antenna onto it but you cant with it.

Kevin Amorin writes, er, kevin, why don't you tell us what you wrote!:

Hey guys,

I like to send out packets to black whole ips and watch on the span for DNS reverse requests for that IP. A easy way to detect some sniffers, if they are using default configs


Paul Batitsta writes:

To go along with the BMW article here is some further reading on RFID hacking,


On the topic of promiscuous mode detection- A nifty way Ed Skoudis described was to put a packet on the wire with a incorrect destination mac address but correct IP address and wait for a response. If the host responds you know it should not have seen that packet but did anyways and is therefore in promiscuous mode.

[Music] Story Time With Twitchy

Twitchy tells us a hacking story about something...

Paul also has a story about Best Buy!


Fecal Matter Manipulation - News


Episode26 Show Notes

George Class Promo - FiT Stinger

Syngress question of the week: How many licks does it take to get to the center of a tootsie roll pop?

Core discount code impactbsg

SANS discount code is <pauldotcom>.

Thank you for listening, psw@securityweekly.com, http://securityweekly.com Phone number Security Weekly Security Weekly, PO Box 860, Greenville RI, 02828