Announcements & Shameless Plugs
Security Weekly - Episode 287 for Thursday May 10th, 2012
- Register today for Offensive Countermeasures: Defensive Tactics That Actually Work at SANSFIRE July 7, 2012 - July 8, 2012 with the freewheeling, piano playing & clown loving John Strand!
- You can watch us live at http://securityweekly.com/live or watch the recorded episodes on Ustream
Special Guest: Anton Chuvakin
Dr. Anton Chuvakin is a Research Director at Gartner's IT1 Security and Risk Management Strategies team. He is a recognized security expert in the field of log management, SIEM and PCI DSS compliance and author of "Security Warrior" and "PCI Compliance".
- How did you get your start in information security?
- Lots of people have a SEIM, and lots of people get hacked, what are they doing wrong?# With the volume of information the SEIM provides, how can we better weed through this information?
- Many will state they cannot monitor everything, what should they monitor if they pick and choose?
- How do you feel about a "poor man's SEIM" such as a Linux Syslog server?
- From Jack Anton was way ahead of the curve on the significance of log management and log analysis, and he seemed to get tired of preaching it a couple of years ago. We talked at RSA that maybe the time has come and people are starting to take it seriously. So, are people starting to take log management seriously? Why now? What has been wrong with log management in the past?
- What's the difference between compliance and security?
- How does PCI help people?
- How can PCI hurt organization's security?
1) Windows , OS X, Linux, or OS/2 Warp
2) In a game of ass grabby grabby, would you prefer to go first or second?
3) If you had to streak naked through a security conference, would you rather try to cover yourself up the a printout of the PCI standard, a printout of one day worth of system logs, or a the fortune from a fortune cookie?
4) Three words to describe yourself
5) If you had to write a book about yourself, what would the title be?
Guest Tech Segment: Daniel Martin
- What was the initial itch you wanted to scratch when you created Dradis?
- What would you have done differently in the beginning with what you know now?
- Why did you chose to do it in Ruby?
- How has the community involvement and contribution be?
- Are there any commercial plans for Dradis?
- Be sure to tune in to next week's show featuring wireless security expert Cedric Blancher! That's Thursday May 17, 2012 at 6PM EDT
- Check out our new shows: Hack Naked TV with John Strand, Hack Naked At Night with Larry and Darren, Security Weekly Espanol with Carlos Perez and our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim Mugherini.
Daniel Martin is a member of the Dradis Framework Core Team and founder of Security Roots Ltd. He blogs at usefulfor.com and can be found on Twitter as @etdsoft. Dradis is an open source framework to enable effective information sharing, specially during security assessments. Security Roots Ltd for Dradis Professional Edition
VulnDB HQ (platform to manage vuln. data for reports) is a platform that lets you build and maintain a vulnerability database. "Why does your team need to write up the same vulnerability descriptions again and again? How much time will you save if you could reuse issue descriptions from previous reports?"
Some More Plugs
- Be sure to register for Carlos Perez class "Introduction to PowerShell for Security Professionals" happening at DerbyCon.
- Larry is teaching for SANS, check out Larry's very own dedicated page on the SANS web site for a complete list.
- DerbyCon Call for Papers and Ticket Registration is: available online. If you have not yet registered or submitted a talk, please do so now.
- Security BSides everywhere: Iowa, London, Chicago, Austin, Charleston, more. http://www.securitybsides.com/ - We have 5 BSides tickets to give away! Listen to the instructions at the end of Episode 282 for complete details!
- CVE-2012-1675 Oracle Database TNS Poison 0Day Video Demonstration - Looks like this vulnerability allows you to MiTM or control others TNS sessions. It was reported in 2008 and just now published. I wonder how many other people found it in the mean time? Looks like there is no patch, but some workarounds.
- Breaking in to Security - Survey Conclusions - Really neat survey!
- Tampon-Shaped USB Drive - There's a joke in there somewhere, talk about data leakage!
- Security Fail - Really funny, don't leave Wifi passwords on the wall.
- DNSChanger Trojan: Not All Doom and Gloom - July 9th is fast approaching!
- Don’t let them scare you - Defensive recommendations include Configuration Management, Patch Management , Up-to-Date AV, Application Whitelisting. Agree?
- Web Application Firewalls and the False Sense of Security They can Create - I'm leaning more towards solutions that actually fix the problem, rather than mask it. Firewalls and network segmentation are great, but don't rely too much on them. Patching, config management, and a development process that weeds out security vulns.
- Jetting off abroad? Pack protection ... for your Wi-Fi - The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products on their hotel internet connection
- PHP devs lob second patch at super-critical CGI bug
- Security error in OS X 10.7.3 exposes passwords for legacy FileVault users
- From LOW to PWNED [6 SharePoint]