(15 Seconds of silince)
(Record the Welcome Intro)
Theme Music, Episode 30 for June 8, 2006
"Welcome to Security Weekly, Episode 31 for June 8, 2006"
From the PSW studios
“Welcome to this edition of Security Weekly, where sometimes security comes at the expense of sleep."
"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and we've also got our extra special host Twitchy.
Hello to all of our live audience listeners via Skypecast!
This episode is sponsored by Syngress Publishing, read a book, learn to hack, and never have to pay for another coke again!
Listen to the question at the end of each show, then go to the Security Weekly blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
Last weeks winner was nothsa who stated the correct answer:
- nix command-line zip password cracker: http://www.goof.com/pcg/marc/fcrackzip.html
Unknown Length - lower/uppercase, numbers, special chars: ./fcrackzip --use-unzip -b -c aA1! ./file.zip Starts search at "aaaaaaaa" - lower/uppercase, numbers, special chars: ./fcrackzip --use-unzip -b -c aA1! -p aaaaaaaa ./file.zip
The "--use-unzip" option slows down the cracking, but not using it will generate some false-positives.
The html page above also has a full man page near the bottom with descriptions of all the options.
Here's another one with a Gnome GUI: http://sourceforge.net/projects/zipcracker
This episode is also sponsored by Core Security Technologies.
Larry: Use Core impact to penetrate your network day and night and not get tired!
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!
Annoucenment: Insecure Mag
Announcement: Paul getting 0wn3d. I am so lucky :)
On to listener feedback...
1 - 2 - Listener Feedback
Dave writes in:
is it possible to run a TOR server on a wrt54g? i have an extra one and i'd like to contribute to the tor network since i find myself using it quite frequently... if so, what would be the connection diagram for 2 wrt54gs connected to the internet through a dsl modem? thanks.
chavez writes in:
First of all thanks for your great shows. It's always very funny and instructive listening to your podcast or watching the video version. Keep up your work guys, it's great. :-)
I'm going to start my security career soon with special studies. I hope this will prepare me well; nevertheless I wanna play around with some stuff before university starts. So in episode 19 (the video version) you presented some wireless hardware, particularly an USB adapter. Usually I have a Windows XP on my laptop installed (I’m a software developer so far and my team uses Visual Studio so for convenience I use Windows XP) ;-) and run other stuff through a VMWare container. This works well but VMWare virtualizes my WLAN PCMCIA card to a normal Ethernet adapter. So I'm not able to use some special WLAN tools. I guess you're aware of this problem. For my first steps in the security field I decided to play around with some Linux security distros. But I don't wanna use them as live CDs, I wanna use them in my VMWare. Therefore I thought about using an USB WLAN adapter or maybe more as you guys mentioned in the video. But I'm not quite sure if this solution will work. Actually I looked a bit around and found some guys who say yes it will and some other with the opposite opinion. So what do you guys think, will this work? Can I use USB WLAN adapters as real WLAN adapters in a VMWare container? And if so, are there USB WLAN adapters out there that you recommend? I saw a bunch of them, but I'm a bit concerned about their capabilities.
I'll appreciate your help very much! Thanks in advance! Greetings Chavez
Chris writes in, and posts to the forum:
posted this in the fit forum
In episode 30, Paul mentioned using squid to monitor Internet Browsing and receiving alerts based on site content (some addition site). I am a novice user of Squid and will like to know what you were using to identify the criteria to be altered
[Music] Story Time With Twitchy
Twitchy tells us a hacking story about something...
3 - 4 - News
Episode31 Show Notes
Syngress question of the week: Name the actor who starred in Shaolin Master Killer (aka. 36 Chambers of Shaolin, Masta Killa). What style of Kung Fu does he practice? Bonus: What are his mandarin and cantonese names?
Core discount code impactbsg
SANS discount code is <pauldotcom>.
Thank you for listening, firstname.lastname@example.org, http://securityweekly.com Phone number Security Weekly Security Weekly, PO Box 860, Greenville RI, 02828