From Security Weekly Wiki
Jump to navigationJump to search
7,033 bytes added ,  15:08, 11 September 2008
no edit summary

= Sponsors =

== Core Security ==

This episode is sponsored by Core Security Technologies, helping you penetrate your network. Rock out with your 'sploit out and check out the client side exploit and web application testing modules! Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.

== Tenable ==

This podcast is also sponsored by Tenable network security. Tenable is a developer of enterprise vulnerability, compliance and log management software, but most notibly the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more. Tenable also offers a Direct Feed subscription for immediate access to new Nessus plugins, and compliance checks” Tenable – Unified Security Monitoring!

== Astaro ==

Astaro offers the most complete and easy to use Internet security appliances available. The products combine best of breed applications, the proven quality of Linux and enterprise level performance, providing the latest protection with the best total cost of ownership. All products are available as software, hardware or virtual appliances, which allows users the flexibility to meet a wide variety of deployment scenarios.

One of the best things about Astaro is that it offers its products completely free for home use. All enterprise features and all subscriptions, including virus scanning, web content filtering, email filtering and VPN clients, are available in the home license for no cost. All you have to do is visit, register, download the software and obtain the key, which protects up to 10 IPs. There are no sales people to talk to, no payment information to enter—it’s just free. Again, visit for more information or to download the product and free home user license.

= Announcements & Shameless Plugs =

Live from the PaulDotCom Studios Welcome to PaulDotCom Security Weekly, Episode 122 for September 11th, 2008

Welcome to PaulDotCom Security Weekly, a show for security professionals, by security professionals. This week with a special guest in the studio!

* [ PaulDotCom SANS Click-Through] - Go there, register for fabulous SANS training! Go now!
* [ ICE (Integrated Cyber Exercise) - Oct. 1-3 at SANS Las Vegas!] - Interview in this episode!
* NS2008! Paul giving keynote: Things That Go Bump In The Network: Embedded Device (In)Security and teaching SEC535, Network Security Projects Using Hacked Wireless Routers! Don't forget our live podcast immediately following!
* [ "I met you yesterday at SANS and was wondering if you could help me promote my mentor session of SEC508 starting on September 23rd. If you could forward this invitation onto your network of contacts, that would be awesome."] - Evan
* Beer, Facebook, Linkedin, Twitter

= Jay Beale Interview =

= Listener Feedback: Listener Scott Is Evil =

"Sorry if you spoke about this, but I'm still catching up on your
shows. I'm not an expert on how the browser and SSL works, but I
worry about this being true. Also, if this works, I'm a little
hesitant to mention this because it could be used.
I was wondering about using the DNS vulnerability to hijack domains.
I hear a lot of people saying people can't hijack SSL secured domain
because the certificate wouldn't validate. Well I can see that you
can't spoof the root certificate authorities because the certificates
are preloaded in the browser. However, can someone get a certificate
able to issue other certificates from a trusted root certificate
authority and then sign the phony web page with it. This
way when my browser goes to the phony website, it will tell
my browser it was signed by "", then my browser should check
to see if "" is valid, and it would pass because it was
signed by a root CA. So by browser should be happy and not even alert
me anything is wrong and give me an SSL pad lock, maybe even an
extended certificate, if you can issue those from a normal cert
(because I doubt bad people would front a business for an EV cert).
Is this how the browser chain of trust works? What did I miss to
prevent people from doing this?
Thanks and I promise to catch up on all the past shows.

= Stories Of Interest =

[ Cheap SSD Drives] - [Larry] great, they are getting cheap - 32 Gig for $99, although slower and more power hungry than spinning disk. I bring this up, because the SSD drives provide a significant barrier to recovering deleted and or modified. This makes it very difficult to perform any type of forensics on these drives. How, as an industry do we deal with this situation? Not allow for system disks to utilize SSD?

[ Encryption is great!] - [Larry] - but bad implementations, and those that retrieve encrypted passwords are bad. We say all the time to use tried and try encryption algorithms, an this USB key manufacturer did just that. However, they added the ability for the password that is also used to access the device to be checked against a history of passwords. This function resides in memory, and brute force of the passwords can be conducted.

[ SCADA Attack released] - [Larry] - No offense to Kevin, but this is a re-implementation of the attack released by CORE a month or so back. So why does this one seem to get more press? This implementation is a Metasploit module. Yep, you can attack the latest in SCADA vulnerabilities for free.

[ You own the hardware] - [Larry] - You own the hardware, so tinker with it. There is already some folks poking at the Esquire magazine E-ink cover. Sure, not a device that has huge security implications, but take ownership of all of the other small (or large) devices that you network in your home or office.

[ Twitter to spread malware] - [Larry] - I'd have liked to see more, less user interaction. See blog post.

[ NMAP 4.75 released] - [Larry] - Now with network MAPS. Go figure. Even faster too!. I hope Paul has a tech segment on this one coming up. :-)

[ New e-mail attack tactic?] - [Larry] - Ugh. This one is new to me. The attacker looking to deliver an attack via e-mail send a COMPLAINT that you've been spamming, and here are the logs. The logs are of course an executable with malware.


Navigation menu