= Announcements =
PaulDotCom Security Weekly - Episode 216 - For Thursday October 21st, 2010.
* [http://www.hackersforcharity.org/hackers-for-charity/announcing-hack3rcon/ Announcing Hack3rcon!]The con will take place on Oct 23-24, 2010 at the Charleston Civic Center, alongside CharCon, a gaming conference that will interest many of you as well. Tickets are $40 for the whole weekend. Our very own Carlos Perez will be speaking!
* Register NOW for [http://ws.coresecurity.com/DontCallItAComeBacktwt.html Blue Teams: "Don't Call It a Comeback"] presentation with Core Security Technologies on Wednesday, November 11, 2010 at 2pm EST]
= Tech Segment: Things in Kismac That Surprise Me =
Kismac is a great wireless hacking tool, I found some neat things:
* It supports your Alfa USB card with the RTL8187L chipset* Do not install the Realtek drivers. They have crabs and cause your card not to work with Kismac* Kismac supports WEP cracking for weak keys, Newsham 21 bit attack, regular brute-forcing, and wordlists
* It works with your internal Airport card
* It will put your internal airport card in monitor mode
* No interface gets created by Kismac when using Alfa USB, which is a bummer
= Tech Segment: Defcon
PaulDotCom Badge Challenge =
This year we conducted another contest for DEFCON. While it wasn't for a party badge, it was for bragging rights and a cool laser cut badge. Here's the solution:
= Guest Interview: [http://www.offensive-security.com/about/ Mati "Muts" Aharoni] & [http://twitter.com/#!/humanhacker Chris Hadnagy] =
Mati is the founder of Offensive Security. His day to day work involves vulnerability research, exploit development and whitebox / blackbox Penetration Testing. In addition, he is the lead writer and trainer for many of the “Offensive Security” courses, which focus on attacker tools and methodologies. Mati has been training security and hacking courses for over 13 years and is actively involved in the security arena, and is one of the core developers of the BackTrack live CD.
# Topic - Tools Vs. Skills - How much do you rely on tools? Do inexperienced people give tools a bad name? Should you be an expert in tools, techniques, or both? If you're just starting out, don't tools help you? If you are experienced, should you write all your own tools or use other people's? What about customizing tools?
#[http://news.cnet.com/8301-17852_3-20019874-71.html?part=rss&subj=news&tag=2547-1_3-0-20 Thief backs up data.] - [Larry] - Man gets laptop stolen. Man admits he's ba at backing up. Thief backs up data and mails to victim. Aww, how nice. Wait, what?
#[http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/HDjjqBp4uYo/ If everyone was jumping off a bridge...] - [
Pauldotcom] - Scott from NW posted an article on cloud security. Scott's arguement was that since salesforce.com says they are secure, and "everyone" (77k+ users) is using then, then it must be secure. Secure cloud review puts Scott in check, stating that just because everyone is doing it doesn't mean its the right thing. I think something that plays into this is that yes, people are jumping off the bridge, landing in the water, and swimming to shore unharmed. Since no one is apparently getting hurt, then its okay and the cloud is secure. What about the people with ear infections, parasites, or those who get run over by a boat? Until that happens, people will keep jumping. All it takes is one big data breach and salesforce is no more. What you need to decide is if its aceptable risk for YOU. Will you lose your company if saleforce succombs to a data breach? Thats the decisions you need to make.#[http://newschoolsecurity.com/2010/10/seriously-are-we-still-doing-this-crap-rant-mode-1/ Six "Enterprise" Security leaks?] - [ Pauldotcom] - I'm all for ripping on article, but I think that the new school of infosec went a little overboard on this one. A computer world article was published titled, "Six Enterprise Security leaks you should plug right now". New school ripped on them for not covering the flaws that lead to most data breaches. THe first was actually not bluetooth rifles, which new school says could only be used to get address books. I think this is largely not true. First, if someone did penetrate a mobile phone, how would you know? What mechanisms are in places at most organizations to detect this? My answer: very little. With bluetooth, or wifi, you can get more than the address book. How about stored credentials? Uploading malware? OR Josh's example of using bluetooth as a listening device? While computer world was a little off its rocker, I think the main critism new school missed was: Physical access. You need some sort of physical acess in order to pull off these attacks, therefore lowing the risk. Now, still think an area that will make wireless security explode in people's face's like a TNT laced cigar is accessing devices remotely, then using the built-in wireless to attack other wireless devies. This should be an active area of research. Then there are printers. We all know, I just don't agree with dismissing printer security. Use shodan, there are printers on the Internet. Oh yea, and your relying on your firewall to protect your printers. Do this, pretend your firewall isn't there, then defend your network. So you've patched everything you can, use enryption between your workstations/server, and guess what? I will attack your printer, because most don't support enryption, no one patches them, the protocols implement weak, if any security, and no one seems to log information from the printers. Its not about doing what everyone else is doing, its about protecting whats important to you, not what the media is discussing.#[http://reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=0 0day in MOXA MDM Tool] - [ pauldotcom] - MOXA makes industrial/SCADA products, and Ruben has released an 0day for their products. Ruben states, "I've not notified the vendor because: I am not working for them and They don't have a security contact publicly available" I'm going to be honest, control systems vendors need to wake up and pay attention to security researchers. Having a security contact is not a bad thing.#[http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/CSy0xG_qgGU/ Wall Of Shame: Pros Cons?] - [ pauldotcom] - I think this is a great educational tool, provided its done correctly. I believe we need to use real data, and shame people into being secure. Its similar to showing teenagers the effects of STDs, child birth, etc... Does that stop teenagers from having sex? No. Okay, so maybe thats a bad example. On the flip side, if people can see, or even better experience, something bad happen it makes them more aware. However, with a wall of sheep, they don't truly experience the full brunt of the baddness, as most wall of shame data is obfuscated and an attacker does not get your password. However, if every open Wifi network had a wall of shame, we might see users change, would we?
= Other Stories of Interest =