Episode206

From Security Weekly Wiki
Jump to navigationJump to search


Sponsors

  • Tenable Network Security - This episode sponsored by Tenable network security. Tenable is a developer of enterprise vulnerability, compliance and log management software, but most notably the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more. Tenable also offers a Nessus Professional Feed to detect vulnerabilities in your network today! Tenable – Unified Security Monitoring!
  • Core Security - This episode is also sponsored by Core Security Technologies, helping you penetrate your network. Now version 10.0 with WiFi-fu good to go! Rock out with your 'sploit out! Listen to this podcast and qualify to receive a 10% discount on Core Impact, the worlds best penetration testing tool.
  • Trustwave Spiderlabs - Trustwave's SpiderLabs - providing advanced information security services to planet Earth. Visit them online at trustwave.com/spiderlabs!

"Thanks to our sponsors Tenable network security, the developer of enterprise vulnerability, compliance and log management software, but most notably the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more."

"Core Security Technologies, helping you penetrate your network. Rock out with your 'sploit out! Listen to this podcast and qualify to receive a 10% discount on Core Impact, the worlds best penetration testing tool. "

"and Cenzic, create a Hailstorm for your web applications! Sign up for a free trial of the Hailstorm software or scan remotely with their new online service to keep you web applications in check."

Now, Pull up a packet capture, pour a beer, and give the intern control of your botnet...."

Shameless Plugs & General Announcements

Welcome PaulDotCom Security Weekly - Episode 206 - For Thursday August 12, 2010.

  • Sign up for "Advanced Vulnerability Scanning Using Nessus" being offered at Brucon!
  • It is finished... The Official Metasploit class from John Strand and Ed Skoudis is now complete. Two full days of Metasploit insanity. Want 25% off? Use MET25 when you register for Boston on August 8th and 9th.
  • John Strand will be teaching SANS 560: Network Penetration Testing at SANS Virginia Beach August 29th - Sept 3. Come get shell and crabs with strandjs.
  • The Kansas City FBI InfraGard program is looking for some penetration testers to participate on the "Red Team" for an upcoming mock Cyber Warfare exercise. The event pits systems and security professionals from the community against each other in a live cyber attack on a replicated commercial network. We are looking participants with Pen-test experience, or someone who has some "daemons" they need to get out in a controlled environment. This is a community event, and all skill levels are welcome, please see http://cyber-raid.com for more info.

Tech Segment: Mark Baggett

Here is a follow up to Larry's segment in episode 170

MTCEXCP007:~ mark.baggett$ python userpass.py "Larry Pesche" Making Google Query http://www.google.com/m/search?q=site%3Alinkedin.com+%22Larry+Pesche%22+ &start=0&num=10 User Identified - First name: larry Last name: pesce ..Fetching Linkedin Profile http://www.linkedin.com/pub/larry-pesce/3/5b7/671 ..Found 2 Linkedin page references. ..Launching CEWL for http://www.haxorthematrix.com ..Launching CEWL for http://www.carene.org End of Google search results reached. The we turn on the -t option!!! MTCEXCP007:~ mark.baggett$ python userpass.py "Larry Pesche" -t Making Google Query http://www.google.com/m/search?q=site%3Alinkedin.com+%22Larry+Pesche%22+ &start=0&num=10 User Identified - First name: larry Last name: pesce ..Fetching Linkedin Profile http://www.linkedin.com/pub/larry-pesce/3/5b7/671 ..Using TinEye.com on photo http://media.linkedin.com/mpr/mpr/shrink_80_80/p/1/000/002/321/1db861b.j pg ....Adding 3 TinEye.com Pages. ..Found 5 Linkedin page references. ..Launching CEWL for http://www.haxorthematrix.com ..Launching CEWL for http://www.carene.org ..Launching CEWL for http://www.whitehatworld.com/staff.html ..Launching CEWL for http://twitter.com/haxorthematrix/statuses/2558897453 ..Launching CEWL for http://twitter.com/haxorthematrix/statuses/2578059732 End of Google search results reached. MTCEXCP007:~ mark.baggett$ Company searches... MTCEXCP007:~ mark.baggett$ python userpass.py "SANS Institute" -g 1 Making Google Query http://www.google.com/m/search?q=site%3Alinkedin.com+%22SANS+Institute%2 2+&start=0&num=10 User Identified - First name: summer Last name: e. ..Fetching Linkedin Profile http://www.linkedin.com/pub/summer-e-porter-sans-institute-affiliate-pro gram/9/391/755 ..Found 1 Linkedin page references. ..Launching CEWL for http://www.sans.org User Identified - First name: sans Last name: institute ..Fetching Linkedin Profile http://www.linkedin.com/in/sansinstitute ..Found 3 Linkedin page references. ..Launching CEWL for http://www.sans.edu/resouces/securitylab ..Launching CEWL for http://blogs.sans.org/security-leadership ..Launching CEWL for http://www.sans.org User Identified - First name: pedro Last name: bueno ..Fetching Linkedin Profile http://www.linkedin.com/in/pedrobueno ..Found 3 Linkedin page references. ..Launching CEWL for http://handlers.sans.org/pbueno ..Launching CEWL for http://www.mysectools.com ..Launching CEWL for http://www.avertlabs.com/research/blog/ User Identified - First name: jason Last name: rowe ..Fetching Linkedin Profile http://www.linkedin.com/in/metasec ..Found 1 Linkedin page references. ..Launching CEWL for http://www.metasec.net User Identified - First name: seth Last name: misenar ..Fetching Linkedin Profile http://www.linkedin.com/in/sethmisenar ..Found 3 Linkedin page references. ..Launching CEWL for http://giac.org/certified/certmatters/seth_misenar.php ..Launching CEWL for http://twitter.com/sethmisenar ..Launching CEWL for http://www.giac.org/certified_professionals/fulllisting.php

Guest Interview: [Barnaby Jack ]

Stories For Discussion

Other Stories of Interest