From Security Weekly Wiki
Jump to navigationJump to search

Announcements& Shameless Plugs

PaulDotCom Security Weekly - Episode 255 for Thursday August 18th, 2011.

  • Don't miss our podcast next Friday night at 7:30 PM with Mark Russinovich!
  • If you couldn't make it to BlackHat, then consider instead the always fabulous SANS Las Vegas for "Advanced Vulnerability Scanning Techniques Using. Nessus" Saturday, September 17 - Sunday, September 18.
  • We want your feedback for a new show! Remember the vintage episodes dubbed "Listener Feedback"? We want to re-visit this idea, field questions from the audience and make it a show! If you listen to the Security Weekly podcast and have questions about techincal topics, please submit them! We plan to address the "n00b" questions and issues in a traditional PaulDotCom format. Send suggestions to the PaulDotCom Mailing List. Thanks!

Guest Interview: Dr. Timothy "Thor" Mullen


7:30 PM EDT

Johnny Long says: "Most recognize Thor as the Norse god of thunder with massive powers of destruction. Few realize that he was also the god of restoration. Likewise, his namesake, Timothy "Thor" Mullen, has spent his entire adult life both destroying and restoring Microsoft-based security systems. Thor's Microsoft Security Bible conveys the wisdom and expertise of the industry legend that has defined the bleeding edge of Microsoft security for over twenty years. I highly recommend this book."

Thor's Microsoft Security Bible: A Collection of Practical Security Techniques

  1. How did you get your start in information security?
  2. You've contributed to the Hacker’s Challenge, the Stealing the Network series, and now your new book. What led you to try your hand at being an author? What guidance or tips would you give to someone looking to write a book?
  3. What are some of the mistakes folks make concerning logs?
  4. Tell us about "Thor's Managed Interface Log Fetcher(MILF)" (™)
  5. What do you mean by "Anytime you see a reference to xp_cmdshell in any SQL solution, it should raise a red flag"?
  6. In your book and on Symantec's blog, you go further into Blocking Traffic by Country on Production Networks. Did anything surprise you about that research?
  7. Tell us about your work for Security Focus.
  8. Do you still believe that in certain circumstances, it's OK to fight back?

Stories For Discussion

Larry's Stories

Paul's Stories