Episode274

From Security Weekly Wiki
Jump to navigationJump to search


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 274 for Thursday January 19th, 2012.

  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Wether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being relesaed and talk "Stogie Tech".

Interview: HD Moore

HD is Chief Security Officer at Rapid7 and founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. He is also known for his work in WarVOX, AxMan, the Metasploit uncloaking Engine and the Rogue Network Link Detection Tools.

HD.jpeg

HD was last on PaulDotCom in Episode 200, June 2010

Guest Tech Segment: Dave "Rel1K' Kennedy on SET 3.0

Dave is a security ninja who regularly crushes pirates and vikings with his man hugs. A founder of DerbyCon, Dave likes to write exploits and is heavily involved with BackTrack and the Social-Engineer Framework. Dave is on to give us a glimpse into SET v3.0: "The Baby Knuckles" edition.

Paul's Stories

Larry's Stories

  1. SE Android - [Larry] - From the builders of the SE Linux project (yes the NSA), we now have the SE Android project. It would be neat to see the adoption of the SE Android stuff into the Android kernel, much like the SE Linux stuff seeing integration into the generic kernel. Of course, I'm sure that it still does not include any FDE…
  2. Mixed case DNS? - [Larry] - I'm not sure of what this really means yet. However what does camel case DNS queries do? this whole addition of the 0x20 bit encoding is interesting. Johannes says this might be good for additional spoof protection, but I'm wondering if there might be some options for abuse - IE the encoding into binary for data exfiltration.
  3. [http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2012/01/16/BA8T1MQ4E5.DTL City College infected with some sort of data exfiltrating "virus" for 10 years. Appears to have been communicating with Russia, and appears to have started in a computer lab frequented by international students. First, how can they tell it goes back 10 years? Do they really have tcp traffic that goes back that far? Second, I love these quotes from one of the trustees:
Trustee Chris Jackson, also at the presentation, said he was concerned that City College has spent a lot of money on security over the years, but has gotten little in return.
"The most basic level of encryption for our computers was never put in place," he said. "That's unconscionable."
Peter Goldstein, the college's vice chancellor for finance, defended the college's past efforts at virus protection, saying the school had two firewalls.

FACEPALM.

  1. bypass linux screen locks - [Larry] - Yay, poorly monitored git code commits. Want to disable X.org screen locks? just hit CTRL ALT *…

Jack's Stories