Difference between revisions of "Episode280"

From Security Weekly Wiki
Jump to navigationJump to search
Line 37: Line 37:
 
[http://www.schneier.com/blog/archives/2012/03/video_shows_tsa.html TSA Full-Body Scanner Failure] - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down.
 
[http://www.schneier.com/blog/archives/2012/03/video_shows_tsa.html TSA Full-Body Scanner Failure] - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down.
 
[http://www.digininja.org/projects/breaking_in_interim.php Digininja's Poll on Breaking into security] - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful.  Fill out the [http://www.digininja.org/projects/breaking_in_interim.php quiz].
 
[http://www.digininja.org/projects/breaking_in_interim.php Digininja's Poll on Breaking into security] - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful.  Fill out the [http://www.digininja.org/projects/breaking_in_interim.php quiz].
 +
[http://www.digininja.org/projects/pipal.php Robin Wood breaks down leaked passwords from a recent leak] -
 +
 +
<pre>
 +
Top 10 base words
 +
phpbb = 332 (0.18%)
 +
password = 89 (0.05%)
 +
dragon = 76 (0.04%)
 +
pass = 70 (0.04%)
 +
mike = 69 (0.04%)
 +
blue = 67 (0.04%)
 +
test = 66 (0.04%)
 +
qwerty = 59 (0.03%)
 +
alex = 58 (0.03%)
 +
alpha = 53 (0.03%)
 +
 +
Top 10 passwords
 +
123456 = 1 (0.0%)
 +
password = 1 (0.0%)
 +
phpbb = 1 (0.0%)
 +
qwerty = 1 (0.0%)
 +
12345 = 1 (0.0%)
 +
12345678 = 1 (0.0%)
 +
letmein = 1 (0.0%)
 +
111111 = 1 (0.0%)
 +
1234 = 1 (0.0%)
 +
123456789 = 1 (0.0%)
 +
 +
</pre>
  
 
== Darren's Stories ==
 
== Darren's Stories ==

Revision as of 20:29, 15 March 2012


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 280 for Thursday March 15th, 2012


  • John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Whether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".


CCDC Competition Discussion

  • What is the Mid-Atlantic CCDC?
  • What is PaulDotCom doing here?
  • What did Larry and Darren build for the competition?
  • One of the most popular questions, what can blue teams do to survive?
  • What can the red team do to be more effective than ever before?
  • How can we watch the competition?

Stories

Paul's Stories

Larry's Stories

John's Stories

TSA Full-Body Scanner Failure - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down. Digininja's Poll on Breaking into security - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful. Fill out the quiz. Robin Wood breaks down leaked passwords from a recent leak -

Top 10 base words
phpbb = 332 (0.18%)
password = 89 (0.05%)
dragon = 76 (0.04%)
pass = 70 (0.04%)
mike = 69 (0.04%)
blue = 67 (0.04%)
test = 66 (0.04%)
qwerty = 59 (0.03%)
alex = 58 (0.03%)
alpha = 53 (0.03%)

Top 10 passwords
123456 = 1 (0.0%)
password = 1 (0.0%)
phpbb = 1 (0.0%)
qwerty = 1 (0.0%)
12345 = 1 (0.0%)
12345678 = 1 (0.0%)
letmein = 1 (0.0%)
111111 = 1 (0.0%)
1234 = 1 (0.0%)
123456789 = 1 (0.0%)

Darren's Stories