Episode280

From Security Weekly Wiki
Jump to navigationJump to search


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 280 for Thursday March 15th, 2012


  • DerbyCon Call for Papers and ticket registration is: coming up quickly - Friday May 4, 2012 at 10:00AM. The PaulDotCom crew will be in attendance for DerbyCon. Training begins Thursday September 27th and the DerbyCon conference runs the 28th thru 30th.
  • John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Whether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".

CCDC Competition Discussion

  • What is the Mid-Atlantic CCDC?
  • What is PaulDotCom doing here?
  • What did Larry and Darren build for the competition?
  • One of the most popular questions, what can blue teams do to survive?
  • What can the red team do to be more effective than ever before? (Armitage with Mudge???)
  • How can we watch the competition?

Stories

Paul's Stories

Larry's Stories

John's Stories

  1. TSA Full-Body Scanner Failure - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down.
  2. Digininja's Poll on Breaking into security - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful. Fill out the quiz at his site and help skew the results!
  3. Robin Wood breaks down leaked passwords from the phBB leak -
Top 10 base words
phpbb = 332 (0.18%)
password = 89 (0.05%)
dragon = 76 (0.04%)
pass = 70 (0.04%)
mike = 69 (0.04%)
blue = 67 (0.04%)
test = 66 (0.04%)
qwerty = 59 (0.03%)
alex = 58 (0.03%)
alpha = 53 (0.03%)

Top 10 passwords
123456 = 1 (0.0%)
password = 1 (0.0%)
phpbb = 1 (0.0%)
qwerty = 1 (0.0%)
12345 = 1 (0.0%)
12345678 = 1 (0.0%)
letmein = 1 (0.0%)
111111 = 1 (0.0%)
1234 = 1 (0.0%)
123456789 = 1 (0.0%)

Darren's Stories