From Security Weekly Wiki
Jump to navigationJump to search

Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 280 for Thursday March 15th, 2012

  • DerbyCon Call for Papers and ticket registration is: coming up quickly - Friday May 4, 2012 at 10:00AM. The PaulDotCom crew will be in attendance for DerbyCon. Training begins Thursday September 27th and the DerbyCon conference runs the 28th thru 30th.
  • John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Whether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".

CCDC Competition Discussion

  • What is the Mid-Atlantic CCDC?
  • What is PaulDotCom doing here?
  • What did Larry and Darren build for the competition?
  • One of the most popular questions, what can blue teams do to survive?
  • What can the red team do to be more effective than ever before? (Armitage with Mudge???)
  • How can we watch the competition?


Paul's Stories

  1. Rumors are that Anonymous is going to turn to DNS amplification for their next attack - "Each of these [DSN requests] is chosen so that it generates a large response, much larger than the queries themselves. The server will then send these large responses to the victim machine, inundating it with traffic".
  2. FBI's DNSChanger deadline extended to July from March - "The FBI's DNSChanger deadline extension has been approved by a US Federal Court, buying infected punters more time to clean up their systems."... "The DNSChanger Clean DNS Servers Will Be Turned Off On July 9, 2012" "The move means that machines riddled with the Trojan will still be able to use temporary DNS servers to resolve internet addresses until 9 July. Before the order was granted, infected machines would not have been able to surf the web or handle email properly after 8 March, the previous expiry date of the safety net."
  3. Doxing and counterDoxing - Story on how Sabu was doxed by former Anons (Backtrace security) and how Sabu doxed back.

Larry's Stories

John's Stories

  1. TSA Full-Body Scanner Failure - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down.
  2. Digininja's Poll on Breaking into security - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful. Fill out the quiz at his site and help skew the results!
  3. Japanese researchers build a gun capable of stopping speakers in mid-sentence. - "Psychologists have known for some years that it is almost impossible to speak when your words are replayed to you with a delay of a fraction of a second. [Researchers] have simply built a handheld device consisting of a microphone and a speaker that does just that: it records a person's voice and replays it to them with a delay of about 0.2 seconds. The microphone and speaker are directional so the device can be aimed at a speaker from a distance, like a gun."
  4. Robin Wood breaks down leaked passwords from the phBB leak -
Top 10 base words
phpbb = 332 (0.18%)
password = 89 (0.05%)
dragon = 76 (0.04%)
pass = 70 (0.04%)
mike = 69 (0.04%)
blue = 67 (0.04%)
test = 66 (0.04%)
qwerty = 59 (0.03%)
alex = 58 (0.03%)
alpha = 53 (0.03%)

Top 10 passwords
123456 = 1 (0.0%)
password = 1 (0.0%)
phpbb = 1 (0.0%)
qwerty = 1 (0.0%)
12345 = 1 (0.0%)
12345678 = 1 (0.0%)
letmein = 1 (0.0%)
111111 = 1 (0.0%)
1234 = 1 (0.0%)
123456789 = 1 (0.0%)

Darren's Stories