Difference between revisions of "Episode287"

From Security Weekly Wiki
Jump to navigationJump to search
m (Text replacement - "\{\{\#ev\:bliptv\|(.*)\}" to "\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]")
 
(19 intermediate revisions by 4 users not shown)
Line 3: Line 3:
 
= Announcements & Shameless Plugs =
 
= Announcements & Shameless Plugs =
  
PaulDotCom Security Weekly - Episode 287 for Thursday May 10th, 2012
+
Security Weekly - Episode 287 for Thursday May 10th, 2012
  
 
* Register today for [https://www.sans.org/sansfire-2012/description.php?tid=5051 Offensive Countermeasures: Defensive Tactics That Actually Work] at SANSFIRE  July 7, 2012 - July 8, 2012 with the freewheeling, piano playing & clown loving John Strand!
 
* Register today for [https://www.sans.org/sansfire-2012/description.php?tid=5051 Offensive Countermeasures: Defensive Tactics That Actually Work] at SANSFIRE  July 7, 2012 - July 8, 2012 with the freewheeling, piano playing & clown loving John Strand!
  
* You can watch us live at http://pauldotcom.com/live or watch the recorded episodes on Ustream  
+
* You can watch us live at http://securityweekly.com/live or watch the recorded episodes on Ustream
 +
 
 +
=Episode Media=
 +
 
 +
[http://traffic.libsyn.com/pauldotcom/PaulDotCom-287-Part1.mp3 MP3 pt 1]
 +
 
 +
[http://traffic.libsyn.com/pauldotcom/PaulDotCom-287-Part2.mp3 MP3 pt 2]
 +
 
  
* Check out our new shows: [http://hacknaked.tv Hack Naked TV] with John Strand, [http://www.hacknakedatnight.tv Hack Naked At Night] with Larry and Darren, [http://pauldotcom.com/espanol PaulDotCom Espanol] with Carlos Perez and our only non-computer security related show dedicated to Cigar Enthusiasts [http://www.stogiegeeks.com Stogie Geeks] with Paul Asadoorian and Tim "BugBear" Mugherini.
 
  
 
= Special Guest: Anton Chuvakin=  
 
= Special Guest: Anton Chuvakin=  
 +
<center>\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]}</center>
  
 
== Introduction ==
 
== Introduction ==
Line 20: Line 27:
  
 
== Questions ==
 
== Questions ==
 +
 +
# How did you get your start in information security?
 +
# Lots of people have a SEIM, and lots of people get hacked, what are they doing wrong?# With the volume of information the SEIM provides, how can we better weed through this information?
 +
# Many will state they cannot monitor everything, what should they monitor if they pick and choose?
 +
# How do you feel about a "poor man's SEIM" such as a Linux Syslog server?
 +
# From Jack ''Anton was way ahead of the curve on the significance of log management and log analysis, and he seemed to get tired of preaching it a couple of years ago.  We talked at RSA that maybe the time has come and people are starting to take it seriously.'' So, are people starting to take log management seriously? Why now? What has been wrong with log management in the past?
 +
# What's the difference between compliance and security?
 +
# How does PCI help people?
 +
# How can PCI hurt organization's security?
 +
 +
5 questions:
 +
 +
1) Windows , OS X, Linux, or OS/2 Warp
 +
 +
2) In a game of ass grabby grabby, would you prefer to go first or second?
 +
 +
3) If you had to streak naked through a security conference, would you rather try to cover yourself up the a printout of the PCI standard, a printout of one day worth of system logs, or a the fortune from a fortune cookie?
 +
 +
4) Three words to describe yourself
 +
 +
5) If you had to write a book about yourself, what would the title be?
  
 
= Guest Tech Segment: Daniel Martin=  
 
= Guest Tech Segment: Daniel Martin=  
 +
<center>\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]}</center>
 +
== Questions ==
 +
* What was the initial itch you wanted to scratch when you created Dradis?
 +
* What would you have done differently in the beginning with what you know now?
 +
* Why did you chose to do it in Ruby?
 +
* How has the community involvement and contribution be?
 +
* Are there any commercial plans for Dradis?
 +
== Teasers & Plugs ==
  
Daniel Martin is a member of the Dradis Framework Core Team and founder of Security Roots Ltd. He blogs at usefulfor.com and can be found on Twitter as @etdsoft.
+
* Be sure to tune in to next week's show featuring wireless security expert Cedric Blancher! That's Thursday May 17, 2012 at 6PM EDT
  
[http://dradisframework.org Dradis] is an open source framework to enable effective information sharing, specially during security assessments.
+
* Check out our new shows: [http://hacknaked.tv Hack Naked TV] with John Strand, [http://www.hacknakedatnight.tv Hack Naked At Night] with Larry and Darren, [http://securityweekly.com/espanol Security Weekly Espanol] with Carlos Perez and our only non-computer security related show dedicated to Cigar Enthusiasts [http://www.stogiegeeks.com Stogie Geeks] with Paul Asadoorian and Tim Mugherini.
  
 +
== About Daniel ==
  
[http://securityroots.com Security Roots Ltd ] for Dradis Professional Edition
+
Daniel Martin is a member of the Dradis Framework Core Team and founder of Security Roots Ltd. He blogs at usefulfor.com and can be found on Twitter as @etdsoft. [http://dradisframework.org Dradis] is an open source framework to enable effective information sharing, specially during security assessments. [http://securityroots.com Security Roots Ltd ] for Dradis Professional Edition
 
 
  
 
[http://vulndbhq.com VulnDB HQ (platform to manage vuln. data for reports)] is a platform that lets you build and maintain a vulnerability database. "Why does your team need to write up the same vulnerability descriptions again and again?  How much time will you save if you could reuse issue descriptions from previous reports?"
 
[http://vulndbhq.com VulnDB HQ (platform to manage vuln. data for reports)] is a platform that lets you build and maintain a vulnerability database. "Why does your team need to write up the same vulnerability descriptions again and again?  How much time will you save if you could reuse issue descriptions from previous reports?"
Line 41: Line 77:
 
* Larry is teaching for SANS, check out [http://www.sans.org/instructors/Lawrence-Pesce Larry's very own dedicated page on the SANS web site] for a complete list.
 
* Larry is teaching for SANS, check out [http://www.sans.org/instructors/Lawrence-Pesce Larry's very own dedicated page on the SANS web site] for a complete list.
  
* DerbyCon Call for Papers and Ticket Registration is: [https://www.derbycon.com/2012/02/02/derbycon-announcements/ happening NOW]. The PaulDotCom crew will be in attendance for DerbyCon.  Training begins Thursday September 27th and the DerbyCon conference runs the 28th thru 30th.  
+
* DerbyCon Call for Papers and Ticket Registration is: [https://www.derbycon.com/ available online]. If you have not yet registered or submitted a talk, please do so now.  
  
 
* Security BSides everywhere: Iowa, London, Chicago, Austin, Charleston, more. http://www.securitybsides.com/ - We have 5 BSides tickets to give away! Listen to the instructions at the end of Episode 282 for complete details!
 
* Security BSides everywhere: Iowa, London, Chicago, Austin, Charleston, more. http://www.securitybsides.com/ - We have 5 BSides tickets to give away! Listen to the instructions at the end of Episode 282 for complete details!
Line 58: Line 94:
 
#[http://www.networkworld.com/news/2012/050812-security-error-in-os-x-259081.html?source=nww_rss Security error in OS X 10.7.3 exposes passwords for legacy FileVault users]
 
#[http://www.networkworld.com/news/2012/050812-security-error-in-os-x-259081.html?source=nww_rss Security error in OS X 10.7.3 exposes passwords for legacy FileVault users]
 
#[http://carnal0wnage.attackresearch.com/2012/05/from-low-to-pwned-6-sharepoint.html From LOW to PWNED [6] SharePoint]
 
#[http://carnal0wnage.attackresearch.com/2012/05/from-low-to-pwned-6-sharepoint.html From LOW to PWNED [6] SharePoint]
 
== Jack's Stories ==
 

Latest revision as of 16:28, 29 June 2017


Announcements & Shameless Plugs

Security Weekly - Episode 287 for Thursday May 10th, 2012

Episode Media

MP3 pt 1

MP3 pt 2


Special Guest: Anton Chuvakin

\Visit The Security Weekly YouTube Channel for all of our latest videos\!\}

Introduction

Dr. Anton Chuvakin is a Research Director at Gartner's IT1 Security and Risk Management Strategies team. He is a recognized security expert in the field of log management, SIEM and PCI DSS compliance and author of "Security Warrior" and "PCI Compliance".

Chuvakin.jpg

Questions

  1. How did you get your start in information security?
  2. Lots of people have a SEIM, and lots of people get hacked, what are they doing wrong?# With the volume of information the SEIM provides, how can we better weed through this information?
  3. Many will state they cannot monitor everything, what should they monitor if they pick and choose?
  4. How do you feel about a "poor man's SEIM" such as a Linux Syslog server?
  5. From Jack Anton was way ahead of the curve on the significance of log management and log analysis, and he seemed to get tired of preaching it a couple of years ago. We talked at RSA that maybe the time has come and people are starting to take it seriously. So, are people starting to take log management seriously? Why now? What has been wrong with log management in the past?
  6. What's the difference between compliance and security?
  7. How does PCI help people?
  8. How can PCI hurt organization's security?

5 questions:

1) Windows , OS X, Linux, or OS/2 Warp

2) In a game of ass grabby grabby, would you prefer to go first or second?

3) If you had to streak naked through a security conference, would you rather try to cover yourself up the a printout of the PCI standard, a printout of one day worth of system logs, or a the fortune from a fortune cookie?

4) Three words to describe yourself

5) If you had to write a book about yourself, what would the title be?

Guest Tech Segment: Daniel Martin

\Visit The Security Weekly YouTube Channel for all of our latest videos\!\}

Questions

  • What was the initial itch you wanted to scratch when you created Dradis?
  • What would you have done differently in the beginning with what you know now?
  • Why did you chose to do it in Ruby?
  • How has the community involvement and contribution be?
  • Are there any commercial plans for Dradis?

Teasers & Plugs

  • Be sure to tune in to next week's show featuring wireless security expert Cedric Blancher! That's Thursday May 17, 2012 at 6PM EDT

About Daniel

Daniel Martin is a member of the Dradis Framework Core Team and founder of Security Roots Ltd. He blogs at usefulfor.com and can be found on Twitter as @etdsoft. Dradis is an open source framework to enable effective information sharing, specially during security assessments. Security Roots Ltd for Dradis Professional Edition

VulnDB HQ (platform to manage vuln. data for reports) is a platform that lets you build and maintain a vulnerability database. "Why does your team need to write up the same vulnerability descriptions again and again? How much time will you save if you could reuse issue descriptions from previous reports?"

Stories

Some More Plugs

  • DerbyCon Call for Papers and Ticket Registration is: available online. If you have not yet registered or submitted a talk, please do so now.
  • Security BSides everywhere: Iowa, London, Chicago, Austin, Charleston, more. http://www.securitybsides.com/ - We have 5 BSides tickets to give away! Listen to the instructions at the end of Episode 282 for complete details!

Paul's Stories

  1. CVE-2012-1675 Oracle Database TNS Poison 0Day Video Demonstration - Looks like this vulnerability allows you to MiTM or control others TNS sessions. It was reported in 2008 and just now published. I wonder how many other people found it in the mean time? Looks like there is no patch, but some workarounds.
  2. Breaking in to Security - Survey Conclusions - Really neat survey!
  3. Tampon-Shaped USB Drive - There's a joke in there somewhere, talk about data leakage!
  4. Security Fail - Really funny, don't leave Wifi passwords on the wall.
  5. DNSChanger Trojan: Not All Doom and Gloom - July 9th is fast approaching!
  6. Don’t let them scare you - Defensive recommendations include Configuration Management, Patch Management , Up-to-Date AV, Application Whitelisting. Agree?
  7. Web Application Firewalls and the False Sense of Security They can Create - I'm leaning more towards solutions that actually fix the problem, rather than mask it. Firewalls and network segmentation are great, but don't rely too much on them. Patching, config management, and a development process that weeds out security vulns.
  8. Jetting off abroad? Pack protection ... for your Wi-Fi - The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products on their hotel internet connection
  9. PHP devs lob second patch at super-critical CGI bug
  10. Security error in OS X 10.7.3 exposes passwords for legacy FileVault users
  11. From LOW to PWNED [6 SharePoint]