(15 Seconds of silince)
(get all the laughter out)
(Record the Welcome Intro)
Theme Music, Episode 27 for May 13, 2006
"Welcome to PaulDotCom Security Weekly, Episode 27 for May 13, 2006"
From the PSW studios
“Welcome to this edition of PaulDotCom Security Weekly, a show for the listeners, because, well, without you we're just a bunch of guys at a bar drinking beer."
"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and we've also got our extra pecial host Twitchy.
Hello to all of our live audience listeners via Skypecast!
This episode is sponsored by Syngress Publishing, its like porn for hackers, crackers, and IT security professionals.
Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
Last weeks winner was Stefan who stated the correct answer:
"SCORE! Get the lotion!" alerts on users surfing porn, appeared in snort 1.8.2 and can be found in the file classification.config.
This episode is also sponsored by Core Security Technologies.
Larry: Use Core impact to penetrate your network day and night and not get tired!
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!
Big thank you to Paul T. for sending us beer ffrom teh great NoethWest - Stone Brewery "Arrogant Bastard", which Larry matched with His 2003 vintage "Double Bastard". Thanks so much!
Announcement: Thank you to all the wonderful folks on #pauldotcom channel on irc - irc.freenode.net, Jon 335, blackdragon both made submissions that we will talk about on the show! Also, don't forget the forums over at www.friendsintech.com for those who are IRC newbs or IRC-o-phobes.
Announcement: Send us your feedback on what you would like to see included in a book about hacking wrt54g, put wrt54g in the title. We may know someone working on a book....
Announcement: This is the last wee for the Logo and slogan contest because I haven't had time to close it out, so here's one last shot at a logo and slogan for PSW!
Announcement: Andy gets his GCIH! Bust out the Champagne!
On to listener feedback...
Great Idea - UTTechno1 - Listener Feedback
James writes in:
I was just thinking...yeh I know, I shouldn't strain myself ;-)
You guys talk ALOT about pen testing how about some content about the business of pen testing? Like 1. what skills would a prospective pen tester need to acquire? 2. how do you price a pen test engagement...I'm thinking most of these gigs fall in the 25k to 50k range...but I may be totally full of it. 3. how do you promote or advertise your business? 4. advertisement/business development issues? 5. Yeh core impact is great but how do you pass that cost along to your customers? etc etc talk amongst yourselves ;-)
Mike Writes in:
First, a bit of what I hope is constructive criticism. I listened to a couple of podcasts "on the speakers" once, and my wife listened to a bit too. She now calls you guys the college guys (as in, I say "I was listening to the college guys podcast," and she knows what I mean). I don't want to criticize your style, because I like it, but while I realize you tend to have a wobbly pop or three while doing the 'cast, and beer makes one belch, and Larry (I think it's you, Larry) produces some fine ones... I don't think listeners necessarily need to hear that. I'll keep listening, but you may want to consider muting your mic.
[Why do people get so offended with the belching?]
<a whole bunch more stuff followed, mostly for twitchy, and included everything from what operating system planes run, to C vs Java, to the open wireless question, to Stephen Harper's alleged kitten eating, to are honeypots entrapment?, to OS X vs open source, to drive encryption>
[Whew, none of which I really care to discuss on the show because they are not so much security related and more a religious or politcal debate which we are happy to discuss in email or in the IRC channel but not bore the listeners with, its just not what this podcast is about.]
Tom writes in:
Paul, Larry, Twitch, The Mason
THe Best Buy loacted at 825 Pilgrim Way, Green Bay, WI 54303 - Phone number 920-494-2950 employs Chad Davis (http://www.justice.gov/criminal/cybercrime/davis.htm ) the "Global Hell" Hacker.
I have a friend who also works at the store and has told me stories about what the guy says he does. First thought is -how would you like this guy sent to your home to work on your computer - second thought is - how would you like this guy to take your credit card at the store - third thought is - what the hell is Best Buy doing for a hiring policy.
Christian writes in:
Do you guys know a way to locate and identify servers on the web without scanning? I am looking for publicly accessible databases or search engine queries, that, for example, list all publicly accessible dns servers….
[we do, but if we told you, we'd have to send ninjas to kill you]
[Music] Story Time With Twitchy
Twitchy tells us a hacking story about something...
Paul also has a story about Best Buy!
Billy's Browser - Johnny Long Sweeper - News
Episode28 Show Notes
George Class Promo
Syngress question of the week: What was the name of the first move Jet Li acted in and what year was it produced? Where was it shot?
Core discount code impactbsg
SANS discount code is <pauldotcom>.
Thank you for listening, email@example.com, http://pauldotcom.com Phone number Pauldotcom Security Weekly, PO Box 860, Greenville RI, 02828