From Security Weekly Wiki
Jump to navigationJump to search

(15 Seconds of silince)

(get all the laughter out)

(Record the Welcome Intro)

(More silence)

FiT Stinger

Theme Music, Episode 29 for May 26, 2006

"Welcome to PaulDotCom Security Weekly, Episode 29 for May 26, 2006"

From the PSW studios

“Welcome to this edition of PaulDotCom Security Weekly, a show for the listeners, because, well, without you we're just a bunch of guys at a bar drinking beer."

"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and we've also got our extra special host Twitchy.

Hello to all of our live audience listeners via Skypecast!


This episode is sponsored by Syngress Publishing, its like porn for hackers, crackers, and IT security professionals.

Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!

Last weeks winner was Kirk who stated the correct answer:

"MGCP was defined in RFCs 2705 & 3435. It is also know as H.248 and Megaco via http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci817224,00.html"

We also liked reids answer of "I mostly just know it as "the current big fucking headache"'

The fake question of "What was the name of the first move Jet Li acted in and what year was it produced? Where was it shot?" A couple of you were close, but not quite. Paul, what is the answer?

This episode is also sponsored by Core Security Technologies.

Larry: Use Core impact to penetrate your network day and night and not get tired!

Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.

We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!


Announcement: Logo and slogan contest is over! The Logo winner is Kreg Stepe, and the slogan winner is Paul Battista. Please drop us a note so we can get you your prizes.

Kreg's logo will be in the blogg entry, adn album art.

Paul's slogans included:

We Ain't Sniffing Panties Well We Ain't Sniffing Panties Because Sniffing Packets is Better then Sniffing Panties Security Over a Beer Cyber Ninjas at Work Digital Ninjas in Training We Steal Passwords like its your bike I Stole Your Password Like I Stole Your Bike I Hacked your mom

On to listener feedback...

ITT Fart - TMUP PDC Promo - Listener Feedback

Jim writes in:

Really enjoy your podcast, you have very useful info between the Story times (which are great) and other stuff that make my commute shorter.

I wanted to run this past the experts to see if I'm not totally off the wall. First I run an open access point and it's connected inside my router. So when you connect you are on a 192.168.x.x network, as Twichy would say "Bad Bad ! .... Oh popcorn....". But here is the situation we are in the middle of a 200 acre farm, the nearest house is 1/2 mile away (it's a relative). Then to the rear of the farm is a steel mill and running through the place is a small two lane road where if any one stopped for a time it would be like a bug on a plate.

The internal network is all Mac's with file sharing enabled, one machine is running Apache and that's it. My AP only can do WEP (it's an old Airport) and is in the basement of the house. Doing a walk around with a Toilet seat type iBook (which is a pretty sensitive) I can get about 50 feet from the house and still have usable signal. It's about 100 yards to the road.

Anyway my feeling is if anyone accesses the network they have to walk into my land or sit on the road with a 13db yagi hanging out the window. The first case is handled with a shotgun and the second as I said is pretty obvious.

I know this is pretty fragile security but out here in the boonies do you think it can work ? Oh yea, we are at the end of the power line, cable doesn't come here but DSL does, so we have DSL but pulse dial.

[Music] Story Time With Twitchy

Twitchy tells us a hacking story about something...

Paul also has a story about Best Buy!


Billy's Browser - Johnny Long Sweeper - News


Episode28 Show Notes

George Class Promo

Syngress question of the week: Are you the Keymaster?

Core discount code impactbsg

SANS discount code is <pauldotcom>.

Thank you for listening, psw@pauldotcom.com, http://pauldotcom.com Phone number Pauldotcom Security Weekly, PO Box 860, Greenville RI, 02828