Difference between revisions of "Episode306"

From Security Weekly Wiki
Jump to navigationJump to search
Line 28: Line 28:
 
#[http://technet.microsoft.com/en-us/sysinternals/jj729731 PsPing] Yeah, a few weeks old now, but in case you missed it- a new tool from Sysinternals. "PsPing is a command-line utility for measuring network performance."
 
#[http://technet.microsoft.com/en-us/sysinternals/jj729731 PsPing] Yeah, a few weeks old now, but in case you missed it- a new tool from Sysinternals. "PsPing is a command-line utility for measuring network performance."
 
#[http://www.verizonbusiness.com/Products/security/dbir/verticals/?&src=/worldwide/Products/security/index.xml&id= New old news from Verizon's DBIR] the good folks at Verizon have sliced and diced this year's DBIR across a number of industries: Financial and Insurance, Healthcare, Accommodations, Food Service, and Retail. Intellectual Property theft cases were also reviewed.
 
#[http://www.verizonbusiness.com/Products/security/dbir/verticals/?&src=/worldwide/Products/security/index.xml&id= New old news from Verizon's DBIR] the good folks at Verizon have sliced and diced this year's DBIR across a number of industries: Financial and Insurance, Healthcare, Accommodations, Food Service, and Retail. Intellectual Property theft cases were also reviewed.
 +
#[http://threatpost.com/en_us/blogs/microsoft-agrees-modify-windows-8-following-eu-complaint-102412 The EU is still whining about Microsoft] maybe they should stop picking on them and also stop screwing the global economy.

Revision as of 22:01, 25 October 2012


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 306 for Thursday October 18th, 2012

  • Bsides everywhere baby! Likely there is one near you, so check the web site www.securitybsides.com

Stories

Paul's Stories

  1. Hack3rcon 3 Videos (Hacking Illustrated Series InfoSec Tutorial Videos) - Check out some videos from Hack3rCon, including our very own Larry Pesce and Carlos Perez!
  2. Big security on a shoe-string budget - This is a "coming soon" type of post, but got me thinking, what do you recommend for smallish business to implement security on a budget? Lets start with the example of you have a small IT staff and you have one person dedicated to security, what's in your toolkit? For one, I gotta have some Linux distribution on cheap hardware that is monitoring the network, and my recommendation is going to be the security onion distro. Put one monitoring Internet traffic and one on the internal network, and monitor stuff. This greatly contributes to "knowing your network". Next, with some more cheap hardware, collect syslog and other logs on a syslog server. Use command line tools to analyze the data, or some open source tools such as OSSIM. Next, and yes I am biased, spend $1500 per year and get a copy of Nessus, you get A LOT of value. You can schedule regular scans, detect missing patches, audit the configuration of your systems, gain insight into mobile, generate reports for people to patch stuff, detect botnet hosts and more. Not only know your network, but scan yourself and fix the problems you find! But more important, what are your suggestions?
  3. IP theft attacks can hide on networks for years - We've all known this, we tell people all the time, bad guys are in your network. Check this out: A Verizon report [PDF] reports just 101 incidents of intellectual property theft - around 12 percent of the total data breach incidents it documented - during 2011, but attacks that stole intellectual property were both longer-lasting and more complex than other data breach incidents. Attackers commonly relied on both external agents and insiders to carry out the attacks. Insiders eh? How do you detect the malicious insider? How does their behavior patterns change? I think you require a deeper level of intelligence gathering to figure this out, but as an organization in IT, how do you really prevent this from happening? I truly believe that technology aimed at prevention will fail agiainst insiders. Some people just need access to the data, and the problem gets deeper into finding out who may benefit and how from selling your IP.
  4. 10 steps for writing a secure BYOD policy - I think this really boils down to choosing a technology, setting a policy, enforcing it, and educating your employees. Monitoring is important, how are employees getting at your data? Is it from an Android phone that has no patches? Technology is starting to emerge that will help control this scenario.
  5. 3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take Administrative Actions - Just amazes me how many issues are uncovered with management protocols, such as SNMP. Also amazing is how few peopel really work hard to fix them. This is one of the things that must exist on your network, and it doesn't cost that much. Make sure everything connected to your network is managed securely, it speaks volumes to your security.
  6. Hackers Steal Customer Data From Barnes And Noble Keypads - This one hit home, stores in RI were affected. Fairly low tech hack, but shows that criminals are going to quickly migrate to using technology to make money.
  7. Boeing zaps PCs using CHAMP missile microwave attacks - EMP anyone? Yea, this may be a reality

Larry's stories

Jack's Historifacts

  1. PsPing Yeah, a few weeks old now, but in case you missed it- a new tool from Sysinternals. "PsPing is a command-line utility for measuring network performance."
  2. New old news from Verizon's DBIR the good folks at Verizon have sliced and diced this year's DBIR across a number of industries: Financial and Insurance, Healthcare, Accommodations, Food Service, and Retail. Intellectual Property theft cases were also reviewed.
  3. The EU is still whining about Microsoft maybe they should stop picking on them and also stop screwing the global economy.