Difference between revisions of "Episode33Script"

From Security Weekly Wiki
Jump to navigationJump to search
 
Line 8: Line 8:
  
 
'''
 
'''
== Theme Music, Episode 32 for June 14, 2006 ==
+
== Theme Music, Episode 33 for June 22, 2006 ==
 
'''
 
'''
  
"Welcome to PaulDotCom Security Weekly, Episode 32 for June 14, 2006"
+
"Welcome to PaulDotCom Security Weekly, Episode 33 for June 22, 2006"
  
 
Via Skype
 
Via Skype
  
“Welcome to this edition of PaulDotCom Security Weekly, where sometimes security comes at the expense of sleep."
+
“Welcome to this edition of PaulDotCom Security Weekly, where beer is not just a social lubricant."
  
"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and unfortunatley, no Twitchy today.   
+
"I am your host Larry Pesce, “and our special host Twitchy".  Iand I am today's special guest host Kevin Devin.
 +
 
 +
A big thanke to Kevin for filling in for Paul while he is on his honeymoon! Kevin is from the In the Trenches Podcast, and a member of the Friends in Tech Network   
  
 
No skypecast either!  
 
No skypecast either!  
Line 25: Line 27:
 
'''
 
'''
  
This episode is sponsored by Syngress Publishing, read a book, learn to hack, and never have to pay for another coke again!
+
This episode is sponsored by Syngress Publishing, read a book, learn to hack, and never have to pay for another coke again! When wil lthey start putting beer in a vending machine in the US?
  
 
Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
 
Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
  
Last weeks winner was golo who stated the correct answer:
+
Last weeks winner was Wesley McGrew who stated the correct answer:
 +
 
 +
(question was from the last episode sweeper what was pauls pgp key, and why was it invalod)
 +
 
 +
The key is "fc6-47" which is invalid for a few reasons:
  
From Security Now
+
1) It's not armored in a BEGIN PGP PUBLIC KEY BLOCK
53/DNS
+
2) If I'm reading the draft RFC right, the dash character isn't valid in Radix-64 encoding
445/MSDS
+
3) It's not quite long enough ;)
  
ISAKMP (RFC2408 sec 2.5.1)
+
(great job Wesley, you got all 3 reasons!)
http://www.ietf.org/rfc/rfc2408.txt
 
  
syslog (recommended in RFC3164 sec 2.)
+
Technical junk courtesy of:
http://www.ietf.org/rfc/rfc3164.txt
+
http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-18.txt
  
Other ports that use the same source and destinataion also included, NTP (123 udp), IKE (500 udp) and ISAKMP for NAT-T (4500 udp)
+
Second, I'm the fellow who discovered and posted the technique for modifying U3 USB drives to http://cse.msstate.edu/~rwm8/hackingU3/ and the mentioned-but-nameless-mailing-list :).
  
 
Send an email to psw@pauldotcom.com, and we'll get you hooked up.
 
Send an email to psw@pauldotcom.com, and we'll get you hooked up.
Line 51: Line 56:
 
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
 
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
  
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!
+
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd it is confiormed, twitchy will be there!
  
 
'''
 
'''
Line 57: Line 62:
 
'''
 
'''
  
Announcement: Mission Statement - What it means.
+
Announcement: Paul got pwn3d.  Awesome wedding.  I video taped, so, I'll be sire to releas a snippet or two.
 +
 
 +
Annoucenment: It is official,  WRT54 Ultimate Hacking.
  
Annoucenment: Beer
+
Announcement: iTunes comments.  Don't let us get spanked.  Everyone is doint real well.
  
Announcement: Paul getting 0wn3dI am so lucky :)
+
Announcement: iTunes Friends in Tech groupDon;t for get the Security Round Table.
  
 
On to listener feedback...
 
On to listener feedback...

Revision as of 01:45, 22 June 2006

(15 Seconds of silince)

(Record the Welcome Intro)

(More silence)

FiT Stinger

Theme Music, Episode 33 for June 22, 2006

"Welcome to PaulDotCom Security Weekly, Episode 33 for June 22, 2006"

Via Skype

“Welcome to this edition of PaulDotCom Security Weekly, where beer is not just a social lubricant."

"I am your host Larry Pesce, “and our special host Twitchy". Iand I am today's special guest host Kevin Devin.

A big thanke to Kevin for filling in for Paul while he is on his honeymoon! Kevin is from the In the Trenches Podcast, and a member of the Friends in Tech Network

No skypecast either!

Sponsors

This episode is sponsored by Syngress Publishing, read a book, learn to hack, and never have to pay for another coke again! When wil lthey start putting beer in a vending machine in the US?

Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!

Last weeks winner was Wesley McGrew who stated the correct answer:

(question was from the last episode sweeper what was pauls pgp key, and why was it invalod)

The key is "fc6-47" which is invalid for a few reasons:

1) It's not armored in a BEGIN PGP PUBLIC KEY BLOCK 2) If I'm reading the draft RFC right, the dash character isn't valid in Radix-64 encoding 3) It's not quite long enough ;)

(great job Wesley, you got all 3 reasons!)

Technical junk courtesy of: http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-18.txt

Second, I'm the fellow who discovered and posted the technique for modifying U3 USB drives to http://cse.msstate.edu/~rwm8/hackingU3/ and the mentioned-but-nameless-mailing-list :).

Send an email to psw@pauldotcom.com, and we'll get you hooked up.

This episode is also sponsored by Core Security Technologies.

Larry: Use Core impact to penetrate your network day and night and not get tired!

Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.

We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd it is confiormed, twitchy will be there!

Announcements

Announcement: Paul got pwn3d. Awesome wedding. I video taped, so, I'll be sire to releas a snippet or two.

Annoucenment: It is official, WRT54 Ultimate Hacking.

Announcement: iTunes comments. Don't let us get spanked. Everyone is doint real well.

Announcement: iTunes Friends in Tech group. Don;t for get the Security Round Table.

On to listener feedback...

Listener Feedback

Christian writes in:

In your last show you mentioned that there has not been a way to break out of a virtual machine. I think this is still the case, however, there is a cool paper out there that utilizes vmware to implement malware: virtual machine monitor rootkits. Once a machine is infected with this sort of malware the following happens:

1. install a virtualization technology 2. move the existing OS into a virtual machine 3. do any wicked evil deeds below the virtual machine on the virtual machine monitor

The rootkit is very difficult to detect from the now guest host system.

The paper that describes is SubVirt: Implementing malware with virtual machines. Very neat stuff.

PS: Great show!

PSS: A beer recommendation: Baron Hefeweizen --- it’s a true authentic German Hefeweizen produced in the states… http://www.baronbeer.com/

Here a quick follow up --- I guess it is possible to break out of guest os on vm…

http://www.eweek.com/article2/0,1895,1904647,00.asp


Irvine writes in:

I have a couple of questions I'd love to hear your thoughts on during the listener feedback section of your podcast.

1. Does your contract cover who owns "zero days" you find during a pen test?

2. What obligation do you think you have to a vender when you have found a "zero day" within their product, during a pen test for a client.

3. Do you perform your pen tests to a standard and if so which one?

4. What are your thoughts on OSSTMM, NSA-IAM, NIST-SP 800-42, etc.

NOTE: his e-mail is: imschitti@(domain.com) Poor guy.


Raul writes in:

Hi there, trying to provide some listener feedback to the VMware USB wireless NIC question asked in episode 31:

The USB wifi sticks can be used in VMware. In fact, it is the only way available nowadays to have a wireless card within a VMware virtual machine. Any other wireless card (PCI, PCMCIA...), when configured in bridge mode, is mapped (due to the VMware hardware abstraction layer) to a generic Ethernet card (without wifi capabilities).

The main issue I'm aware of about using USB wifi NICs in VMware is that none of them (no matter the chipset) can be placed in master mode (both, managed and monitor modes work like a charm).

To sum up, this means you can have the Auditor CD (Backtrack...) running kismet, the aircrack suite or any other wifi hacking tool requiring monitor mode, inside a VMware machine... that's great for demonstration purposes!! ;-)

Keep the great show!



[Music] Story Time With Twitchy

Twitchy tells us a hacking story about something...

[MUSIC]


News

News

Episode32 Show Notes

Ending

Syngress question of the week: Name the actor who starred in Shaolin Master Killer (aka. 36 Chambers of Shaolin, Masta Killa). What style of Kung Fu does he practice? Bonus: What are his mandarin and cantonese names?

Core discount code impactbsg

SANS discount code is <pauldotcom>.

Thank you for listening, psw@pauldotcom.com, http://pauldotcom.com Phone number Pauldotcom Security Weekly, PO Box 860, Greenville RI, 02828

<outro>