(15 Seconds of silince)
(Record the Welcome Intro)
Theme Music, Episode 32 for June 14, 2006
"Welcome to PaulDotCom Security Weekly, Episode 32 for June 14, 2006"
“Welcome to this edition of PaulDotCom Security Weekly, where sometimes security comes at the expense of sleep."
"I am your host Paul Asadoorian, “and I’m your co-host Larry Pesce" and unfortunatley, no Twitchy today.
No skypecast either!
This episode is sponsored by Syngress Publishing, read a book, learn to hack, and never have to pay for another coke again!
Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!
Last weeks winner was golo who stated the correct answer:
From Security Now 53/DNS 445/MSDS
ISAKMP (RFC2408 sec 2.5.1) http://www.ietf.org/rfc/rfc2408.txt
syslog (recommended in RFC3164 sec 2.) http://www.ietf.org/rfc/rfc3164.txt
Other ports that use the same source and destinataion also included, NTP (123 udp), IKE (500 udp) and ISAKMP for NAT-T (4500 udp)
Send an email to email@example.com, and we'll get you hooked up.
This episode is also sponsored by Core Security Technologies.
Larry: Use Core impact to penetrate your network day and night and not get tired!
Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.
We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer.... Listen for the discount code at the end of the show for 5% off SANSFIRE, July 5-11th in Washington DC. Almost every SANS track will be offered! ANd twitchy will be there!
Announcement: Mission Statement - What it means.
Announcement: Paul getting 0wn3d. I am so lucky :)
On to listener feedback...
Christian writes in:
In your last show you mentioned that there has not been a way to break out of a virtual machine. I think this is still the case, however, there is a cool paper out there that utilizes vmware to implement malware: virtual machine monitor rootkits. Once a machine is infected with this sort of malware the following happens:
1. install a virtualization technology 2. move the existing OS into a virtual machine 3. do any wicked evil deeds below the virtual machine on the virtual machine monitor
The rootkit is very difficult to detect from the now guest host system.
The paper that describes is SubVirt: Implementing malware with virtual machines. Very neat stuff.
PS: Great show!
PSS: A beer recommendation: Baron Hefeweizen --- it’s a true authentic German Hefeweizen produced in the states… http://www.baronbeer.com/
Here a quick follow up --- I guess it is possible to break out of guest os on vm…
Irvine writes in:
I have a couple of questions I'd love to hear your thoughts on during the listener feedback section of your podcast.
1. Does your contract cover who owns "zero days" you find during a pen test?
2. What obligation do you think you have to a vender when you have found a "zero day" within their product, during a pen test for a client.
3. Do you perform your pen tests to a standard and if so which one?
4. What are your thoughts on OSSTMM, NSA-IAM, NIST-SP 800-42, etc.
NOTE: his e-mail is: imschitti@(domain.com) Poor guy.
Raul writes in:
Hi there, trying to provide some listener feedback to the VMware USB wireless NIC question asked in episode 31:
The USB wifi sticks can be used in VMware. In fact, it is the only way available nowadays to have a wireless card within a VMware virtual machine. Any other wireless card (PCI, PCMCIA...), when configured in bridge mode, is mapped (due to the VMware hardware abstraction layer) to a generic Ethernet card (without wifi capabilities).
The main issue I'm aware of about using USB wifi NICs in VMware is that none of them (no matter the chipset) can be placed in master mode (both, managed and monitor modes work like a charm).
To sum up, this means you can have the Auditor CD (Backtrack...) running kismet, the aircrack suite or any other wifi hacking tool requiring monitor mode, inside a VMware machine... that's great for demonstration purposes!! ;-)
Keep the great show!
[Music] Story Time With Twitchy
Twitchy tells us a hacking story about something...
Episode32 Show Notes
Syngress question of the week: Name the actor who starred in Shaolin Master Killer (aka. 36 Chambers of Shaolin, Masta Killa). What style of Kung Fu does he practice? Bonus: What are his mandarin and cantonese names?
Core discount code impactbsg
SANS discount code is <pauldotcom>.
Thank you for listening, firstname.lastname@example.org, http://pauldotcom.com Phone number Pauldotcom Security Weekly, PO Box 860, Greenville RI, 02828