Difference between revisions of "Episode471"

From Security Weekly Wiki
Jump to navigationJump to search
Line 75: Line 75:
  
 
== Larry's Stories ==
 
== Larry's Stories ==
 +
#[http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html?m=1 Tavis at AV again] - This time unpackers in the kernel? always a good idea, right?  Only if it is wormable.  Oh, it is?  GREAT!
 +
#[https://labs.integrity.pt/articles/uber-hacking-how-we-found-out-who-you-are-where-you-are-and-where-you-went/ Uber Bug bounty submissions] - I love this write up on some submissions to Uber’s Bug Bounty program.  Not only did they find some interesting things at Uber, the showed us how they did it.  great things to think about with any web/mobile app testing, and some good methodology to put in the toolbox.
 +
#[http://www.darkreading.com/endpoint/passwords-to-be-phased-out-by-2025-say-infosec-pros/d/d-id/1326112 No more passwords!] - It is ok, because studies say they will be gone by 2025, to be replaced by “biometrics “behavioral and otherwise”.  To qopte every Star Wars Character ever: “I’ve got a bad feeling about this."
 +
#[https://theintercept.com/2016/06/30/official-tally-of-wiretaps-belies-government-scare-stories-about-encryption/ Unofficial count of wiretaps indicate 1% use encryption] - Hrm. Dumb.
  
 
== Joff's Stories ==
 
== Joff's Stories ==

Revision as of 19:16, 30 June 2016

Paul's Security Weekly - Episode 471 - 6:00PM

Recorded

Episode Audio

[] Coming Soon

Interview: Mark Baggett

Mark has more than 28 years of commercial and government experience ranging from Software Developer to CISO. He is a Senior Instructor for The SANS Institute and the author of SEC573. He is the founding president of The Greater Augusta ISSA chapter. Course Author and Instructor for SEC573 Python for Penetration Tester. Instructor for SEC504 Incident Handling and Hacker Techniques, SEC560 Penetration Testing, 561 Advanced Hands On Penetration Testing.

CISO, IT Team Lead, Software Developer Senior SANS Instructor Course Author SEC573 Internet Storm Center Handler Penetration Tester/Incident Handler GSE #15 DoD Cleared w/ Gov &Commercial Experience Violent Python - Technical Editor Founding President of Greater Augusta ISSA BSidesAugusta Organizing Committee

1) GIAC now has the GPYC (Giac Python Coder) Certification. So if you know Python you now have a credential you can show to employers that proves you have that skill

2) Joff Thyer is teaching SEC573 at SANS Network Security in Las Vegas Monday Sep 12, 2016. This is the LAST OPPORTUNITY to take this course in its current form at a PUBLIC event (we run this course a lot privately). Today it is "Python for Penetration Tester" and the entire course is focused on developing Penetration Testing tools. Next year the course will be rewritten to reach a broader audience. Next year it will have approximately 1 day of forensics, 1 day of defense and 1 day of penetration testing. So if you want a 100% penetration testing focused class then you want to go see Joff Thyer this September.

https://www.sans.org/event/network-security-2016/course/python-for-pen-testers


I can bring these up and discuss them in context while discussing :

- The current SEC573 and the new SEC573 course, 
- GPYC, 
- how this relates to the LONG list of Python courses that are available on the web
- WHO should take the course?   A beginners or someone who already knows how to code?

Older, but perhaps some of your listeners didn't see these. If you would like we can talk about these two forms of the same defenseive tactic. Deceiving attackers with fake or altered credentials.

 -  LIAM NEESON. https://isc.sans.edu/diary/Offensive+Countermeasures+against+stolen+passswords/20455
 -  Honey hashes:  https://isc.sans.edu/diary/Detecting+Mimikatz+Use+On+Your+Network/19311 
  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Tech Segment: Building A PfSense Firewall - Part 1 - The Hardware

About & Why

For your home or small office, everyone needs a firewall! Well, I supposed you don't NEED one, but it helps. More important than just protecting you from curious people on the Internet, there are a ton of added advantages of having a good firewall platform, such as VPN, outbound filtering and more. Now, you can buy commercial off-the-shelf hardware to do this, however there are some issues:

  1. If you are listening to this show, you are a nerd who likes to tinker, and this is a great way to do that. Off-the-shelf stuff doesn't always give you stuff to tinker with.
  2. This is a great learning experience, if you are just getting started building and maintaining your own Linux/BSD firewall will teach you a lot, and its like table stakes (I built my own firewall, check).
  3. You can get a ton more speed and performance from a custom firewall for less money. This also means you can do things like scanning through your firewall without it catching fire.

How

I used the http://pcpartpicker.com web site to start identifying hardware in use for the build, a few things to note:

  • Low power consumption is key as it will be on all the time
  • Solid networking cards should be used, not using what is built into the Motherboard
  • Cooling, cooling and more cooling - This thing will be on all the time, make sure you have good airflow

Taking all these things into consideration, here is my build:


Security News - 7:00PM-8:00PM

Paul's Stories

Larry's Stories

  1. Tavis at AV again - This time unpackers in the kernel? always a good idea, right? Only if it is wormable. Oh, it is? GREAT!
  2. Uber Bug bounty submissions - I love this write up on some submissions to Uber’s Bug Bounty program. Not only did they find some interesting things at Uber, the showed us how they did it. great things to think about with any web/mobile app testing, and some good methodology to put in the toolbox.
  3. No more passwords! - It is ok, because studies say they will be gone by 2025, to be replaced by “biometrics “behavioral and otherwise”. To qopte every Star Wars Character ever: “I’ve got a bad feeling about this."
  4. Unofficial count of wiretaps indicate 1% use encryption - Hrm. Dumb.

Joff's Stories

Jack's Stories

Kevin's Stories

Michael's (Santa) Stories