Episode161

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security

Sponsors

  • Tenable Network Security - This episode sponsored by Tenable network security. Tenable is a developer of enterprise vulnerability, compliance and log management software, but most notably the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more. Tenable also offers a Nessus Professional Feed to detect vulnerabilities in your network today! Tenable – Unified Security Monitoring!
  • Core Security - This episode is also sponsored by Core Security Technologies, helping you penetrate your network. Now version 10.0 with WiFi-fu good to go! Rock out with your 'sploit out! Listen to this podcast and qualify to receive a 10% discount on Core Impact, the worlds best penetration testing tool.
  • Trustwave Spiderlabs - Trustwave's SpiderLabs - providing advanced information security services to planet Earth. Visit them online at trustwave.com/spiderlabs!

Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 161 - July 23d, 2009

  • Black Hat & DEFCON - Can't go? No worries, Mick will be using his press pass to the max! He'll be posting blog entries, making Twitter go crazy with a stream of constant tweets (Twitter ID BetterSafetyNet) and hanging out in the PDC IRC room as much as possible.
  • DEFCON - Look for our "vendor table" where we will be selling t-shirts in all colors and sizes for $10. Carlos will be giving a presentation on Meterpreter, and Larry will participate in Defcon Poetry jam with the tantalizing title of "FAIL". We will also be having an invite-only party on August 1st after the Podcaster's meetup, but you'll need a PaulDotCom badge....
  • Friend of the Show Jack Daniel announces BSidesLasVegas & Neighborcon Vegas on July 29th and 30th in Las Vegas - Free events, but those interested should sign up to get on the list. Talks lined up from drag0rn, HD, Val Smith, Sandy Clark, and many more between the two events. Both events are being held at an as-yet undisclosed location (it is a large, private residence). The events are Wednesday and Thursday, opposite Black Hat - so people coming in early for DefCon can join.

Episode Media

mp3

Listener Feedback

[PaulDotCom Says, "This is one of the nicest and most inspiring emails we have ever received. I would like to read it on the air and take the time to thank our listeners for listening to the show"]

Chris writes in:

"I would like to say a huge thank you, as a direct result of pauldotcom.com I have finally bitten the bullet and I am returning to formal education in September I am going to Collage to get the required number of points so I can go to university to study Computer Security and computer Forensics. Up until recently I have been working as a system admin for a web design company and running my own little computer repair company on the side, but as I had no official qualifications in any computer field I was always going to be stuck in the bottom of the industry earning less money and more importantly not enjoying myself. While I was sitting there in work one day listening to episode 150 (12 hours of pure concentrated awesome by the way) I though screw this I want to enjoy myself and study in a field I am passionate about so I fired up FireFox and booked a interview with the local Collage and as a result in September I start a 4 year journey of education and fun directly as a result of this podcast. So thanks Paul and Larry thanks for giving me the inspiration to finally do something worth while with my life."

Chris

Interview: Lance Spitzner

"Lance Spitzner is a geek who constantly plays with computers, especially network security. He loves security because it is a constantly changing environment. This love for tactics first began in the Army where he served as an officer in the Army. Following the military he became involved in the world of information security. His passion is researching honeypot technologies. He is author of Honeypots: Tracking Hackers and several whitepapers. "

Questions:

  1. How did you get your start in information security? I heard you drove tanks, that sounds cool, tell us more.
  2. When I first met you, your worked for Sun, how did that come about? What are some things about Solaris, security related, that have changed over the years? How do you feel about Oracle?
  3. What triggered your involvement with Honeynets? What is a honeynet?
  4. What are some interesting things you learned about hackers during the honeynet project?
  5. Have attackers ever come after you for bringing them down? Has your data led to successful prosicutions?

Tech Segment brought to you by John Strand and the letter "V"

(NOTE: "V" is for VBscript)

How does the msfpayload V option work? How can you extend this idea?

In this video tech segment we take a look at the V option for msfpayload. With this option we can output metasploit payloads into VBScript so they can be loaded as Macros in Excel spreadsheets and Word documents. We also take a look at exe2vba.rb and how we can take any exe file and output it into VBScript. The Important thing to keep in mind is that you should not get stopped by AV. There is always a way to get your payload to the target enviroment you just have to be crafty on how you are going to get it there. I fully expect that we will see some more cool client-side attack goodness coming from the Metasploit project soon. Speaking of Metasploit.... I wonder if Chris Gates has any word on Dean's new client side pen-testing project?



Below are some great resources to get started with VBScripts in your pen-tests:

The following links are from Invisible Denizen on just how far you can take VBScripts in your tests:

Stories For Discussion

  1. New Flash attack in the wild - [strandjs] Wait... Is this a repeat? Or is the record scratched?
  2. Verizon Prank - [strandjs] Zug hunts down Verizon's CEO and ask him "CAN YOU HEAR ME NOW!!"
  3. The patchwork quilt gets bigger - [Mick] - Mousouri passes a breach notification act! Cool for folks in MO, bad for everyone else! Why do you ask? Because it seems EVERY DAMN STATE IN THE UNION now has a separate notification law. Grr. I am *not* normally a big government kind of guy, but can't we agree on a unified system? PLEASE?!!?
  4. WireShark 1.2.1 is out! - [Mick] - don't get hit by the protocol analyzer attacks! Upgrade WireShark today!
  5. 4 Million (puts pinky to mouth ala Dr Evil) British IDs for sale! - [Mick] - IDs Here! IDs Here! Gettem while they're hot! Paul's right, privacy is dead... but for all the wrong reasons.  :-(
  6. I know where you've been! - [Mick] - Here's a neat trick that most end users will have a hard time believing. A remote web site can determine your browsing history... without you doing a thing. Click the link to see how it works. (spoiler alert: it's done with javascript)

Other Stories For Discussion

  • Has The Force from "Star Wars" been discovered? Is this the "Golden Glow" from "The Last Dragon"? Maybe not. Japanese researchers discover that humans (and just about every living thing) emit light in the visible spectrum