Episode224

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security


Announcements

PaulDotCom Security Weekly - Episode 224 - for Thursday December 16th, 2010.

Episode Media

MP3 pt 1

MP3 pt 2

Guest Interview with Dave Aitel


Dave Aitel is the CTO of Immunity, Inc., where he he is responsible for R&D of the CANVAS exploitation system. He joined the NSA as a research scientist at age 18, then later became a consultant for @stake.

Dave's has co-authored several books:

He is also well known for writing several security tools:

  • CANVAS, the automated exploitation system
  • SPIKE, a block-based fuzzer
  • SPIKE Proxy, a man-in-the-middle web application assessment tool
  • Unmask, a tool to do statistical analysis on text to determine authorship

Questions:

  1. What was it like to be contacted by the NSA at that age?
  2. What was the culture like for you there?
  3. What were the early days of @stake like?

What was it like to be contacted by the NSA at that age?

  1. What was the culture like for you there?
  2. What were the early days of L0pht and @stake like?
  3. How did CANVAS come about? What is that you needed a tool to help with your pen tests?
  4. What are some of the highlights of CANVAS? For example, MOSDEF, what is it and how does it compare to Core Agent and Meterpreter?
  5. How do you dig deeper as a penetration tester and not just say, "Hey look, I can get shell on that"?
  6. Are 0Days part of the penetration testing process, if so why are they so important?
  7. I've been following the Daily Dave Mailing list for a long time now, how did the list come about? What kinds of things are you posting about lately?
  8. What are your thoughts on disclosure? Should we just keep things secret and use them for ourselves, work with vendors, or just release them to the world?

Stories For Discussion

  1. Gawker Fail? - Gawker hacked and 1.3m accounts compromised. Lots of bad passwords being used, and lots of password reuse identified.
  2. OpenBSD backdoor? - [Larry] - REally, you think so? I have so much issue with this…all I can say is EPIC TROLL, and you all fell for it.
  3. Gawker password analysis - [Larry] Password analysis, and brutefoces reveals weak passwords….really? I wonder how many were throwaway troll accounts. There are also all sorts of other things going on, Walgreens, deviant art, McDonalds….hacker way? loads of emaila ddresses for spammers? How abotu some of the password reset advice? What about the previous mess with the iPad disclosure?
  4. Nessus needs theos check! - [Larry] - Hidden and undocumented account on some HP SAN products…not intended for customer use.
  5. Exim - [Larry] - remote root. 2+ year old patch…..
  6. Analysis of an Internet Connected TV - [PaulDotCom] - So, the TV manufacturer is redacted! Thanks to Wicked Clown for sending this along. It was hard to tell what the vulnerabilities were as the redacted text was distracting. I think we're going to see A LOT more of this as TVs, Blue Ray players, Rokus, Apple TVs and more are streaming content from the Internet. I don't think it will replace the computer though...
  7. Ohio State University Breach - [PaulDotCom] - Tough to tell whether your data has leaked. I mean, if someone has control of the system, could they carefully access files and cover their tracks? Forensics experts care to weigh in? I understand the file system records access times, but those can certainly be modified.
  8. Microsoft is "Bad Santa" - [PaulDotCom] - Patch Tuesday Mayhem, there's a lot I could say..

Other Stories of Interest

AND THE TSA... - [Larry] - LOLZ.