Episode280

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security

Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 280 - Live from the Mid-Atlantic CCDC Competition for Thursday March 15th, 2012

  • DerbyCon Call for Papers and ticket registration is: coming up quickly - Friday May 4, 2012 at 10:00AM. The PaulDotCom crew will be in attendance for DerbyCon. Training begins Thursday September 27th and the DerbyCon conference runs the 28th thru 30th.
  • John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Whether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".

Episode Media

MP3

CCDC Competition Discussion

  • What is the Mid-Atlantic CCDC?
  • What is PaulDotCom doing here?
  • What did Larry and Darren build for the competition?
  • One of the most popular questions, what can blue teams do to survive?
  • How can we watch the competition?

Special Spotlight: Raphael Mudge on 3 years of CCDC Red Teaming

Raphael is a Washington, DC based penetration tester and the developer of Armitage for Metasploit. He was a USAF Communications Officer involved in network operations and cyber security research and has been involved in CCDC Red Teaming for the last 3 years.

Raphael was last on Episode 260 September 2011.

  • What can the red team do to be more effective than ever before?
  • Tell us about your plans for Red Team co-operation
  • What's the biggest mistake you've seen Red Teams make these last 3 years? What about Blue Team?

Stories

Paul's Stories

  1. Rumors are that Anonymous is going to turn to DNS amplification for their next attack - "Each of these [DSN requests] is chosen so that it generates a large response, much larger than the queries themselves. The server will then send these large responses to the victim machine, inundating it with traffic".
  2. FBI's DNSChanger deadline extended to July from March - "The FBI's DNSChanger deadline extension has been approved by a US Federal Court, buying infected punters more time to clean up their systems."... "The DNSChanger Clean DNS Servers Will Be Turned Off On July 9, 2012" "The move means that machines riddled with the Trojan will still be able to use temporary DNS servers to resolve internet addresses until 9 July. Before the order was granted, infected machines would not have been able to surf the web or handle email properly after 8 March, the previous expiry date of the safety net."
  3. Doxing and counterDoxing - Story on how Sabu was doxed by former Anons (Backtrace security) and how Sabu doxed back.
  4. - Cambridge, UK student wins "Hack Idol" - could we use a Hack Idol in the US? " A 19-year-old computer science student has been named the UK's Cyber Security Champion following months of competition."

Larry's Stories

John's Stories

  1. Digininja's Poll on Breaking into security - Preliminary results are that Python and Bash scripting are the hacker's choice and Certs (not the edible kind) are useful. Fill out the quiz at his site and help skew the results!
  2. Japanese researchers build a gun capable of stopping speakers in mid-sentence. - "Psychologists have known for some years that it is almost impossible to speak when your words are replayed to you with a delay of a fraction of a second. [Researchers] have simply built a handheld device consisting of a microphone and a speaker that does just that: it records a person's voice and replays it to them with a delay of about 0.2 seconds. The microphone and speaker are directional so the device can be aimed at a speaker from a distance, like a gun."
  3. US military unveils non-lethal heat ray weapon - ""Active Denial System" beam, while powerful and long-range, some 1000 metres, is the military's "safest non-lethal capability" that has been developed over 15 years but never used in the field."
  4. TSA Full-Body Scanner Failure - "by placing the object on your side, the black image is hidden against the scanner's black background" - proved by John Strand with chapstick on the way down.
  5. Robin Wood breaks down leaked passwords from the phBB leak -
Top 10 base words
phpbb = 332 (0.18%)
password = 89 (0.05%)
dragon = 76 (0.04%)
pass = 70 (0.04%)
mike = 69 (0.04%)
blue = 67 (0.04%)
test = 66 (0.04%)
qwerty = 59 (0.03%)
alex = 58 (0.03%)
alpha = 53 (0.03%)

Top 10 passwords
123456 = 1 (0.0%)
password = 1 (0.0%)
phpbb = 1 (0.0%)
qwerty = 1 (0.0%)
12345 = 1 (0.0%)
12345678 = 1 (0.0%)
letmein = 1 (0.0%)
111111 = 1 (0.0%)
1234 = 1 (0.0%)
123456789 = 1 (0.0%)

Darren's Stories