Tech Segment: iStumbler for OS X
Sure, we talk about all sorts of wirless tools for windows and *nix. Here is a small and neat one that does wifi, bluetooth and bonjour
Wifi, pretty typical.
Bluetooth - discovery, no bruteforce and so on, but can do transfers and gather info.
Bonjour - bonjour service discovery - great for mDNSresponder attacks!
Stories for Discussion
BITCHX exploit - [Larry] - We tell people to join our IRC channel all of the time, but if you use Bitchx 1.1 final, there is a remote code execution. all it takes it to compile this code, and set it up as a listener with netcat, and get clients to connect to you.Make sure you know where you are connecting!
HIPAA Audit - 42 questions from the HHS - [Larry] - Wow, this is a huge list of questions, some of which I'd be wary of turning over to a government agency that may or may not get it compromised...would a policy against turning that info over be acceptable?
WiFi is everywhere - [Larry] - Venezuelans set a new Wifi distance record of 385 Kilometers (237 miles). They apparently used off the shelf parts, and some linksys gear to boot. We'd just like to reiterate the whole distance argument when designing your wireless networks for security.
Wardialing at the sans RR - [Larry] - (Before I forget, there has been a ton of great papers posted over at the SANS reading room, go check them out - Social engineering, egress filtering, sniffing on a switched network...) I wanted to point out to not forget about the "ancient" technology when performing security assessments. Dialup needs to be protected appropriately.
Incident handling for Small and Medium business - [Larry] - Yet another SANS RR paper. Let's not forget about the little guy, and this paper has some great suggestions for the small business on how to appropriately handle security events.
Virus writers target "hacker tool" - [Larry] - by creating a virus in a script for WinHex. Hrm. WinHex? I thought all real hackers used *nix on a Gibson.
Pfizer does Pfile sharing on pf2pf networks - [Larry] - What part of the security policy did they miss? Don;t allow users to install software? Banning p2p filesharing? copyright violations? Lockdowns of workstations? Acceptible use? Egress filtering?
Creating an Emergency response team - [Larry] - If you don't have one, you should. It is never a good idea trying to figure out how to deal with a situation, who to call, or how you will communicate, when trying to fix the problem too. Get all of the easy stuff pre-planned and documented.
Crazy Czech Hackers - [Larry] - nothing like intercepting communications across the internet. This rules. I'll discuss the details..
Other Stories of Interest
changing the ROMs of a Nedap e-voting computer in 60 seconds - [Andrew] The voting machine companies would have you think that it's time consuming and difficult to do this without anyone noticing.