Brakeing Down Security podcast

Categories

general

Archives

2014
September
August
July
June
May
April
March
February
January

September 2014
S M T W T F S
     
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30

Syndication

While I'm stuck at work, Mr. Boettcher went to the Austin Hackformers and snagged an interview with Mr. Ed Skoudis, of InGuardians and of the SANS Institute, a top flight training academy.  He is to be one of the keynote speakers at DerbyCon this year. He gives us a peek about his keynote, and Mr. Boettcher asks his thoughts on the industry as a whole, SCADA security, Mr. Skoudis' opinion on Infosec as a whole.

 

Hackformers Austin: http://www.hackformers.org/

Ed Skoudis bio: http://www.sans.org/instructors/ed-skoudis

 

Bad Guys are Winning - Part 1: link

Bad Guys are Winning - Part 2: link

Bad Guys are Winning - Part 3: link

Bad Guys are Winning - Part 4: link

Bad Guys are Winning - Part 5: link

Netwars: Cybercity - http://www.sans.org/netwars/cybercity

Google Car: http://www.nbcbayarea.com/news/local/Google-to-Test-Self-Driving-Car-Without-Backup-Driver-275033691.html

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: skoudis_interview.mp3
Category:general -- posted at: 9:30 AM

We're back with part 2 of our discussion with Michael Gough.  Not only do we discuss more about malware, but we also ask Michael's opinion on how commercialized conventions like Black Hat and Defcon have gotten, how good threat intelligence feeds are, and why there aren't more defensive talks at cons.

Michael is currently slated to give a talk on logging at DerbyCon September 24th, 2014 on how logging can help to mitigate malware infections.

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: michael_gough2-pt2-final.mp3
Category:general -- posted at: 9:00 AM

Brian and I managed to get an interview with Michael Gough. If you remember, Michael was on to discuss Malware infections back in February, and we decided it was time to check up on him and his newly named 'Malware Sentinel'. This is part 1, where we discuss some of the recent malware infections, and where you need to look for new file creation, and what you can be looking for in your windows logs that are excellent indicators of malware compromise.

 

Windows logging cheat sheet - http://sniperforensicstoolkit.squarespace.com/storage/logging/Windows%20Logging%20Cheat%20Sheet%20v1.1.pdf

 

Malware Management Framework - http://sniperforensicstoolkit.squarespace.com/malwaremanagementframework

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: pt1-fin.mp3
Category:general -- posted at: 10:00 AM

I had a healthy debate with Mr. Boettcher this week about the merits of doing recon for a pentest. Mr. Boettcher is a heavy duty proponent of it, and I see it as a necessary evil, but not one that I consider important.  We hash it out, and find some common ground this week.

People search links:

Spokeo - http://www.spokeo.com/

Pipl - https://pipl.com/

 

Sec Filings site: http://www.sec.gov/edgar/searchedgar/webusers.htm

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: reconnaissance_final.mp3
Category:general -- posted at: 9:30 AM

Mr. Boettcher made a thing!  He created a video that highlights how to install Linux securely in a VM.  His next video will be how to setup OWASP's WebGoat to test for vulnerable web apps.  He noticed that documentation is a bit sparse, and often contradictory, so he wanted to help other folks who are having issues to get a proper install.

 

You will need an Network Install ISO of Debian, and you will need either VMware Player or Workstation.

His notes are below... Enjoy!

Secure the Goat #1 - Goat Pen

Create a directory where you will put the VM.  We'll call it 'goat'.
Download the Debian Network Install ISO and place it in the 'goat' directory.

Create a 'share' directory inside the goat directory
Place a (test) file in the share directory
In VMware Worstation create a new vm using a Debian ISO and run install

Update the sudoers file
$ su - root
$ update-alternatives --config editor
    change to vim.tiny by pressing 2 and enter
$ visudo -f /etc/sudoers
    copy the root line and add one for goat user

In order to install vmware tools, we'll need to install these packages
$ sudo apt-get install gcc linux-headers-$(uname -r) make

For the vmware tools install to work properly, these simlinks are required
$ cd /lib/modules/$(uname -r)/build/include/linux
$ sudo ln -s ../generated/utsrelease.h
$ sudo ln -s ../generated/autoconf.h

Insert vmware tools virtual CD
In the workstation menu select vm -> install vmware tools
$ tar -C /tmp/ -zxvf /media/cdrom/VMwarTools...
$ sudo /tmp/VMwareTools.../vmware-install.pl

Show desktop icons
$ gsettings set org.gnome.desktop.background show-desktop-icons true

change resolution in menu at top:
    applications/system tools/preferences/system settings/ then 'displays'

in Workstation under vm/settings, set virtual machine shared folder

remove ISO file, take snapshot

Direct download: StG01.mp4
Category:general -- posted at: 3:09 AM

This week, we go into a proxy program called "Ratproxy", discussed it's ins and outs.  Plus, Mr. Boettcher and I have a discussion about how we as infosec people should work with developers and IT professionals to provide them training and understanding of security concepts.

https://code.google.com/p/ratproxy/

http://blog.secureideas.com/2012/07/how-to-setup-ratproxy-on-windows.html

 

 

 

 

Ratproxy icon courtesy of honeytech and flicker

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: raproxy_final.mp3
Category:general -- posted at: 9:30 AM

Here is Part 2 of our video for understanding the basics of Nmap.  I discuss some of the logging output, the scripts found in Nmap, and the output that Nmap gives you for reporting or comparison later.

 

I really did want to go more into the Lua portion of the scripting engine, and perhaps make a simple script, but time constraints halted that. I hope to get more adept at video creation and hopefully editing, to make a more concise video tutorial.

Nmap target specifications: http://nmap.org/book/man-target-specification.html

 

http://nmap.org/book/nse-usage.html

 

Explanation of all Nmap scripts: http://nmap.org/nsedoc/

 

nmap icon courtesy of insecure.org

Direct download: nmap_p2.mp4
Category:general -- posted at: 5:56 PM

This week we take some time to talk about risk management with Josh Sokol.  This is part 2 from our interview with him last week... We talk some more about Simple Risk from the POV of Risk Management, as well as the licensing/modification of Simple Risk.

Mr. Boettcher and Josh discuss the merits of Qualitative vs. Quantitative Risk Analysis, and which one is better...

We also discuss NIST 800 series guidelines, and how he used those to excellent effect in Simple Risk.

Josh also discusses OWASP, how the advocacy and outreach works and how flexible the organization is.

NIST 800 Series docs - http://csrc.nist.gov/publications/PubsSPs.html

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: Josh_sokol_pt2_final.mp3
Category:general -- posted at: 5:20 AM

Josh Sokol is on the International OWASP board of directors in addition to being the Information Security Program Owner at National Instruments in Austin, Texas. This week, he sat down with Brakeing Down Security to talk about Simple Risk, his homebrew application that assists people and organizations in managing their business risk, and at a much nicer cost that other GRC applications (it's free!) Check out Part 1 below. If you're at BlackHat 2014 this year, he will be showcasing it at Arsenal! 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: JS_Part1.mp3
Category:general -- posted at: 4:41 AM

Mr. Boettcher and I discussed SQLMAP, a tool that can automate the process of pentesting databases and even registries on Windows.  We discuss some functions of the program and why developers should get training on these.

Mr. Boettcher and I talk about how Infosec professionals should help to educate QA and Developers to be able to look at their processes and incorporate security testing, using tools like sqlmap in the Software lifecycle.

 

SQLMAP links

SQLMAP Wiki and more detailed documentation - https://github.com/sqlmapproject/sqlmap/wiki

http://sqlmap.org/

https://github.com/sqlmapproject/sqlmap

http://hackertarget.com/sqlmap-tutorial/

https://www.owasp.org/index.php/Automated_Audit_using_SQLMap

http://www.binarytides.com/sqlmap-hacking-tutorial/

http://blog.spiderlabs.com/2013/12/sqlmap-tricks-for-advanced-sql-injection.html

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Direct download: sqlmap_final.mp3
Category:general -- posted at: 4:42 AM