Info

Brakeing Down Security Podcast

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
RSS Feed Subscribe in iTunes
Brakeing Down Security Podcast
2017
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


All Episodes
Archives
Now displaying: Page 6
Nov 9, 2014

If you think Halloween was scary, Paul Coggin gives us another reason to curl up in the fetal position as he goes explains Lawful Intercept, and Route Maps. And what's worse, your 3rd party auditors are starting to get the tools that will make you address network protocol issues.

 

Lots of great material here below in our show notes, including some tools (free) that you can use to get yourself schooled on network protocols

 

http://www.zdnet.com/researcher-describes-ease-to-detect-derail-and-exploit-nsas-lawful-interception-7000025073/

 

BGPmon - http://www.bgpmon.net/

Renesys (now Dyn Research) http://research.dyn.com/

BGP Play - http://bgplay.routeviews.org/

BGP Looking glass servers - http://www.bgp4.as/looking-glasses

yersinia - http://www.yersinia.net/

Fx Twitter handle - https://twitter.com/41414141

ernw - https://www.ernw.de/

Cisco Route Maps - http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/49111-route-map-bestp.html

Paul's Bsides Nashville talk - http://www.irongeek.com/i.php?page=videos/bsidesnashville2014/300-bending-and-twisting-networks-paul-coggin

Huawei ENSP - http://enterprise.huawei.com/en/products/network-management/automation-tools/tools/hw-201999.htm

NRL Core - http://www.nrl.navy.mil/itd/ncs/products/core

NRL Mgen - http://www.nrl.navy.mil/itd/ncs/products/mgen

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Nov 3, 2014

One of the talks my colleague got to see was Paul Coggin's talk about Internetworking routing and protocols.  In this interview, we dicsuss some tools of the trade, how MPLS isn't secure, and why you should be doing end-to-end encryption without allowing your VPN or circuit provider to do it for you...

If you have any interest in network security, including the higher order network protocols like BGP, MPLS, ATM, etc...  You'll want to check out his DerbyCon talk, and our interview...

 

Paul's Derbycon 2014 talk - http://www.irongeek.com/i.php?page=videos/derbycon4/t319-bending-and-twisting-networks-paul-coggins

Hacking SNMP tips and tricks: http://securityreliks.securegossip.com/2011/04/hacking-snmp-in-a-few-simple-steps/

SNMPBlow: http://www.stoptheplague.com/?p=19

ERNW: https://www.ernw.de/research-community/index.html

Fx paper on Lawful Intercept: http://phenoelit.org/stuff/CSLI.pdf

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Oct 25, 2014

In an effort to educate ourselves for an upcoming interview, we sat down and talked about SNMP (Simple Network Management Protocol). We get into the basics, the ins and outs of the protocol, the different tools that use (or exploit) SNMP, and we talk about how to better secure your SNMP implementation. YOu should listen to this, because next week's interview will knock your socks off. :)

Finally, We end with a DerbyCon interview Mr. Boettcher snagged with our friend Mr. Kevin Johnson about how we need to regulate ourselves with regard to a code of ethics, before someone regulates us... When one 'white hat' can run code on a server he/she doesn't control (unpatched Shellshock) and thinks it's okay, where do we draw the line from what is right, and what violates the CFAA? Mr. Johnson looks for an answer with our Mr. Boettcher. 

Wikipedia SNMP article:http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol

SNMP Primer: http://www.tcpipguide.com/free/t_SNMPProtocolOverviewHistoryandGeneralConcepts.htm

SNMP OIDS and MIBS: http://kb.paessler.com/en/topic/653-how-do-snmp-mibs-and-oids-work

SNMP vulnserabilities - http://packetstormsecurity.com/search/?q=snmp

SNMP Primer (IBM):http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtpc1%2Fpdus.html

SNMP amplification attacks: http://www.pcworld.com/article/2159060/ddos-attacks-using-snmp-amplification-on-the-rise.html

Securing SNMPv3: http://www.sans.org/reading-room/whitepapers/networkdevs/securing-snmp-net-snmp-snmpv3-1051

 

 

 

Kevin Johnson/James Jardine DerbyCon Talk: http://www.irongeek.com/i.php?page=videos/derbycon4/t308-ethical-control-ethics-and-privacy-in-a-target-rich-environment-kevin-johnson-and-james-jardine

 

 

 Image courtesy of Wikipedia.de

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Oct 20, 2014

Tcpdump is just one of the tools that will make troubleshooting network issues, or testing applications, or even finding out what traffic is being generated on a host all that much easier.  This podcast is to help you understand the Tcpdump program, and how powerful it is...

 

http://danielmiessler.com/study/tcpdump/

http://www.thegeekstuff.com/2010/08/tcpdump-command-examples/

http://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/

http://www.amazon.com/TCP-Illustrated-Vol-Addison-Wesley-Professional/dp/0201633469

http://www.computerhope.com/unix/tcpdump.htm

http://www.commandlinefu.com/commands/using/tcpdump  -- excellent examples

http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Oct 13, 2014

Part 2 of our interview with Jarrod Frates (FRAY-tes). We ask him about the value that a pentest can create, the way that that 'perfect' pentest can change culture and help create dialogue.

Also, we talk about how to take your automated testing info and then shift gears to manual testing... when to stop doing automated testing, and do the manual testing.

Hope you enjoy, have a great week!

 

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Oct 6, 2014

We went a little off the beaten path this week. I wanted to talk to Mr. Boettcher about his experience at DerbyCon, and we ended up having another friend of ours who also attended DerbyCon, Jarrod Frates, join us for a bit of discussion. We discussed several talks, and even spent a little bit of time talking about ShellShock and it's larger implications for those programs that are ubiquitous, yet are not being audited, like bash.  (The llama graphic will make more sense next week...) :)

http://www.irongeek.com/i.php?page=videos/derbycon4/t109-et-tu-kerberos-christopher-campbell

http://www.irongeek.com/i.php?page=videos/derbycon4/t217-hacking-mainframes-vulnerabilities-in-applications-exposed-over-tn3270-dominic-white

http://www.irongeek.com/i.php?page=videos/derbycon4/t210-around-the-world-in-80-cons-jayson-e-street

http://www.irongeek.com/i.php?page=videos/derbycon4/t216-once-upon-a-time-infosec-history-101-jack-daniel

http://askubuntu.com/questions/529511/explanation-of-the-command-to-check-shellshock

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Sep 29, 2014

We finished up our odyssey with Marcus J. Carey this week.  We picked his brain about how he feel about China, the coming cyberwar, and what kinds of tools he uses in his toolbox (hint: he doesn't use Kali).

We also talk a bit about the entitlement of people, and what makes folks in poorer countries turn to hacking. We really enjoyed hearing his take on certifications and education. He's a Ruby nut, but suggests that people learn Python. He also talks about how he teaches people about security. The little everyday things that show you do security.

A thought provoking interview that will definitely inspire you to pour yourself into a Python book, or to grab a Raspberry Pi and start learning.

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Sep 28, 2014

This month, I wanted to go over a piece of software that seems to give a lot of people problems. In business, there is always a need for sending secure communications, whether because a client asked for it, or because sending sensitive information unencrypted could result in loss of profit, competitve edge, reputation, or all of the above.

 

This month's tutorial is on setting up PGP or GPG to be able to be more secure when sending emails. I show you commands that allow you to create public/private key pairs, and also discuss the software to be used on either Windows, Linux, and Mac OS.I mentioned signing and encrypting email attachments, and also explain that your headers are still unencrypted, so email metadata tracking is still possible.

 

Brakeing Security Podcast on PGP/GPG: http://brakeingsecurity.com/pgp-and-gpg-protect-your-data

Windows GPG solution: http://www.gpg4win.org

Mac GPG solution: https://gpgtools.org/

Kali/Linux RNG daemon instructions:

1. apt-get install rngd

2. rngd -r /dev/urandom (should make PGP creation on Kali much faster)

 

Sep 22, 2014

Marcus J. Carey, a security research and software developer came on to talk to us about FireDrill.me, a tool used to help people work out their Incident Response muscles.  He is also the creator of threatagent.com.

Marcus is well known in Security circles, and after we talked to him about FireDrill and ThreatAgent, we got his opinion of other subjects that interested us in the Infosec industry. Marcus is a man of his own mind, and he certainly did not disappoint. Hope you enjoy Part 1 of our conversation with him.

We also asked him about the celebrity that many in the industry face, and how it should be handled by people in the industry.

HoneyDocs - http://www.pcworld.com/article/2048881/honeydocs-lays-irresistible-bait-for-hackers.html

Malcolm Gladwell - http://en.wikipedia.org/wiki/Malcolm_Gladwell

http://www.firedrill.me

http://www.threatagent.com

 

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Sep 15, 2014

While I'm stuck at work, Mr. Boettcher went to the Austin Hackformers and snagged an interview with Mr. Ed Skoudis, of InGuardians and of the SANS Institute, a top flight training academy.  He is to be one of the keynote speakers at DerbyCon this year. He gives us a peek about his keynote, and Mr. Boettcher asks his thoughts on the industry as a whole, SCADA security, Mr. Skoudis' opinion on Infosec as a whole.

 

Hackformers Austin: http://www.hackformers.org/

Ed Skoudis bio: http://www.sans.org/instructors/ed-skoudis

 

Bad Guys are Winning - Part 1: link

Bad Guys are Winning - Part 2: link

Bad Guys are Winning - Part 3: link

Bad Guys are Winning - Part 4: link

Bad Guys are Winning - Part 5: link

Netwars: Cybercity - http://www.sans.org/netwars/cybercity

Google Car: http://www.nbcbayarea.com/news/local/Google-to-Test-Self-Driving-Car-Without-Backup-Driver-275033691.html

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Sep 8, 2014

We're back with part 2 of our discussion with Michael Gough.  Not only do we discuss more about malware, but we also ask Michael's opinion on how commercialized conventions like Black Hat and Defcon have gotten, how good threat intelligence feeds are, and why there aren't more defensive talks at cons.

Michael is currently slated to give a talk on logging at DerbyCon September 24th, 2014 on how logging can help to mitigate malware infections.

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Sep 1, 2014

Brian and I managed to get an interview with Michael Gough. If you remember, Michael was on to discuss Malware infections back in February, and we decided it was time to check up on him and his newly named 'Malware Sentinel'. This is part 1, where we discuss some of the recent malware infections, and where you need to look for new file creation, and what you can be looking for in your windows logs that are excellent indicators of malware compromise.

 

Windows logging cheat sheet - http://sniperforensicstoolkit.squarespace.com/storage/logging/Windows%20Logging%20Cheat%20Sheet%20v1.1.pdf

 

Malware Management Framework - http://sniperforensicstoolkit.squarespace.com/malwaremanagementframework

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Aug 25, 2014

I had a healthy debate with Mr. Boettcher this week about the merits of doing recon for a pentest. Mr. Boettcher is a heavy duty proponent of it, and I see it as a necessary evil, but not one that I consider important.  We hash it out, and find some common ground this week.

People search links:

Spokeo - http://www.spokeo.com/

Pipl - https://pipl.com/

 

Sec Filings site: http://www.sec.gov/edgar/searchedgar/webusers.htm

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Aug 23, 2014

Mr. Boettcher made a thing!  He created a video that highlights how to install Linux securely in a VM.  His next video will be how to setup OWASP's WebGoat to test for vulnerable web apps.  He noticed that documentation is a bit sparse, and often contradictory, so he wanted to help other folks who are having issues to get a proper install.

 

You will need an Network Install ISO of Debian, and you will need either VMware Player or Workstation.

His notes are below... Enjoy!

Secure the Goat #1 - Goat Pen

Create a directory where you will put the VM.  We'll call it 'goat'.
Download the Debian Network Install ISO and place it in the 'goat' directory.

Create a 'share' directory inside the goat directory
Place a (test) file in the share directory
In VMware Worstation create a new vm using a Debian ISO and run install

Update the sudoers file
$ su - root
$ update-alternatives --config editor
    change to vim.tiny by pressing 2 and enter
$ visudo -f /etc/sudoers
    copy the root line and add one for goat user

In order to install vmware tools, we'll need to install these packages
$ sudo apt-get install gcc linux-headers-$(uname -r) make

For the vmware tools install to work properly, these simlinks are required
$ cd /lib/modules/$(uname -r)/build/include/linux
$ sudo ln -s ../generated/utsrelease.h
$ sudo ln -s ../generated/autoconf.h

Insert vmware tools virtual CD
In the workstation menu select vm -> install vmware tools
$ tar -C /tmp/ -zxvf /media/cdrom/VMwarTools...
$ sudo /tmp/VMwareTools.../vmware-install.pl

Show desktop icons
$ gsettings set org.gnome.desktop.background show-desktop-icons true

change resolution in menu at top:
    applications/system tools/preferences/system settings/ then 'displays'

in Workstation under vm/settings, set virtual machine shared folder

remove ISO file, take snapshot

Aug 18, 2014

This week, we go into a proxy program called "Ratproxy", discussed it's ins and outs.  Plus, Mr. Boettcher and I have a discussion about how we as infosec people should work with developers and IT professionals to provide them training and understanding of security concepts.

https://code.google.com/p/ratproxy/

http://blog.secureideas.com/2012/07/how-to-setup-ratproxy-on-windows.html

 

 

 

 

Ratproxy icon courtesy of honeytech and flicker

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Aug 10, 2014

Here is Part 2 of our video for understanding the basics of Nmap.  I discuss some of the logging output, the scripts found in Nmap, and the output that Nmap gives you for reporting or comparison later.

 

I really did want to go more into the Lua portion of the scripting engine, and perhaps make a simple script, but time constraints halted that. I hope to get more adept at video creation and hopefully editing, to make a more concise video tutorial.

Nmap target specifications: http://nmap.org/book/man-target-specification.html

 

http://nmap.org/book/nse-usage.html

 

Explanation of all Nmap scripts: http://nmap.org/nsedoc/

 

nmap icon courtesy of insecure.org

Aug 10, 2014

This week we take some time to talk about risk management with Josh Sokol.  This is part 2 from our interview with him last week... We talk some more about Simple Risk from the POV of Risk Management, as well as the licensing/modification of Simple Risk.

Mr. Boettcher and Josh discuss the merits of Qualitative vs. Quantitative Risk Analysis, and which one is better...

We also discuss NIST 800 series guidelines, and how he used those to excellent effect in Simple Risk.

Josh also discusses OWASP, how the advocacy and outreach works and how flexible the organization is.

NIST 800 Series docs - http://csrc.nist.gov/publications/PubsSPs.html

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Aug 4, 2014

Josh Sokol is on the International OWASP board of directors in addition to being the Information Security Program Owner at National Instruments in Austin, Texas. This week, he sat down with Brakeing Down Security to talk about Simple Risk, his homebrew application that assists people and organizations in managing their business risk, and at a much nicer cost that other GRC applications (it's free!) Check out Part 1 below. If you're at BlackHat 2014 this year, he will be showcasing it at Arsenal! 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Jul 28, 2014

This is a flashback from July 2015. 

Mr. Boettcher and I discussed SQLMAP, a tool that can automate the process of pentesting databases and even registries on Windows.  We discuss some functions of the program and why developers should get training on these.

Mr. Boettcher and I talk about how Infosec professionals should help to educate QA and Developers to be able to look at their processes and incorporate security testing, using tools like sqlmap in the Software lifecycle.

 

SQLMAP links

SQLMAP Wiki and more detailed documentation - https://github.com/sqlmapproject/sqlmap/wiki

http://sqlmap.org/

https://github.com/sqlmapproject/sqlmap

http://hackertarget.com/sqlmap-tutorial/

https://www.owasp.org/index.php/Automated_Audit_using_SQLMap

http://www.binarytides.com/sqlmap-hacking-tutorial/

http://blog.spiderlabs.com/2013/12/sqlmap-tricks-for-advanced-sql-injection.html

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Jul 21, 2014

It only gets better in Part 2 of our Interview with Georgia Weidman, Author, Security Researcher and Creator of the Smartphone Pentesting Framework.

 

She talks about how people underestimate the mobile platform for pentesting purposes, and we even find out that in addition to Teaching a class on exploit development at BlackHat this year, she's going to be helping a great organization overseas.

We also got her talking about some do's and don'ts of pentesting! ;)

Please enjoy!

 

Georgia's book on No Starch: http://www.nostarch.com/pentesting

on Amazon.com: http://www.amazon.com/Penetration-Testing-Hands-On-Introduction-Hacking/dp/1593275641 (non-sponsored link)

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Jul 14, 2014

So, I uploaded this little tutorial of nmap, a very nice tool I use on a regular basis, both at home and at work.

I did some basic scans, showed off the command line and the Windows 'Zenmap' version, as well as discussed some regularly used switches.

The next video I do about nmap will discuss more switches, the Nmap Scripting Engine (NSE), and how to format reports and the output nmap provides.

 

 

Nmap icon courtesy of livehacking.com

Jul 14, 2014

We have a real treat the next two weeks.  Author and Mobile Security Researcher Georgia Weidman, who we also found out will be providing exploit development training at Black Hat this year.

She is the author of an awesome book "Penetration Testing: A Hands-On Introduction to Hacking" (http://www.amazon.com/Penetration-Testing-Hands-On-Introduction-Hacking/dp/1593275641/ref=sr_1_1?ie=UTF8&qid=1405304124&sr=8-1&keywords=georgia+weidman)

She sat down with us over Skype and gave a nice talk about where she came from,  and why she wrote the book, and even what she's about to do in the future (that's next week) ;) You'll have to listen next week to find out the awesome trip she's about to take.

http://www.bulbsecurity.com/

 

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Jul 7, 2014

This is the continuation of our podcast from last week with Phil Beyer.

We started out talking about risk registers, and we end the podcast with a little Q&A about positions in companies (Chief Risk Officer, Chief Data Protection Officer), and whether these positions are useful.

 

 Risk registers - http://en.wikipedia.org/wiki/Risk_register

 

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/

Jun 30, 2014

Establishing an Information Security program can make or break an organization. So what do you need to get that started? 

We have friend of the show Phil Beyer come in and discuss with us the five steps of the creation of an Information Security Program.  Join us for Part 1, and next week, we'll finish up with a little Q&A, as well as what a 'risk register' is.

 

 

 

 

 

 

Intro "Private Eye", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/
Jun 23, 2014

We finished up the OWASP Top Ten List. We discussed Injection, XSS, and other goodness.  Find out what makes the Top 5 so special.

 

 

 

http://risky.biz/fss_idiots  - Risky Business Interview concerning Direct Object Reference and First State Superannuation

http://oauth.net/2/ - Great information on OAUTH 2.0.

 

 

 

Intro "Private Eye", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) 
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/
1 « Previous 2 3 4 5 6 7 8 Next » 8