SecuraBit
SecuraBit Before It Bytes!

This week Anthony Gartner & Rob Fuller discuss the latest computer security news.  Special guests are Vyrus and CP from the dc949.org group.

Episode 11

Discussions covered the following topics:

Skynet, Advanced Dork, Google Site Indexer, These tools work worked on by CP and Vyrus and the dc949 group and are written as open source.

Rob brought up a Firefox add on called Barrier

Spoke of how we can use google alerts to help us in our daily tasks to track where our information is being sent out to.

Discussion ensued about Scroogle.org not to be confused with scoogle.com and how you can do secure searching though the site and that the site purges logs with in 48 hours.

A mention of Cisco was brought up and we also spoke of a visualized version for the Cisco Mips processors and the specific virtualized version of the Cisco 7200 Routers.

BlackBerry Encryption keys may be in the hands of the Indian Government as part of the deal with Rim.
Direct download: Securabit_EP11.mp3
Category:podcasts -- posted at: 11:31am EDT

SecuraBit Episode 10

(Apologies in advance for the short term 'wiki' look of these show notes, the public wiki will be up soon!)

On this Episode of Securabit:

Chris Gerling - Hak5chris

Chris Mills - ChrisAM

Anthony Gartner - AnthonyGartner

Jason Mueller - SecuraBit_Jay

Guest Chris Wilson

Episode 10 - A milestone!

We are all still alive even though the CERN Particle Collider has been started up.

OpenSource Projects, Software, Patches

Obama Sex Video Spam

New SecuraBit VPS! (We have since cancelled and will be moving to something else soon)

Linode with CentOS. However, no SELinux available

For CentOS help go to: #CentOS on irc.freenode.net

Tips for configuring the new server:

Disable root login on ssh Good passwords Lock down ports

The Securabit guys started using the CentOS distribution because of its interconnections with Snort

See this site for details on how to configure Snort on CentOS

In non-security related news:

Steve Jobs Apple Special Event "Let's Rock"
Apple did update QuicktTime and Bonjour: http://voices.washingtonpost.com/securityfix/2008/09/security_updates_for_ipod_touc.html?nav=rss_blog

Netbooks are everywhere: Even Commodore joins Netbook Crowd: http://news.cnet.com/8301-17938_105-10029963-1.html

Google Chrome:

Milworm Chrome Exploit/Vulnerabilities http://www.milw0rm.com/exploits/6353 http://www.milw0rm.com/exploits/6355 http://www.milw0rm.com/exploits/6365 http://www.milw0rm.com/exploits/6367 http://www.milw0rm.com/exploits/6372 http://www.milw0rm.com/exploits/6386 Google Chrome and Germany: http://www.salon.com/wires/ap/scitech/2008/09/09/D9338OT80_germany_google_chrome/index.html

MS commercial analysis: http://www.purpleslinky.com/Humor/Satire/A-Commercial-About-Nothing-Analysis-of-the-First-Microsoft-Seinfeld-Ad.245991

MS Mouse: http://www.maximumpc.com/tags/bluetrack

BREAK

Schneier and portable device security: http://www.schneier.com/blog/archives/2008/07/open_source_lap.html

        http://www.schneier.com/blog/archives/2005/07/risks_of_losing.html

Latest happenings with Securabit Looking for a Team and mentoring atmosphere Coming soon: New Site/wiki/forums on the Linode VPS

Chris Mills: Employer Security Expo

  Talked about Password Security and showed off Rainbow Tables/Ophcrack (http://ophcrack.sourceforge.net/) and Driftnet (http://ex-parrot.com/~chris/driftnet/)

BREAK

Chris Wilson

Direct download: Securabit_EP10.mp3
Category:podcasts -- posted at: 9:43am EDT

SecuraNibble:  Snort Sensor Tutorial

Chris Wilson brings us some Snort goodness with this 37 minute tutorial on how to build a snort sensor from scratch using CentOS.

I hope this is of use to everyone, it is very very well done!

Direct download: SecuraNibble_01.mp4
Category:podcasts -- posted at: 10:01am EDT

SecuraByte Episode 3

Last night we did a spontaneous hour long interview with the guys from HacDC, a Hackerspaces group.

Hosts:
Rob Fuller - Mubix
Chris Mills - ChrisAM

Chris Gerling - Hak5Chris

Guests:
Nick Farr - Treasurer HacDC
Mitch Altman - http://en.wikipedia.org/wiki/Mitch_Altman - NoiseBridge San Francisco
Bryce

HacDC  and Hackerspaces.

What is a Hackerspace?: Physical space where hackers make things, in
person place to do things rather in addition to online.  People can
work on their own projects and collaborate with others.

Mitch has been working on Brain machines.

Tips on how to start a hackerspace:

- Visit a hackerspace

- Document on Hackerspace design patterns (PDF).

- Go to Visit: Hackerspaces.org and email questions about getting started to info@hacdc.org

- Last Hope Talk: Building Hacker Spaces Everywhere: Your Excuses are Invalid - Nick Farr and Friends (MP3).

If I am not a member, can I go: Yes!

Some hackerspaces mentioned:

NY Resistor
C-base (Berlin Germany)
The Hacktory (Philadelphia)

Mitch working on SF Space, NoiseBridge
NoiseBridge email list

Intersting Hackerspace projects:

Blinkenlights -

Project Blinkenlights was a light installation in the Haus des Lehrers
building at the Alexanderplatz in Berlin that transformed the building
front into a giant low-resolution monochrome computer screen.



tmplab -

Paris France

http://www.tmplab.org/ (French)

Columbia heights Wireless -

The Columbia Heights Wireless Project aims to provide wireless access to
the Internet to HacDC's neighbors in Columbia Heights. This project, in
three phases, will help test different technologies and methods for
providing this access as well as building local neighborhood IT
infrastructure.

Direct download: Securabyte_EP03.mp3
Category:podcasts -- posted at: 12:05pm EDT

SecuraBit Episode 9

On this episode of SecuraBit:

Multiboot Security DVD

Mubix posted an awesome link on his blog to a Multiboot Security DVD that allows you to choose which common security distros, all on one medium!


OS Choices:

Backtrack 3

Damn Small Linux 4.2.5

GeeXBoX 1.1 (not geekbox )

Damn Vulnerable Linux (Strychnine) 1.4

Knoppix 5.1.1

MPentoo 2006.1

Ophcrack 1.2.2 (with 720 mb tables)

Puppy Linux 3.01

Byzantine OS i586-20040404


Make a bootable FAT32 USB stick using Unetbootin

Some distros the Securabit guys would like to see added:

Helix Intelguardians Samurai


RedHat/Fedora OpenSSH Compromises

As noted on the Securabit website, a Fedora and Red Hat Enterprise Linux servers were compromised.

The ComputerWorld Blog - Linux Security Idiots article explains how the servers were compromised

-Stolen SSH keys are used to gain access to the system

-After that, rootkit "phalanx2" is installed and steals more SSH keys

-Obviously this could be used to install any malware at all

The RHEL offshoot CentOS was not affected by the compromise.


Joomla Vulnerability

US CERT Joomla! Password Reset Vulnerability

Joomla Core Exploit Announcement - Password Remind Functionality

Joomla user password reset vulnerability being actively exploited


BREAK

After Break Banter

Italy tries to ban PirateBay

Awesome Quote: "Fear makes the wolf look bigger"


Best Western Pwned

Originally Discovered by The Sunday Herald. As many as 8 million accounts compromised

Best Western Response


Vulnerbilty of BGP

This exploit of Border Gateway Protocol allows the attacker to monitor internet traffic and forward it to anywhere in the world. Five hours of traffic was forwarded to New York during Defcon 16. This vulnerability is going to be bigger than the Kaminsky DNS Vuln. Speaking of Dan, he loves Securabit!

Defcon presentation from Anton Kapela and Alex Pilosov

Border Gateway Protocol

Wired - Revealed: The Internet's Biggest Security Hole

Wired - More on BGP Attacks -- Updated


The Middler

Jay Beale - Middler - Release it already! DefCon Talk

Audio Steganography

Hiding information by slightly altering the binary sequence of a sound file

From simple algorithms that insert info in the form of signal noise, to more powerful methods that exploit sophisticated signal processing techniques to hide information.

LSB coding (least significant bit):  substitute with a binary msg

Parity coding

Phase coding:  #  The original sound signal is broken up into smaller segments whose lengths equal the size of the message to be encoded.

A Discrete Fourier Transform (DFT) is applied to each segment to create a matrix of the phases and Fourier transform magnitudes.

Phase differences between adjacent segments are calculated.

Phase shifts between consecutive segments are easily detected. In other words, the absolute phases of the segments can be changed but the relative phase differences between adjacent segments must be preserved. Therefore the secret message is only inserted in the phase vector of the first signal segment as follows:

Spread spectrum

Two versions of SS can be used in audio steganography: the direct-sequence and frequency-hopping schemes. In direct-sequence SS, the secret message is spread out by a constant called the chip rate and then modulated with a pseudorandom signal. It is then interleaved with the cover-signal. In frequency-hopping SS, the audio file's frequency spectrum is altered so that it hops rapidly between frequencies.

Least Significant Bit


BREAK


Security Justice stops by

Tom and Dave from Security Justice

-Search for pics of Mubix gets you this

-Shmoocon will have another Podcasters Meetup and Hak5 will be there.

-List of Hacker/Security Con's

Forensic recovery on SSD

SSD Forensics:

- no physical security hooks that prevent them from being removed from enclosures

- ultraviolet laser to wipe out lock bits (encryption) from fuses on chips that secure SSDs

- overall easier to erase data on SSD (with encryption)

vs HDD Forensics:

- Harder to fully erase data 9have to overwrite or physically damage)

- easier to fully encrypt

Jim handy: hacker could easily unsolder NAND chips from an SSD and read the data using a flash chip programmer, then reassembled using data recovery software.

SSDs are hot, but not without security risks

Scott A. Moulton presentations on data recovery and forensics.

Contact Securabit

Securabit Website and Forums

IRC: #securabit on irc.feenode.net

Join us on LinkedIn

Skype Number: (469) 277-2248

Follow us on Twitter - Securabit

Delicious Tag: securabit

Direct download: Securabit_EP09.mp3
Category:podcasts -- posted at: 8:59am EDT