SecuraBit
SecuraBit Before It Bytes!
SecuraBit EP 23 The Echo Show!!!  with Guest Marcus Carey

We have a brief discussion hackerspaces. Chris Gerling is looking into starting a hackerspace in the Richmond, VA area.

Next we cover the details about SUMO LINUX 2.0 with our guest Marcus Carey.

SUMO LINUX 2.0
- Based on a stable version of Debian so we can update with Debian packages and Unbuntu Packages.
-Windows response tools will be added.
-Build a wiki with detailed documentation of all the tools included to make it easy for a newbie to get started.
-No plans for multi-boot.
-Distributed out via Bit Torrent.
-Memory analysis and RAM dumping. Cheap USB sticks have really helped with this. The analysis is also proving to be a big help in forensics.
-Will be coordinating the project on the Securabit forums (http://forums.securabit.com/index.php?showforum=9)
-User feedback will help us make it better for everyone.
-Post in the forum if you are interested in helping out.

Other News Items
-Homebrew patches for zero days in the enterprise.
-Cell phones and international roaming charges at the border.
-What hardware tools should you have in a forensic toolkit?

Have something you want plugged on Securabit? Send it to Feedback@securabit.com.

If you are interested in helping with the Richmond, VA area hackerspace contact Chris Gerling.

Hosts
Anthony Gartner - AnthonyGartner.com @AnthonyGartner
Chris Gerling - Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills - ChrisAM @packetsense
Jason Mueller - @Securabit_Jay

Guest
Marcus Carey ñ SUMO LINUX http://www.sumolinux.com

Links
Hackerspaces http://hackerspaces.org
SUMO LINUX http://www.sumolinux.com
Adobe Zero Day http://isc.sans.org/diary.html?storyid=5902&rss
Excel Zero Day http://isc.sans.org/diary.html?storyid=5923  & http://www.microsoft.com/technet/security/advisory/968272.mspx
Forensic Talon http://www.logicubeforensics.com/products/hd_duplication/talon.asp

Direct download: SecuraBit_EP23.mp3
Category:podcasts -- posted at: 9:03am EDT

SecuraBit Episode 22 Episode 22 Schmoocon Recap

We reflect back on Schmoocon 2009, the Podcasters Meetup, and look foward to DEFCON.
Also we cover patch Tuesday, Back|Track 4, and a community replacement for Helix.

Hosts:
Anthony Gartner - AnthonyGartner.com @AnthonyGartner
Chris Gerling - Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills - ChrisAM @packetsense
Jason Mueller - @Securabit_Jay

Links:
<a href="http://www.shmoocon.org/">Schmoocon</a>
<a href="http://www.podcastersmeetup.com/">Podcasters Meetup</a>
<a href="http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx">Microsoft Security Bulletin MS09-003</a>
<a href="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx">Microsoft Security Bulletin MS09-004</a>
<a href="http://backtrack4.blogspot.com/">Back|Track 4</a>
<a href="https://www.defcon.org/">DEFCON</a>
<a href="http://www.e-fense.com/products.php">Helix</a>

Direct download: SecuraBit_EP22.mp3
Category:podcasts -- posted at: 12:54pm EDT

Shmoocon Podcaster Meetup Live Audio Here is the audio from the meetup on 2/6 if anyone is interested.  We're releasing this on our feed for anyone who doesn't follow pauldotcom.  It's not edited, just raw audio so if you have any complaints keep them to yourself. ;)

Thanks to all who came!
Direct download: ShmooCon09-PodcasterMeetup.mp3
Category:podcasts -- posted at: 6:35pm EDT

Episode 20: Time Warp Again! Sorry folks, we will not be releasing episodes out of order anymore.

In this episode we discuss:

Managing IP space inside a company network. Attributing a device on the network to an employee / function.

Standardizing vulnerability management using Security Content Automation Protocol (SCAP) and Open Vulnerability Assessment System (OpenVAS).

And briefly touch on the Obama Administration's Outline for their Cyber Security Strategy.

Use our Forums!

Don’t forget to give us a feedback on Itunes so we can bump the old shows off the list.

Thanks again for all the donations for the Tip Jar.

Hosts:

Anthony Gartner - AnthonyGartner.com @AnthonyGartner
Chris Gerling - Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills - ChrisAM @packetsense
Andrew Borel - @Andrew_Secbit

Special Guest:
 
Tim Krabec (@tkrabec) of the <a href="http://smbminute.com/">SMBMinute.com</a>

Important links for the show and documents used:

<a href="http://www.openvas.org/">Open Vulnerability Assessment System</a>
<a href="http://en.wikipedia.org/wiki/Security_Content_Automation_Protocol">Security Content Automation Protocol</a>
<a href="http://www.diigo.com/annotated/5e5c73ed44f27f40631af447951b4bf8">Obama Administration Outlines Cyber Security Strategy</a>
<a href="http://www.washingtonpost.com/wp-dyn/content/article/2008/12/08/AR2008120801944.html">More Cyber Security Regulations Recommended</a>
Direct download: SecuraBit_EP20.mp3
Category:podcasts -- posted at: 6:21pm EDT

SecuraBit EP 21 HP Security reasearchers speak with SecuraBit
In this special episode of Securabit we are interviewing Billy Hoffman and Prajakta Jagdale. Billy is the author of the book Ajax Security. Prajakta is a Security Research Engineer with HP and is presenting at this year's ShmooCon.

Hosts:

Anthony Gartner - AnthonyGartner.com @AnthonyGartner
Chris Gerling - Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills - ChrisAM @packetsense
Jason Mueller - SecurabitJay

Special Guests:
Billy Hoffman (http://en.wikipedia.org/wiki/Billy_Hoffman)
Prajakta Jagdale (http://www.linkedin.com/pub/4/93a/785)

Important links for the show and documents used:
HP (http://www.hp.com/)
Ajax Security (http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939)
NoScript (http://noscript.net/)
SchmoonCon (http://www.shmoocon.org/presentations-all.html#flash)HP's very own Prajakta Jagdale (She is the security research engineer for
HP's Web Security Research Group) & Matt Wood (HP Web
Security Research Group) join SecuraBit for a very informative discussion.

Questions on Ajax, Flash, and Web Application security.
Direct download: SecuraBit_EP21.mp3
Category:podcasts -- posted at: 11:02am EDT