SecuraBit
SecuraBit Before It Bytes!
SecuraBit Episode 43 – The Academy Pro

SecuraBit Episode 43 – The Academy Pro

Guest Interview: Peter Giannoulis of The Academy Pro

Metasploit Rising

http://blog.metasploit.com/2009/10/metasploit-rising.html

WordPress 2.8.5: Hardening Release
http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/

Blubrry PowerPress Podcasting Plugin for WordPress
http://www.blubrry.com/powerpress/

Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Google Voice voicemails appearing in public search results
http://www.engadget.com/2009/10/19/google-voice-voicemails-appearing-in-public-search-results/

TweetDeck
http://www.tweetdeck.com/beta/

Porn, CSS History Hacking, User Recon and Blackmail
http://ha.ckers.org/blog/20091021/porn-css-history-hacking-user-recon-and-blackmail/

Windows 7
http://www.microsoft.com/windows/

Magic Mouse
http://www.apple.com/magicmouse/

Quick Shell Script to Extract Contents
http://pinowudi.blogspot.com/2009/10/quick-shell-script-to-extract-contents.html

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit

Guest:
Peter Giannoulis

Links:
The Academy Pro - http://www.theacademypro.com/
The Academy Home - http://www.theacademyhome.com/

Don't forget to listen to the end of the show for the guest appearances by both Kermit the Frog and Sean Connery

Direct download: SecuraBit_EP43.mp3
Category:podcasts -- posted at: 10:21am EDT

SecuraBit Episode 42 - Phreaking Sweet Con in TN.
SecuraBit Episode 42 – Phreaking Sweet Con in TN.
Phreaknic 13 – October 30 – November 1 2009
Phreaknic Curse
CCTV throughout hotel, great + for attending the con
Ware Chair Toss
Firing a jet engine in the parking lot.
Four Tracks
1 Cumberland (Main ballroom)
2 9th Floor (Vendor Area)
3 Cafe Area (Gaming)
4 Contest Area
Size of conferences
ShmooCon
Running Conferences
#RoachesMustDie from ShmooCon 2009 via Security Justice
Microsoft Security Essentials - http://www.microsoft.com/security_essentials/
New iTunes Store - http://www.apple.com/itunes/
Metasploit hiring in Austin, TX
New version of Pocket God for the iPhone
Hacker Consortium - http://hackerconsortium.com/

Join us in IRC at irc.freenode.net #securabit
Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit
Guest:
SkyDog
Links:
Direct download: Securabit_EP42.mp3
Category:podcasts -- posted at: 12:09pm EDT

SecuraBit Episode 41 - Speaking of Cons, and forensics...
SecuraBit Episode 41 - Speaking of Cons, and forensics...
Part 1: Marcus Carey
Dojocon - http://www.dojocon.org/ - @dojocon
November 6 & 7, 2009
Capitol College Maryland

Part 2: Scott Moulton

blackberry stuff:
bitpim

Hosts:
Chris Gerling  – @chrisgerling
Jason Mueller – @securabit_jay
Andrew Borel – @andrew_secbit
Anthony Gartner –  AnthonyGartner.com - @anthonygartner
Guest:
Marcus Carey - http://www.dojocon.org/ - @dojocon
Links:
Dojocon - http://www.dojocon.org/ - @dojocon
Direct download: SecuraBit_EP41.mp3
Category:podcasts -- posted at: 10:12am EDT

SecuraBit Episode 40 - Paul WHO????
SecuraBit Episode 40 - Paul "Pauldotcom" Asadoorian
Renaud script to go from Nmap to Nessus
Interview with Paul Asadoorian (PaulDotCom/Tenable/Nessus)
Intro Questions:
  • Who are you, and what are you doing on THIS podcast?
  • Tell us about the PaulDotCom podcast (I’ve talked to SecuraBit listeners who have never heard of PDC)
  • How long have you been using Nessus?
  • When did you start working for Tenable?
  • What is your role at Tenable?
Nessus Questions:
  • What’s new in this version of Nessus?
  • Are changes driven primarily by Tenable, or the community?
  • What does Nessus use for a scanning engine?
  • How does Nessus interact and work with Nmap?
  • Explain Nessus licensing and what an individual vs a corp is entitled to.
  • How much is a license?
  • Cost of proffesional feed = $1200.00/year
  • Home feed no longer a delay, no SCADA plugins
  • How does Nessus differ from OpenVAS?
  • Can you use the OpenVAS repo with Nessus?
  • Talk about the extensibility of Nessus. (Scripting, etc)
  • How does Nessus work with OVAL definitions? How does this help for FDCC compliance?
  • Does tenable have any dedicated appliances for enterprise scanning and monitoring based on nessus?
Implementation and Operation questions (How Paul Does Things):
  • Do you place scanning servers on each segment of the network, or do you scan through zone-to-zone firewalls? Why?
  • Is there a practical limit to the number of deices that can be scanned by one scanning server? Or is it just a time tradeoff?
  • How often do you scan (and re-scan) a network?
  • How do you handle the results (and avoid dropping a 300 page Nessus report on the server guys and saying FIX IT)
  • Are results parse-able and able to be fed into compliance and risk management tools?
Other Questions:
  • When is the next PaulDotCom episode?
  • What are the topics/guests?
  • What is your favorite beer?
Hosts:
Anthony Gartner – AnthonyGartner.com @anthonygartner
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit
Ed Smiley - @edsmiley
Guest:
Paul Asadoorian - @pauldotcom - http://www.pauldotcom.com
Links:
Tenable Network Security Blog and Podcast - http://blog.tenablesecurity.com/
Direct download: SecuraBit_EP40.mp3
Category:podcasts -- posted at: 10:11pm EDT