Securabit Episode 17 for xmass Santa gave us an Nmap book to give away!!!

This is a unique episode for SecuraBit, we are teaming up with the Security Justice Podcast to do a double header show. SecuraBit recorded their show from 8-9 EST, then handed off the reins to Security Justice to finish out the night. In doing so we had a combined set of prizes. Winning the prize required that you listen and get the correct answer to a trivia question given on SecuraBit. You also had to listen to the Security Justice Podcast to and know the answer to their question. SecuraBit even manged to start on time as well as hand off on time. It was a very different type of show due to trying to condense everything in to a single hour. (Good thing we didn’t have any real content, Just kidding!)

We opened the show but because Jay needed to switch some things out we actually went to a break faster than normal. When we returned from the break Jay was back with us. We started to go into the new Microsoft Zero Day, and Jay informed us that he had been out of the loop for a week but since the patch only came out 73 minutes before he found out about it he figured he was right on time.

The next topic was Chris Gerling going to SANS and taking the forensics 508 course. Chris then told us that he felt like he should never have picked up a helix disk based on the level of knowledge he has now compared to before the course. We also discussed that many states are requiring a Private Investigators license to do forensics. That none of us on the show agreed that this was a good idea, but yet several lobbyists have been pushing for this very idea. Jay asked the question about what was thought about the BGP security vulnerability. Anthony discussed a new site he went to as a security review.

After the break, we went into the trivia question. The trivia Question was: What are the flags you have to set in order to do an NMAP-style XMAS scan in Unicornscan? We will post the winner soon in conjunction with the Security Justice podcast. After the trivia question we went into thoughts on what to do about prior employees, handling creditials, voice mails, and emails. We referenced the guy in San Francisco who was fired from the job, but yet still was able to hold the network he left hostage.

Send all answers to the trivia question to [email protected]

Don’t forget to give us a feedback on Itunes so we can bump the old shows off the list.

Thanks again for all the donations for the Tip Jar.

Hosts:

Rob Fuller – Mubix, room362.com
Anthony Gartner – AnthonyGartner.com
Chris Gerling – Hak5Chris, Chrisgerling.com
Chris Mills – ChrisAM
Jason Mueller – SecurabitJay

Important links for the show and documents used:

No links this time!

Episode 17 Recording and Trivia notice!

From our friends at Security Justice:
On Wednesday, December 17th listen to the SecuraBit podcast starting at 8PM EST then listen to Security Justice at 9PM EST for your chance to win a copy of the new Nmap Network Scanning book and a $25 gift card to Chili’s/Macaroni Grill/Maggiano’s Restaurants. Please note only US listeners are eligible to win the contest.
How’s the contest going to work?
There will be two trivia questions you will need to answer.  One will be given on SecuraBit and the other on Security Justice during the live podcasts on Wednesday night.  The first listener to correctly answer both questions will win both the book and the gift card.  Details on where to submit the correct answers will be given on the SecuraBit podcast beginning at 8PM EST.
Details for listening to the SecuraBit podcast at 8PM EST
Click here to listen live
Join the chat on IRC: irc.freenode.net #securabit
Details for listening to the Security Justice podcast at 9PM EST
Click here to listen live
Join the chat on IRC: irc.freenode.net #securityjustice

Forum Support

Hey all,

If you’re looking for something to do with your free time and have good knowledge of the Invision Power Board suite, we’re in need of an admin or two, especially to help out with the fake registrations we’re being spammed with.  They’re coming in about a dozen or two per day and frankly I just don’t have time to sift through who is real and not.  We’d love to get our forums active with real people instead of bots who want us to use Viagra.  Contact us at feedback(at)securabit{dot].com or use the contact form on the site.  I have actually fixed the feedback address so we will all get it.

Thanks!!

Securabit Episode 16 How many F-Bombs are required for $40

In this episode we talk about Chris Gerling attending the SANS Cyber Defense Initiative 2008 in Washing DC.  He will be taking the Security 508 Computer Forensics, Investigation, and Response course.  If you are at the conference please make sure you look for Chris.  He also plans to take the new GPEN test while there.  We might be bringing the sock monkey to Shmoocon and have him do some interviews.

We also spoke about how few businesses are actually checking a persons signature or id for credit cards.  Most businesses are simply not checking the cards like they should be. Chris is beginning to wonder if they will card his fiancee between now and when they get married.

After the break we came back and mentioned that we were not going going to drop the Fbomb for 40 bucks as was hinted at in the chat room.  Went into the issue of dns forwarding being done on  CheckFree.com The article was actually from The Washington Post by Brian Krebs.  Anthony put a shout out to Ed Smiley for sending both Mubix and Anthony a copy of  1password.  It was a Great hookup.  Then we covered various apps on the IPhone.  We touched on what the encryption is on a 3g network.  We found a great powerpoint slide show explaining it.

After the last break we went into firewall set ups.  Everyone but Anthony is running FIOS so the discussion on how to set up the coax or ethernet wan links ensued.  You will just have to listen to it to see what kind of sense it makes.  We did get lots of comments from our faithfull in the irc channel (irc.freenode.net #Securabit).  From there the show just went down hill with strippers and alcohol.

Don’t forget to give us a feedback on Itunes so we can bump the old shows off the list.

Thanks again for all the donations for the Tip Jar.

Hosts:

Rob Fuller – Mubix, room362.com
Anthony Gartner – AnthonyGartner.com
Chris Gerling – Hak5Chris, Chrisgerling.com
Chris Mills – ChrisAM
Jason Mueller – SecurabitJay

Special Guest: Joel Esler from sourcefire.com and Joelesler.net

Important links for the show and documents used:

http://www.sans.org/cdi08/
http://www.sans.org/training/description.php?mid=98
http://www.sans.org/press/giac_pentest_cert.php
http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-bill.html?nav=rss_blog