SecuraBit Episode 23: The Echo Show!!! with Guest Marcus Carey

We had a brief discussion about hackerspaces. Chris Gerling is looking into starting a hackerspace in the Richmond, VA area.

Next we cover the details about SUMO LINUX 2.0 with our guest Marcus Carey.

SUMO LINUX 2.0
– Based on a stable version of Debian so we can update with Debian packages and Unbuntu Packages.
-Windows response tools will be added.
-Build a wiki with detailed documentation of all the tools included to make it easy for a newbie to get started.
-No plans for multi-boot.
-Distributed out via Bit Torrent.
-Memory analysis and RAM dumping. Cheap USB sticks have really helped with this. The analysis is also proving to be a big help in forensics.
-Will be coordinating the project on the Securabit forums (http://forums.securabit.com/index.php?showforum=9)
-User feedback will help us make it better for everyone.
-Post in the forum if you are interested in helping out.

Other News Items
-Homebrew patches for zero days in the enterprise.
-Cell phones and international roaming charges at the border.
-What hardware tools should you have in a forensic toolkit?

Have something you want plugged on Securabit? Send it to [email protected]

If you are interested in helping with the Richmond, VA area hackerspace contact Chris Gerling.

Hosts
Anthony Gartner – AnthonyGartner.com @AnthonyGartner
Chris Gerling – Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills – ChrisAM @packetsense
Jason Mueller – @Securabit_Jay

Guest
Marcus Carey ñ SUMO LINUX http://www.sumolinux.com

Links
Hackerspaces http://hackerspaces.org
SUMO LINUX http://www.sumolinux.com
Adobe Zero Day http://isc.sans.org/diary.html?storyid=5902&rss
Excel Zero Day http://isc.sans.org/diary.html?storyid=5923  & http://www.microsoft.com/technet/security/advisory/968272.mspx
Forensic Talon http://www.logicubeforensics.com/products/hd_duplication/talon.asp

Live Streaming Notice – Wednesday Feb 25

Securabit will be recording live tomorrow, Wednesday Feb. 25th, starting around 7:30PM EST. With any luck, we will start recording around 8:00PM EST. Join us as we discuss SUMO 2.0 and other security news.

We will try our best to start the streams around the time indicated above. The live feed can be found here. Also, join us on IRC in #securabit on irc.freenode.com and on Stickam. Don’t forget you can listen to the Securabit stream 24/7/365 on Securabit Radio.

SUMO Linux 2.0

Marcus Carey has launched a wiki at the SUMO Linux website and we encourage anyone who has an interest in this project to go check it out and start creating/editing pages related to the tools and distribution.

SecuraBit Episode 22: Shmoocon 2009 Recap

Episode 22 Shmoocon Recap

We reflect back on Schmoocon 2009, the Podcasters Meetup, and look foward to DEFCON.
Also we cover patch Tuesday, Back|Track 4, and a community replacement for Helix.

Hosts:
Anthony Gartner – AnthonyGartner.com @AnthonyGartner
Chris Gerling – Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills – ChrisAM @packetsense
Jason Mueller – @Securabit_Jay

Links:
Schmoocon
Podcasters Meetup
Microsoft Security Bulletin MS09-003
Microsoft Security Bulletin MS09-004
Back|Track 4
DEFCON
Helix

Replacing Helix

As you might’ve heard on Episode 22, we’re teaming up with Marcus J. Cary of SUMO Linux to create a single DVD that will replace Helix (from a free standpoint).

We have a forum post started and are in definite need of all who wish to help out. Our goal is community support and to keep this available for fellow security professionals no matter what.

Live Streaming Notice – Wednesday Feb 11

Securabit will be recording live tomorrow, Wednesday Feb. 11th, starting around 7:30PM EST.  With any luck, we will start recording around 8:00PM EST.  Join us as we discuss Shmoocon 2009, the Podcaster’s Meetup, and other security news.

We will try our best to start the streams around the time indicated above.  The live feed can be found here.  Also, join us on IRC in #securabit on irc.freenode.com and on Stickam.  Don’t forget you can listen to the Securabit stream 24/7/365 on Securabit Radio.

Back|Track 4 is live!

For any of you who are interested, BT4 is now readily available for download here!  The official release has not yet been released and this is a special ShmooCon edition that is in BETA, I repeat BETA phase.  There may/will be some bugs so be patient.  In the meantime keep checking the official BT4 Blog to stay updated!

[email protected] [email protected]##

Shmoocon Podcaster Meetup Live Audio

Here is the audio from the meetup on 2/6 if anyone is interested. We’re releasing this on our feed for anyone who doesn’t follow pauldotcom. It’s not edited, just raw audio.  Enjoy!

**HUGE THANKS TO MUBIX FOR SETTING THIS UP!  CAN’T WAIT TO DO IT AGAIN AT DEFCON17!**

Thanks to all who came!

 

Episode 20: Time Warp Again!

Sorry folks, we will not be releasing episodes out of order anymore.

In this episode we discuss:

Managing IP space inside a company network. Attributing a device on the network to an employee / function.

Standardizing vulnerability management using Security Content Automation Protocol (SCAP) and Open Vulnerability Assessment System (OpenVAS).

And briefly touch on the Obama Administration’s Outline for their Cyber Security Strategy.

Use our Forums!

Don’t forget to give us a feedback on Itunes so we can bump the old shows off the list.

Thanks again for all the donations for the Tip Jar.

Hosts:

Anthony Gartner – AnthonyGartner.com @AnthonyGartner
Chris Gerling – Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills – ChrisAM @packetsense
Andrew Borel – @Andrew_Secbit

Special Guest:

Tim Krabec (@tkrabec) of the SMBMinute.com

Important links for the show and documents used:

Open Vulnerability Assessment System
Security Content Automation Protocol
Obama Administration Outlines Cyber Security Strategy
More Cyber Security Regulations Recommended

SecuraBit EP 21 HP Security reasearchers speak with SecuraBit

In this special episode of Securabit we are interviewing Billy Hoffman and Prajakta Jagdale. Billy is the author of the book Ajax Security. Prajakta is a Security Research Engineer with HP and is presenting at this year’s ShmooCon.

Hosts:

Anthony Gartner – AnthonyGartner.com @AnthonyGartner
Chris Gerling – Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills – ChrisAM @packetsense
Jason Mueller – @Securabit_Jay

Special Guests:
Billy Hoffman (http://en.wikipedia.org/wiki/Billy_Hoffman)
Prajakta Jagdale (http://www.linkedin.com/pub/4/93a/785)

Important links for the show and documents used:
HP (http://www.hp.com/)
Ajax Security (http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939)
NoScript (http://noscript.net/)
SchmoonCon (http://www.shmoocon.org/presentations-all.html#flash)