Join us on the 10th to hear and participate in this interview.

Live Stream: http://radio.packetsense.net:8000/listen.m3u

IRC Chat: irc://irc.freenode.net/securabit

About Brian Krebs: http://www.krebsonsecurity.com/about/

We should be live around 8pm EST tonight, join us on IRC or listen in live at this link!

If you haven’t taken the Security 508 course yet we have an excellent opportunity for you!  Rob will be teaching the SEC508 (Forensics) course via the SANS vLive! platform beginning 3/23/2010.  Classes will occur every Tuesday and Thursday until 4/29/2010 from 7-10PM EDT.

Chris Gerling has taken the 508 course and recommend anyone who is interested in computer forensics take it as well.  Even if you aren’t a full-time forensic examiner, the information you take away from the class will help you in all aspects of information security.  Understanding how file systems and memory work can be crucial.

Please check out the course and register at this link!  Use code SB508 to get a free GCFA certification attempt with the purchase of the full course.

Guests:
Bruce Potter – Shmoocon – @gdead
Steve Dispensa – CTO and Co-founder of PhoneFactor - http://www.phonefactor.com/about/management-team/steve-dispensa/ @dispensa
Marsh Ray – PhoneFactor – @marshray

Recent goings on:
If you are going to DC3 CyberCrime Conference contact Jason Mueller (@securabit_jay) to meet up!
Sean Hausauer and David Shpritz join the crew!  Check out their blog postings!

SANS vLive!
January 26, 2010 @ 2PM EST  – Joshua Wright – Wireless Security (1 hour)
Use coupon code SECURABIT for $20.00 registration fee. Regularly $495.00
http://www.securabit.com/2010/01/13/sans-vlive-with-joshua-wright/

First Guest – Bruce Potter – Shmoocon – @gdead

Logistics of putting on a conference.
New events!
Ticket sales process is constantly evolving.

Wardman Park in 1920′s:  http://www.shorpy.com/files/images/29398u.jpg
ShmooCon 2010 FireTalks:  http://www.novainfosecportal.com/2010/01/06/shmoocon-2010-firetalks/
Podcasters Meetup:  http://www.podcastersmeetup.com/

PhoneFactor:
How to fix SSL/TLS in software
The process of working with vendors to get a solution implemented.
Project Mogul

End:
Join us on January 27, 2010 when we speak with Phillipe Gaumeche about the ConFoo.Ca conference.
Chat with us on IRC at irc.freenode.net #securabit

Links:
Shmoocon - http://www.shmoocon.org/
PhoneFactor - http://www.phonefactor.com/

Not on the air:
Andrew Borel – @andrew_secbit

Listen live

Guest Interview: Peter Giannoulis of The Academy Pro

Metasploit Rising

http://blog.metasploit.com/2009/10/metasploit-rising.html

WordPress 2.8.5: Hardening Release
http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/

Blubrry PowerPress Podcasting Plugin for WordPress
http://www.blubrry.com/powerpress/

Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Google Voice voicemails appearing in public search results
http://www.engadget.com/2009/10/19/google-voice-voicemails-appearing-in-public-search-results/

TweetDeck
http://www.tweetdeck.com/beta/

Porn, CSS History Hacking, User Recon and Blackmail
http://ha.ckers.org/blog/20091021/porn-css-history-hacking-user-recon-and-blackmail/

Windows 7
http://www.microsoft.com/windows/

Magic Mouse
http://www.apple.com/magicmouse/

Quick Shell Script to Extract Contents
http://pinowudi.blogspot.com/2009/10/quick-shell-script-to-extract-contents.html

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit

Guest:
Peter Giannoulis

Links:
The Academy Pro - http://www.theacademypro.com/
The Academy Home - http://www.theacademyhome.com/

Don’t forget to listen to the end of the show for the guest appearances by both Kermit the Frog and Sean Connery

This week we interview Zach Lanier aka @Quine, the Security Twits manager.    We ask all about Security Twits as well as delve into some security topics in the second half.    Listen all the way through to hear us as our normal selves without serious guests, it’s a riot!

Security Twits is a listing of security professionals on Twitter. It’s a great opportunity to discover other great people in our community. Go to http://www.security-twits.com/ for more details and follow @securitytwits as well as @quine on twitter.

Hosts: Anthony Gartner – http://www.anthonygartner.com – @anthonygartner

Chris Gerling – http://www.chrisgerling.com – @hak5chris

Christopher Mills – http://www.packetsense.net – @thechrisam

Jason Mueller – http://www.securinate.com – @securabit_jay

Guest: Zach Lanier – http://n0where.org/ – @quine

Links:

http://en.wikipedia.org/wiki/Conficker

http://www.adam.com.au/bogaurd/PSYB0T.pdf

http://it.slashdot.org/article.pl?sid=09/03/23/2257252&from=rss

http://ciscofatty.com/

We reflect back on Schmoocon 2009, the Podcasters Meetup, and look foward to DEFCON.
Also we cover patch Tuesday, Back|Track 4, and a community replacement for Helix.

Hosts:
Anthony Gartner – AnthonyGartner.com @AnthonyGartner
Chris Gerling – Hak5Chris, Chrisgerling.com @Hak5chris
Chris Mills – ChrisAM @packetsense
Jason Mueller – @Securabit_Jay

Links:
Schmoocon
Podcasters Meetup
Microsoft Security Bulletin MS09-003
Microsoft Security Bulletin MS09-004
Back|Track 4
DEFCON
Helix

We opened the show but because Jay needed to switch some things out we actually went to a break faster than normal. When we returned from the break Jay was back with us. We started to go into the new Microsoft Zero Day, and Jay informed us that he had been out of the loop for a week but since the patch only came out 73 minutes before he found out about it he figured he was right on time.

The next topic was Chris Gerling going to SANS and taking the forensics 508 course. Chris then told us that he felt like he should never have picked up a helix disk based on the level of knowledge he has now compared to before the course. We also discussed that many states are requiring a Private Investigators license to do forensics. That none of us on the show agreed that this was a good idea, but yet several lobbyists have been pushing for this very idea. Jay asked the question about what was thought about the BGP security vulnerability. Anthony discussed a new site he went to as a security review.

After the break, we went into the trivia question. The trivia Question was: What are the flags you have to set in order to do an NMAP-style XMAS scan in Unicornscan? We will post the winner soon in conjunction with the Security Justice podcast. After the trivia question we went into thoughts on what to do about prior employees, handling creditials, voice mails, and emails. We referenced the guy in San Francisco who was fired from the job, but yet still was able to hold the network he left hostage.

Send all answers to the trivia question to feedback@securabit.com

Don’t forget to give us a feedback on Itunes so we can bump the old shows off the list.

Thanks again for all the donations for the Tip Jar.

Hosts:

Rob Fuller – Mubix, room362.com
Anthony Gartner – AnthonyGartner.com
Chris Gerling – Hak5Chris, Chrisgerling.com
Chris Mills – ChrisAM
Jason Mueller – SecurabitJay

Important links for the show and documents used:

No links this time!

Multiboot Security DVD

Mubix posted an awesome link on his blog to a Multiboot Security DVD that allows you to boot common security distros, all on one medium!
OS Choices:

• Backtrack 3
• Damn Small Linux 4.2.5
• GeeXBoX 1.1 (not geekbox )
• Damn Vulnerable Linux (Strychnine) 1.4
• Knoppix 5.1.1
• MPentoo 2006.1
• Ophcrack 1.2.2 (with 720 mb tables)
• Puppy Linux 3.01
• Byzantine OS i586-20040404

Make it into a bootable (NTFS formatted) USB stick using Unetbootin

Some distros the Securabit guys would like to see added:

1. Helix
2. Intelguardian’s Samurai

RedHat/Fedora OpenSSH Compromises

As noted on the Securabit website, a Fedora and Red Hat Enterprise Linux servers were compromised.

The ComputerWorld Blog – Linux Security Idiots article explains how the servers were compromised

• Stolen SSH keys are used to gain access to the system
• After that, rootkit “phalanx2″ is installed and steals more SSH keys
• Obviously this could be used to install any malware at all

The RHEL offshoot CentOS was not affected by the compromise.

Joomla Vulnerability

• US CERT Joomla! Password Reset Vulnerability
• Joomla Core Exploit Announcement – Password Remind Functionality
• Joomla user password reset vulnerability being actively exploited

After Break Banter

• Italy tries to ban PirateBay
• Awesome Quote: “Fear makes the wolf look bigger”

Best Western Pwned

• Originally Discovered by The Sunday Herald. As many as 8 million accounts compromised
• Best Western Response

Vulnerbilty of BGP

This exploit of Border Gateway Protocol allows the attacker to monitor internet traffic and forward it to anywhere in the world. Five hours of traffic was forwarded to New York during Defcon 16. This vulnerability is going to be bigger than the Kaminsky DNS Vuln. Speaking of Dan, he loves Securabit!

• Defcon presentation from Anton Kapela and Alex Pilosov
• Border Gateway Protocol
• Wired – Revealed: The Internet’s Biggest Security Hole
• Wired – More on BGP Attacks — Updated

The Middler

Jay Beale – Middler – Release it already! DefCon Talk

Audio Steganography

Hiding information by slightly altering the binary sequence of a sound file

From simple algorithms that insert info in the form of signal noise, to more powerful methods that exploit sophisticated signal processing techniques to hide information.

LSB coding (least significant bit):  substitute with a binary msg

Parity coding

Phase coding:  #  The original sound signal is broken up into smaller segments whose lengths equal the size of the message to be encoded.

A Discrete Fourier Transform (DFT) is applied to each segment to create a matrix of the phases and Fourier transform magnitudes.

Phase differences between adjacent segments are calculated.

Phase shifts between consecutive segments are easily detected. In other words, the absolute phases of the segments can be changed but the relative phase differences between adjacent segments must be preserved. Therefore the secret message is only inserted in the phase vector of the first signal segment as follows:

Spread spectrum

Two versions of SS can be used in audio steganography: the direct-sequence and frequency-hopping schemes. In direct-sequence SS, the secret message is spread out by a constant called the chip rate and then modulated with a pseudorandom signal. It is then interleaved with the cover-signal. In frequency-hopping SS, the audio file’s frequency spectrum is altered so that it hops rapidly between frequencies.

Least Significant Bit

Security Justice stops by

Tom and Dave from Security Justice

• Search for pics of Mubix gets you this
• Shmoocon will have another Podcasters Meetup and Hak5 will be there.
• List of Hacker/Security Con’s

Forensic recovery on SSD

SSD Forensics:

• no physical security hooks that prevent them from being removed from enclosures
• ultraviolet laser to wipe out lock bits (encryption) from fuses on chips that secure SSDs
• overall easier to erase data on SSD (with encryption)

vs HDD Forensics:

• Harder to fully erase data 9have to overwrite or physically damage)
• easier to fully encrypt

Jim handy: hacker could easily unsolder NAND chips from an SSD and read the data using a flash chip programmer, then reassembled using data recovery software.

• SSDs are hot, but not without security risks
• Scott A. Moulton presentations on data recovery and forensics.

Contact Securabit

Securabit Website and Forums

IRC: #securabit on irc.feenode.net

Join us on LinkedIn

Skype Number: (469) 277-2248

Follow us on Twitter – Securabit

Delicious Tag: securabit

Free Videos by Ustream.TV

Special thanks to:

Tom@SecurityJustice

surbo and hevnsnt from I-Hacked

Larry@Pauldotcom

Martin McKeay@Network Security Podcast

CyberEagle@Sploitcast

Rob aka Mubix

and everyone else who made this event happen!