PaulDotCom's Blog

PaulDotCom Is Moving

Tue, 15 Nov 2005 16:37:19 GMT

After pulling my hair out (Yes, I have hair now :) for the past week or so I've finally got my new site operational. I am very excited to have complete control of my site, blog, and RSS feeds.

You can now access my blog, podcasting, and all content by going directly to:

http://pauldotcom.com

I will be updating my blog frequently with the latest security news, research, geek stuff, and of course PaulDotCom Security Weekly.

I am also going to move over my entries from livejournal to the new site as time permits. You can still access the content through the following links:

http://pauldotcom.com/podcast/ - PaulDotCom Security Weekly
http://pauldotcom.com/blog/ - My security/geek stuff blog

Enjoy!

Please send me your feedback/comments/suggestions:

Paul Asadoorian

(This will be the last post to this blog)

.com

Home Computer and Network Security Course

Mon, 14 Nov 2005 20:42:02 GMT

I will be teaching the SANS Stay Sharp course titled Home Computer and Network Security

This course will cover:

In this class, you will learn about many different threats, antivirus programs, firewalls, anti-spyware, identity theft, Phishing, how to create strong passwords and more. This course will give you the basic skills you need to protect yourself from various threats on the Internet whether you are at home, on the road or at work.

It will be held on January 18, 2006 from 6:00PM-9:00PM at OSHEAN in N. Kingstown, RI.

The cost of the course if $50.00 per student and you can REGISTER HERE

Tell all your friends :)

.com

IPS Bake-Off

Mon, 14 Nov 2005 14:44:00 GMT

Ed Skoudis & Mike Poor if Intelguardians tested 5 Intrusion Prevention Systems, including how well they handled evasion techniques. You may be surprised at the results...

http://informationsecurity.techtarget.com/

.com

PaulotDotCom Security Weekly - Episode 2 - Nov 11, 2005

Sun, 13 Nov 2005 13:40:23 GMT

Our second episode has been released! We've got a whole new audio setup and sounding pretty better than ever (although that's not saying much). Here are this weeks show notes/topics:

- We beat the Sony DRM drum a few times because, well, we were the only ones who hadn't yet
- You can get a list of CD's that have the rootkit HERE
- We covered the MS05-053 exploit
- Botnets that use HTTP/HTTPS, presentation HERE
- Tracking MIT Students
- Sniffing passwords and clear text protocols, from the excellent blog by Bruce Schneier
- The overrated Linux Worm
- Fun (and profit) with Rainbow Tables

Hosts: Larry Pesce, Paul Asadoorian
Sound: Andrew Veitch

Direct Mp3 Download Link

Special thanks to OSHEAN for providing the bandwidth.

.com

We're On iTunes!

Wed, 09 Nov 2005 20:02:21 GMT

We are proud to announce that PaulDotCom Security Weekly is now available via the iTunes music store:

You can get Episode 1 and the Marty Roesch interview. We are planning to record Episode 2 this Friday and release it sometime this weekend.

If you've got comments/suggestions/topics please send them to us:

Paul Asadoorian
Larry Pesce

Stay tuned...

.com

Oracle: Policies can protect passwords

Tue, 08 Nov 2005 15:08:27 GMT

"In response to criticism published by two researchers last week that the protection mechanism for Oracle database user passwords is weak, Oracle is reminding users to apply good password protection policies..."

http://news.com.com/2061-10789_3-5924051.html?part=rss&tag=feed&subj=news

First off, even a strong password by most people's standards could be cracked within hours with the proper setup (and you wouldn't necessarily need a fast machine). Second, table permissions only solve part of the problem as the password hash can be sniffed off the network. Oracle needs to wake up...

.com

Spyware company believed to help bust botnet

Tue, 08 Nov 2005 13:20:31 GMT

What could their motivation be? How about help me I'm being DoS'd:

"...180Solutions contacted the FBI after the botnet controllers launched a distributed denial-of-service (DDoS) attack against the company for terminating its distribution contract."

Read the full article here

.com

PaulDotCom Security Weekly - RSS Feed Update

Mon, 07 Nov 2005 03:10:22 GMT

We finally have an RSS feed for our podcast, the direct link is here:

http://pauldotcom.com/podcast/psw.xml

We are also registered in iTunes (pending approval), and ODEO.

.com

Unsecured Wi-Fi Would Be Outlawed By N.Y. County

Sat, 05 Nov 2005 13:50:13 GMT

"The draft proposal offered this week would compel all "commercial businesses" with an open wireless access point to have a "network gateway server" outfitted with a software or hardware firewall."

Here's a tip, when making a law you should at least know what a firewall is and how it works. This is a pretty ridiculous law, especially considering that most of the risks on wireless networks relate to unprotected clients and insecure wireless protocols, both of which have nothing to do with a "network gateway server".

http://news.zdnet.com/2100-1035_22-5934194.html

PaulDotCom Security Weekly - Special Edition - Marty Roesch Interview

Fri, 04 Nov 2005 20:53:35 GMT

We are proud to bring you our second podcast, an exclusive interview from SANS 2005 in LA with Marty Roesch, creator of Snort, an open-source intrusion detection system, and co-founder/CTO of Sourcefire:

Download It Here

Marty talks about:

- The history of Snort
- Recent Back Orifice buffer overflow
- New and exciting technologies at Sourcefire
- His love for Mac (which we share)

(We apologize in advance for the poor audio quality, new equipment is on the way. If you have suggestions or comments feel free to drop me a note, paul /at/ pauldotcom.com).

Again, thanks to our sponsor OSHEAN for providing the bandwidth.

"Snort saved my bacon"

.com

Mwcollect - Malware Collector

Fri, 04 Nov 2005 16:01:54 GMT

"mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. The first versions were used to collect binaries for botnet monitoring and bots are still what mwcollect is mostly used for collecting."

http://www.securiteam.com/tools/6S0050AEKI.html

This is definitely a tool I want to try out...

.com

Suspected bot master busted

Fri, 04 Nov 2005 15:04:23 GMT

" "This is the first case to charge someone for using bots for generating profits," said James Aquilina, Assistant U.S. Attorney for the Central District of California and the prosecutor on the case. "

http://www.securityfocus.com/news/11353

I believe this is a trend we are going to see continue as botnets become yet even more popular and evil.

.com

More pics from LA

Thu, 03 Nov 2005 22:12:58 GMT

Pics from PaulDotCom Security Weekly - Episode 1 (Which was sponsored by the wonderful folks at Core Security):

http://pauldotcom.com/PSW-Episode1/

General pics from the trip:

http://pauldotcom.com/SANSLA2/

.com

Mwcollect - Malware Collector

Thu, 03 Nov 2005 21:47:46 GMT

"mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. The first versions were used to collect binaries for botnet monitoring..."

Sounds like a tool I need to play around with...

http://www.mwcollect.org/

.com

SANS LA 2005 - Final Thoughts

Mon, 31 Oct 2005 22:24:52 GMT

Well the conference is over and I am back home now filled with all sorts of good information. We spent the last day talking about PKI (try to contain your excitement). My brain is fried, so I will post the rest of the pictures and video from the conference at a later date.

One interesting note is that PEAPv2 is in the works and allows for different inner authentication types.

.com
-

MSN CAPTURE - MSN Messenger Packet Parser

Sat, 29 Oct 2005 15:59:40 GMT

This looks like a neat tool, however I can think of no legitimate purpose. Although the sample conversation in the comments of the code is pretty funny.

http://www.securiteam.com/tools/6Y00O1PEAE.html

.com

SANS LA Day 5

Sat, 29 Oct 2005 14:20:42 GMT

Josh's class was pretty cool yesterday. We got to the section on how to get around VPN protected wireless networks, here are a couple of the tools:

- Superscan 4 - This updated free tool from Foundstone will let you enumerate registry entries over NULL Sessions.
- nstx - Makes it possible to tunnel IP traffic in DNS queries using recursive lookups and the TXT record type.

Also:

- We also learned that Asleap can crack PPTP passwords too.

We got a chance to get to Little Tokyo last night. Had some good sushi and other Japanese dishes. We also found that Little Tokyo was in a a not-so-good part of town and were approached by panhandlers and other shady people (not before I got a ninja t-shirt though!).

More pictures coming soon...

.com

SANS LA Day 3 & 4

Fri, 28 Oct 2005 14:40:59 GMT

I cannot even begin to describe just how much good stuff they have packed into this conference. We've been non-stop since we got here, here are the highlights from the past two days:

- We did some mapping of the LA area and generated some maps. You can find them here and here. The second one is interesting, green represents WEP, red represents default configuration with no WEP, and blue is open.

- We also took some pictures. I like this one the best, you can correlate it with some of our maps if you look close.

- Our homework from class yesterday was to find three rogue access points that were hidden inside the hotel. This is challenge considering we find it difficult to find our rooms (even when we haven't been drinking). We found one, then decided to eat.

- Ed Skoudis of Intelguardians gave a fantastic talk on hacking for fun and profit. It seems that hacking is a big business now (you can get $500 per hour, per 100 thousands nodes rent for your botnet). Scary stuff, heck why buy or build yourself when you can just rent.

Stay tuned....

.com

PaulDotCom Security Weekly - Episode 1

Thu, 27 Oct 2005 16:38:25 GMT

We recorded the first episode of "PaulDotCom Security Weekly", our new podcast. It was recorded last night at SANS LA and we talked about:

- Oracle Password vulnerabilities
- Nokia smartphone worms
- Botnets
- FBI Romanian hacking case
- Terrorism and improvised explosives
- And much more!

This episode was sponsored by Core Security - an outstanding penetration testing tool.

Download it here

I promise future episodes will have show notes and be available via iTunes and other podcast sources. Bear with us as we put it all together :)

(Thanks to our other sponsor, OSHEAN, for providing the bandwidth)

.com

Assessment of Oracle Password Hashing Algorithm

Thu, 27 Oct 2005 16:14:37 GMT

This paper discussing several weaknesses in Oracle's password hashing algorithm as presented by Joshua Wright. Reminds me of LANMAN....

Download the paper here | digg story

SANS LA Day 2

Wed, 26 Oct 2005 15:07:17 GMT

Well Day 2 is behind is us now and as usual we can feel our brains getting full. I spent the day learning about how wireless networks operate at layer 1 (which involves a little bit of physics, math, and RF engineering). Interesting stuff!

The 802.11n standard is going to be pretty cool, its based on 802.11a but will provide speeds of 100mb/s. Its going to be a while, considering that they had to vote on how to pronounce MIMO ("My-Moe"). I wonder how long that took!

Oh, and make certain that everyone goes and gets the FCC's frequency allocation chart.

We then sat in on a talk titled "Terrorism and the use of improvised explosives". It was a nice diversion from the technical stuff, gave us some insight on the groups and their motivations. We actually had a few drinks with the presenter, ex-FBI agent, really cool guy. Shed some light on things like how three-letter-government agencies changed after Sept. 11th, how FBI agents go through airport security fully armed (I was always curious about that), and gave me a web site to visit to provide more information on terrorist groups, www.mipt.org.

I have more juicy stuff, but can't talk about it (otherwise those black suburbans will come pick me up), but I will have more information about some cutting edge wireless hacking tools that have not yet been released, and of course some pictures!

I think we are going to record our first podcast tonight from the revolving bar on the top floor of the hotel. More to come!

.com

3 DVDs for $12 shipped

Tue, 25 Oct 2005 15:20:22 GMT

A really good DVD deal, few Kung Fu Movies thrown in there too, such as:

- Iron Monkey
- Jackie Chan's Dragon Lord
- China Strike Force

And more!

Okay, off to class now...

http://www.slickdeals.net/#p6639

.com

SANS LA DAY 1 - Botnets

Tue, 25 Oct 2005 03:36:13 GMT

It was a fun day with Mike Poor learning about botnets. We learned about an awesome tool for analyzing sessions in a tcpdump capture file called chaosreader. Also found a cool wen site that will convert stuff (like ASCII to base64, etc...) call Snarkles.

Mike is the man, he really liked our idea for creating a RI Internet Storm Center, and I've actually got some more ideas for this project, so stay tuned.

We also decided that our podcast will be completely independent of any organization, which means we get to the set the content, topics, format, and basically talk about whatever we want. We are actively drinking and trying to find a name for the podcast, but decided that we would keep the format to IT security. We have guests lined up and plan to do our first episode this week.

$1.95 burgers and nachos at McCormick & Schmick's were awesome.

Off to go hack something (that won't land me in an orange jumpsuit, because well, orange isn't my color).

.com

SANS LA - Day 0

Mon, 24 Oct 2005 13:44:38 GMT

We have landed! our flights out were actually trouble free and quite pleasant. I watched two Kung Fu movies on the way out, Shaolin Against Lama and Screaming Tiger. Shaolin Against Lama was by far the better flick, some awesome action and good choreography. Jimmy Wang Yu was a little disappointing in Screaming Tiger, until the end fight scene that involves throwing people from trains and fighting in the river with a waterfall (reminded me of Kung Pow: Enter the fist, of rather the original movie that was based called Savage Killers (AKA Tiger and Crane Fists).

The hotel, the Westin Bonaventure, is really nice. Its the same one that they filmed True Lies at (I'm waiting to see Arnold hanging out one of the glass elevators any minute now). Our cab driver was cool too, he was Armenian (so am I :).

We checked out the revolving bar (it spins on its own), which was really cool. Gotta go now and get ready to learn about botnets....

.com

Podcasts I listen to

Sun, 23 Oct 2005 15:20:09 GMT

Many people ask me which podcasts I have been listening to, so here it goes:

- TWIT (This Week In Tech) - All the old screensavers crew does a weekly podcast about geek stuff.

- Diggnation - Kevin and Alex rock. Weekly commentary on the social bookmarking site digg.com (See my diggs here).

- Security Now! - Steve Gibson and Leo Laporte talk about secuirty topics. Ironically this weeks episode is about wireless security. Heh.

- KFI's Tech Guy - Another Leo Laporte podcast, good stuff.

- Learning Chinese - A very cool take on learning Chinese, phrases you can use. Kinda fun (And funny).

I also have all of the Digital Life podcasts from Patrick Norton, but haven't listened to them yet.

Enjoy!

.com