PaulDotCom Security Weekly - Episode 4 - Nov 25, 2005
Black Friday Edition
- Another 0-day IE exploit has been released, no patch yet, but M$ has acknowledged it
- Paul put up the Frsirt version of a working POC that starts calc.exe
- Use Firefox, or go straight to the bleeding edge with Flock, integrates del.icio.us bookmarks and blogging to the web browser
- Check out Paul's Asparagus recipe collection
- Sony Bashing Round 3, Amazon calls them "Defective", $SYS$ T-Shirts, Sony has ninjas, Tape can bypass DRM, M$ Anti-Spyware will remove, Create canary file called "$sys$[something].txt" and if it goes away you have the Sony Rootkit (I call mine "$SYS$F-Sony.txt")
- Xbox360, crashing, Get metal sticks to hack
- Richard Stallman gets in trouble for wearing tin foil hats
- Lexus IS pedal sequence disables traction control
- M$ has a new security tool called "Windows Live Safety Center". Tells you about things like open ports, hard drive defrag notification, email us with feedback if you've used this tool
- New SANS Top 20 released this week
- TAOSecurity Blog, Good and Bad about the sans top 20, new book available at amazon called "Extrusion Detection", Security Awareness training not effective?
- Shadow Crew busted and pleaded guilty
- Exploiting the stack series from Security Compass
- To kill or not to kill...a pix, Remote DoS Vulnerability, Exploit Available, Workarounds available
- OSSRC, ("Open Source Snort Rules Consortium") created to make snort rules better
- Symantec to stop selling LC5 outside US, use Cain instead
- Twofish rumored to be crackable
- Sign up for Schmoocon 2006 ("Bow To My Firewall")
- Tool Of The Week - John the Ripper - Password cracking tool, run the auto on debian install for Debian auto account audit, and use the something option to generate really good password dictionaries ("-rules" option).
- Wireless word of the week - EAP-TTLS (Extensible Authentication Protocol - Tunnel Transport Layer Security) - Requires only a server certificate, uses SSL tunnel for encryption, works with OS X built-in client, Windows client available called SecureW2, CIsco ACS is bad
(Bandwidth provided by OSHEAN, they're the opposite of Sony and IE)
