PaulDotCom Security Weekly - Episode 69 - May 10, 2007
Live from the PaulDotCom Security Weekly Studio....
- Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program.
- Sponsored by Core Security, listen for the new customer discount code at the end of the show
- Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more.
- Want some cool PaulDotCom Gear? D o you hack naked? Check out our Cafepress Store!
- Full Show Notes
Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian, Nick "Twitchy" Depetrillo, Andy Lockhart
Email: psw@pauldotcom.com
Audio Feeds: 
Comments
for the question of the week, here's a half-assed guess after a bunch of half-assed google searches:
PaX
Posted by: adk | May 21, 2007 01:44 AM
Heard you say people are asking about more security podcasts. Marcus Ranum has one that just started called RearGuard Security http://www.rearguardsecurity.com/
It shows promise.
Posted by: Shanghai | May 22, 2007 09:59 AM
For Andy's Syngress Question - what ASLR algorithm was used in the old RedHat kernels (RH9, FC1 and such). My best guess is that I believe he was referring to Exec-Shield’s PIE algorithm (Position Independent Executables). I remembered something being discussed on the dailydave regarding RH's ExecShield with a flawed PT_GNU_STACK.
References -
http://lists.immunitysec.com/pipermail/dailydave/2007-May/004340.html
http://docs.fedoraproject.org/release-notes/fc1/x86_64/ - PIE
http://x82.inetcop.org/h0me/papers/FC_exploit/FC_exploit.txt
http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=15604&mode=thread&order=0&thold=0
Posted by: Kvetch | May 29, 2007 08:47 PM
Andy is right, I suggested the fake WEP packets on the wifi list ages ago and it was discussed and decided that it wouldn't help.
Posted by: robin | June 22, 2007 10:48 AM