From PaulDotCom Security Weekly

Click here to register for Offensive Countermeasures & Metasploit Post-Exploitation training at the Mid-Atlantic CCDC!

---

Contents 1 Sponsors 2 Announcements & Shameless Plugs 3 Tech segment: How to stay in the 'good buzz' zone during Shmoocon 4 Stories For Discussion 5 IRC Channel Link Game

Sponsors

• Tenable Network Security - This episode sponsored by Tenable network security. Tenable is a developer of enterprise vulnerability, compliance and log management software, but most notably the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more. Tenable also offers a Nessus Professional Feed to detect vulnerabilities in your network today! Tenable – Unified Security Monitoring!

• Core Security - This episode is also sponsored by Core Security Technologies, helping you penetrate your network. Now version 10.0 with WiFi-fu good to go! Rock out with your 'sploit out! Listen to this podcast and qualify to receive a 10% discount on Core Impact, the worlds best penetration testing tool.

• Trustwave Spiderlabs - Trustwave's SpiderLabs - providing advanced information security services to planet Earth. Visit them online at trustwave.com/spiderlabs!

Announcements & Shameless Plugs

Welcome to PaulDotCom Security Weekly, Episode 139 for February 7th, 2009. A special live Shmoocon show for security professionals and by security professionals who love to party!

• Shmoocon! - new and improved formula with a PaulDotCom booth, our live webcast and shmooball cannon exctasy! Be sure to hear Larry and Dave Lauer speak on building Shmooball launchers in Washington DC Feb 6
• PaulDotCom Upcoming Events - Security webcast galore and the PaulDotCom weekly planner on all PSW events.
• Melissa on Twitter AKA @Geekgrrl - Self described "Introvert. Geek. Christian. Wife. Admin. ..." and now contributer to the PaulDotCom Sweeper madness!
• HACK NAKED TV - Hack Naked TV! Episode 1 and 2 are out. Look for more goodies here!
• PaulDotCom SANS Click-Through - Go there, register for some of the best training available! Go now or we show you our third nipples!
• Register for SANS Security 560: Network Penetration Testing and Ethical Hacking
• SANS Saskatechewan - Larry is teaching the 6 day wireless track (SEC 617) in Regina on March 23 - 28, 2009. Come hear him pronounce 'Regina'!
• One Schmoocon ticket donor asked us to mention the SANS class SEC606 - Data and Drive Forensics
• Best Of Webcast Series - Part I - Best Of Network Penetration Testing Tools - Get the slides and listen to the archived presentation here
  • Best presentation I've seen all year! - hevnsnt, www.i-hacked.com

Tech segment: How to stay in the 'good buzz' zone during Shmoocon

Stories For Discussion

• The middler gets released! This just in, Josh Wright releases 4 wireless tools in the time it took Jay Beale to give the presentation! Get it Here!

Feeddemon Buffer Overflow - [PaulDotCom] - Three letters, W-T-F "Bkis recommends that users of FeedDemon should be careful when importing RSS feed lists from untrustworthy sources. "

Detecting Binary Packers With Snort - [PaulDotCom] - Very cool stuff on detecting a binary payload as it traverses the network and detecting which binary packer was used to pack it. This implementation uses snort rules, I think that a pre-processor is a much better idea for performance and flexibility.

PassiveX on IE8, W00t! - [PaulDotCom] - Sweet, can't wait to play with this one. Yet more browser abuse, bashing, hacking, and cracking. Defense is becoming much harder for the browser every day, maybe I'l just use my RSS reader, oh wait...

Saying "No" isn't always the best answer - [PaulDotCom] - This post brings up some good points, like really how do you prevent your employees from visiting social networking sites? Sure, you can block them at work, but what about your mobile work force with cellular Internet and hotspots? Okay, you can even block them on the client system, so that they will use the home computer to setup Facebook, LInked IN, and even MySpace. The real answer is you need to educate your users, AND monitor these sites for content related to your organization. A Google alert or two doesn't hurt.

phpBB Hack - [Larry] - Great write up of the phpBB hack by the attackers. Just goes to show that even the developers can get owned - nothing like third party addins.

Google Latitude - [Larry] Google's interesting new GPS location "tracking service". This one has potential for all sorts of potential abuses.

Backtrack 4 - [Larry] - W00t! BT4. Nuff said. Muts rocks.

Netware GWIA buffer overflow - [Larry] - Yeah, I know, Novel Groupwise for e-mail...but, all you need to do is sent an RCPT command with an overly long e-mail address...

Broswer explots make it to meatspace - [Larry] - Get a "ticket" for bad parking, and go to the website listed to see the pictures of you parking like a moron. On the site, you get owned with a broswer sploit...

HP Printer directory traversal - [Larry] - Nothing like a gold old web interface directory traversal vulnerability that allows for documents left in the document cache that has already been printed. I'm in agreement with the SANS handler assessment, that this stuff won't go away any time soon, as this stuff is really low in the priority list for patches...

IRC Channel Link Game

http://blogs.technet.com/swi/archive/2009/01/30/xss-filter-improvements-in-ie8-rc1.aspx

http://www.labnol.org/internet/microsoft-outlook-ruins-birthday-cake/6824/