Live from the PaulDotCom Security Weekly Studio....
- Sponsored by Core Security, listen for the discount code at the end of the show
- Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
- Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
- Please go update our frapper map!
- Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
- Full Show Notes
Hosts: Larry Pesce, Paul Asadoorian, "Twitchy"
Email: psw@pauldotcom.com
Direct Audio Download
Direct Video Download - War Driving
Tidbits of randomness:
The first Kung Fu quote sounded like it was from Drunken Master... wicked awesome.
I pimp pauldotcom.com to Cumberland Farms employees.
Some Cumberland Farms employees know how to print on a bank's printer wirelessly. (well the one I pimped the site to knows how)
Twitchy once climbed two floors of windows (with a lowercase w).
The snort.org contest apparently ended almost a year ago.
What does pauldotcom.com look like in IE?
A) perfect
B) some problems
C) really messed up
D) I don't remember
E) I don't know
Correct answer: E.
Pauldotcom.com pw3ns your soul.
I have to kill myself now for using "pw3ns".
Twitchy can hack anything, a stop light, a soda machine, your mom... anything.
Rooting the Twitchy browser is a federal offence.
until $(ls psw-25.mp4); do wget http://hydrogen.oshean.org/psw-25.mp4; sleep 900; done; mplayer -loop 0 psw-25.mp4
Well,
I will try this answer and see what happens.
It is Monday and I have watched the potato cannon and there was no war driving.
So the answer for this weeks question (so far) is Paul and Larry found zero access points while wardriving and none of them were encrypted.
I love hardware destruction! Ah...good to be a gangster...
94 access points. 8 of the 94 protected.
Sorry, my last post was not quite the correct answer: There were 94 access points found, 86 of which were unencrypted.
You guys found 94 APs, only 8 of which were "protected".
Stephen Barnes
(Newtownabbey, Northern Ireland)
Well now I look kind of foolish...after about 20 minutes after my post the video comes up.
There were 94 AP's found and only 8 of them had any protection
Hey Paul, Larry & Twitchy,
You were asking for advice on a Windows-based IPS, and since you guys are Core Whores, I can't believe you haven't mentioned Core Force. http://force.coresecurity.com/ It is free and extremely customizable with configs being developed by a loyal community. You can setup a rule for Internet Explorer that only allows it to read a certain part of the registry but never right, write cache files to the hard drive but never execute and more. Core even ported a lot of firewall functionality from OpenBSD's pf providing full inbound/outbound stateful firewalling. It is hardCore. BTW, I was looking to bust you guys' balls...Larry posted on his blog in Nov the announcement that was sent out from Core about Core Force.
Additionally, on the topic of host-based IPS, check out Slipfest. http://slipfest.cr0.org/ The author recently updated it to coincide with his talk at CanSecWest. Very cool stuff for testing just how effective your Windows IPS is...or if you just want to break stuff.
Keep kicking @ss!
-jhs
http://www.johnhsawyer.com
[PaulDotCom - Core Force, of course! It was beta the last time we looked at it, time to get it back in the labs :) Thanks for the reminder!]