Live from SANS Las Vegas Network Security 2007!

I'd like to thank SANS for having us back, Dave Cool, Rich Mogull for helping out, props to Mike Poor (C.E.O Chief Entertainment Officer), and Eliot from Hack A Day for hanging out and providing t-shirts. Also, our sponsors gave us TONS of free stuff to give away, such as iPod Nanos, Amex and Starbucks Gift cards, t-shirts, and a really cool light saber.

• Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today!
• Sponsored by Core Security, listen for the new customer discount code at the end of the show
• Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more.
• Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
• Full Show Notes

Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian

Email: psw@pauldotcom.com

Direct Audio Download

(Bandwidth provided by OSHEAN)

Audio Feeds:

Oops! Sometimes we make mistakes on the podcast, and thankfully our listeners are kind enough to correct us. We incorrectly stated that there was not much difference between a dangling pointer and a NULL pointer, when in fact there is most certainly a difference. From listener "Mike":

A dangling pointer points to an arbitrary place in memory. A null pointer points specifically to memory address zero. Dereferencing the latter produces nasty results which vary by platform. Dereferencing the former produces nasty results which vary in crazier and less secure, (generally,) ways.

Of course, the press still may be a bit off when they report on this, calling things "new hacking techniques" as recently reported from watchfire. Refer to this thread on the daily dave for some insight. Also, check out "Exploiting the Otherwise Non-Exploitable on Windows", which came out a full year before the research from Watchfire.

PaulDotCom

The Live stream is active NOW! 9 AM to Noon PST, September 29th 2007 Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! we're not sure exactly how this will work during the live show, but let's experiment. Find us on IRC at irc.freenode.net #pauldotcom. When active, the live stream can be found at: http://hydrogen.oshean.org:8000 Please join us, and thanks for listening! - Larry

The Live stream is active NOW! 5 PM to Midnight PST, September 28, 2007 Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! we're not sure exactly how this will work during the live show, but let's experiment. Find us on IRC at irc.freenode.net #pauldotcom. When active, the live stream can be found at: http://hydrogen.oshean.org:8000 Please join us, and thanks for listening! - Larry

The live stream should be active about 8:30 PM EST (5:30 PST), Thursday September 27th. We should begin recording the live show at about 5:45 PM EST. Please keep in mind that these times are all estimates, but we will try to do the best that we can. Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! we're not sure exactly how this will work during the live show, but let's experiment. Find us on IRC at irc.freenode.net #pauldotcom. We're also trying to stream some additional content later this week, and we'll be sure to let you know! When active, the live stream can be found at: http://hydrogen.oshean.org:8000 Please join us, and thanks for listening! - Larry

All:

I would like to apologize for some of the recent web site outages. We have identified the problems and are working to fix them. We are in the process of changing all of our web hosting providers, for the mp3 files, blog, and email. So, if you're in the business and want to play "lets make a hosting deal" please contact me directly, paul /at/ pauldotcom.com.

Thank you for your patience...

PaulDotCom

Live from the PaulDotCom Security Weekly Studios...

• Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today!
• Sponsored by Core Security, listen for the new customer discount code at the end of the show
• Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more.
• Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
• Full Show Notes

Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian

Email: psw@pauldotcom.com

Direct Audio Download

(Bandwidth provided by OSHEAN)

Audio Feeds:

The live stream should be active about 6:30 PM EST, Thursday September 13th. We should begin recording the live show at about 7:00 PM EST. Please keep in mind that these times are all estimates, but we will try to do the best that we can. Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! Find us on IRC at irc.freenode.net #pauldotcom. When active, the live stream can be found at: http://hydrogen.oshean.org:8000 Please join us, and thanks for listening! - Larry

Live from the PaulDotCom Security Weekly Studios...

• Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today!
• Sponsored by Core Security, listen for the new customer discount code at the end of the show
• Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more.
• Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
• Full Show Notes

Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian

Email: psw@pauldotcom.com

Direct Audio Download

(Bandwidth provided by OSHEAN)

Audio Feeds:

The the live stream should be active about 6:30 PM EST, Thursday September 6th. We should begin recording the live show at about 7:00 PM EST. Please keep in mind that these times are all estimates, but we will try to do the best that we can.

Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! Find us on IRC at irc.freenode.net #pauldotcom.

When active, the live stream can be found at:

http://hydrogen.oshean.org:8000

Please join us, and thanks for listening!

- Larry

Live from the PaulDotCom Security Weekly Studios...

• Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today!
• Sponsored by Core Security, listen for the new customer discount code at the end of the show
• Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more.
• Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
• Full Show Notes

Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian

Email: psw@pauldotcom.com

Direct Audio Download

(Bandwidth provided by OSHEAN)

Audio Feeds: