Where does the name PaulDotCom come from?
Many people ask where "PaulDotCom" comes from and why I chose this name. "PaulDotCom" is my nickname because, in case you haven't figured it out from the web site, I'm a geek. A friend of mine a while back just blurted it out and its stuck ever since. Please do not confuse me with "paul.com", thats a different "paul". Fast forward to today, and we present to you PaulDotCom Enterprises, an organization dedicated to security, hacking, and education. It encompasses weekly podcasts, monthly webcasts, security consulting, and numerous articles, papers, and presentations. Our mission is as follows:
"PaulDotCom Security weekly's mission is to provide free content within the subject matter of IT security news, vulnerabilities, hacking, and research. We strive to use new technologies to reach a wider audience across the globe to teach people how to grow, learn, and be security ninjas. The mixture of technical content and entertainment will continue to set a new standard for podcasting and Internet TV."
Who is behind PaulDotCom?
Paul AsadoorianPaul Asadoorian is currently the "Product Evangelist" for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning "PaulDotCom Security Weekly" podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry's finest. Paul has a background in penetration testing, intrusion detection, and is the co-author of "WRT54G Ultimate Hacking", a book dedicated to hacking Linksys routers.
Larry Pesce (GAWN-Gold, GCIH-Gold, GCFA)Larry is a Senior Security Consultant with NWN Corporation in Waltham, MA. He also diverts a significant portion of his attention co-hosting the PaulDotCom Security Weekly podcast, and leads the research efforts in many areas, including projects such as "Evil" USB thumb drives, hiding rogue access points, and tinkering with wireless, RFID, Cellular SIM cards and metadata. Larry has also presented at Shmoocon and DEFCON, and was a contributing author to "How to Cheat at Configuring Open Source Security Tools" and "Wireshark and Ethereal" and is the co-author of "Linksys WRT54G Ultimate Hacking" from Syngress.
John Strand (CISSP, GIAC Gold in the GCIH and GCFW)John is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at vimeo.com/album/26207. John started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. He then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a master's degree from Denver University and is also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing. More of John's incoherent thoughts, ramblings, videos, articles and pictures can be found on his blog, http://www.john-strand.com and via Twitter at https://twitter.com/strandjs .
Carlos 'Dark0perator' PerezCarlos is an IT Consultant working for a large IT Integrator in the areas of Security, Networking and Virtualization. He covers the region of Central America, Caribbean and Puerto Rico. He was a tactical instructor and still provides tactical training. Above all, he is a father, husband, and is proud to be an American. He contributes to Open Source Projects like Metasploit and Backtrack, and loves to write code in Python, Ruby, Powershell, T-SQL and Bash. His main area of interest is post exploitation, and while most security researchers stop after obtaining shell access, he is a strong beliver that with shell, the fun starts. Many of his scripts and musings are on his website http://www.darkoperator.com/.
Mick Douglas (CISSP, GCIH, GSNA)Mick is a community level instructor for the SANS institute and has taught SANS 504 "Hacker Techniques, Exploits and Incident Handling" and SANS 507 "Auditing Networks, Perimeters & Systems". He is a senior contributor to the PaulDotCom weekly security podcast. While Mick enjoys and actively participates in penetration testing, his true passion is defense -- tweaking existing networks, systems, and applications to keep the bad guys out. In addition to his technical work, Mick jumps at every chance to participate in a social engineering engagement. Mick has a bachelor's degree from The Ohio State University in Communications. In his spare time, you'll likely find him fleeing all things electronic by scuba diving, trying in vain to improve his photography skills, and either hiking or camping. You can follow Mick on Twitter at twitter.com/bettersafetynet .
The Birth of PaulDotCom
It started when Paul Asadoorian (a.ka. PaulDotCom) needed a new venue for information about current vulnerabilities and security trends. Recent projects he had worked on allowed him to give regular presentations that were sent across live video feeds for small audiences. When this project ended, he learned of podcasting and saw it as a perfect medium to disseminate this information. Thus, PaulDotCom Security Weekly was born.
The first recording was done at a SANS conference in Los Angeles on October 27, 2005. The focus has always been on current events in IT security, underground hacking news, and stories coupled with technical segments that are significant, but do not always get widespread coverage. The technical content and in-depth interviews set this series apart from some of the other information security podcasts and radio shows. Examples of Nmap commands, finding vulnerabilities with Nessus, and many wireless hacking tutorials are common for PaulDotCom. In February 2006, PaulDotCom Security Weekly TV was introduced, providing short video segments which highlight technical content, including Bluetooth hacking, and war driving.
Today, PaulDotCom tries to take advantage of the latest technology to deliver timely, technical content. You can find them online in the IRC channel, read the show notes in their wiki, check the blog for the latest happenings, and even purchase the infamous "Hack Naked" gear in the Cafepress store. Our mission is clear; continue to use the latest technology to provide technical analysis and insight in a friendly and entertaining manner. We always looking for new ways in which to deliver this message. We get together each week in a relaxed environment to talk shop and drink beer (which has become an integral part of the "relaxed environment").
* Excerpts taken from "Introducing: Podcasts from PaulDotCom Security Weekly", January 22nd, 2007 By Stephen Northcutt.