All:

The July Late-Breaking Computer Attack Vectors webcast this month will be held on:

Wednesday, July 30, 2008 2:00 pm EDT (GMT -04:00, New York)

Register Here For This Webcast

This month we I will discuss some of the latest attacks, including:

• What you need to know about the DNS bug
• Tips for securing Mac OS X
• Hacked before you know it (without wires)
• Who has the key to your city?
• Nmap: The Book

This webcast will run about 45 minutes and I will focus on some cutting-edge attacks and defenses. The defensive recommendations will hopefully avoid situations like this:

:)

PaulDotCom

I remember when I first read that Bill Gates would take time off as "thinking time". I thought to myself, "Wow, like how unproductive, I could be hacking routers, testing wireless attacks, or breaking into something during that time".

Little did I know just how productive this time can be (say what you will now, but I think Microsoft has done pretty well over the years). So, somewhat in honor of Bill Gates (okay well not really) we will be taking a little time off. Our next podcast will be recorded on Thursday July 10th, 7:00PM EST. In the mean time, I will be doing some thinking, trying to unplug, enjoy this July 4th weekend and come back in better mental shape. I suggest that you do the same.

Maybe take a trip on the boat, spend some time with family, and get some rest. You'll need it for what we have in store :)

Happy 4th!

Cheers,
PaulDotCom

Procrastination. Say it with me now, P r o c r a s t i n a t i o n. We've all done it, been there in that situation where you know you've put something off for far too long. Maybe its mowing the grass. Maybe its your TPS reports. Maybe its that oil change 4,000 miles overdue. In our case, its our web site and mail server migration. Guess what turns out to be a great cure for procrastination?..... When your hosting provider takes a nose dive straight off the Internet and into the deep end of the pool (too bad there was no water).

Lets start with email. Sometimes we're slow with email (I already gave the procrastination speech, so I will spare you this time). However, if you tried to send us email lately (since the weekend), its not our fault. We can't get to our email at the moment. This has given me the chance to get a lot of other work done on our web and mail server migration. Sometimes you have to look at the glass as half full. My alternate email address is kungfuhacker -at- gmail.com. Email me there if you have any pressing issues or questions for the time being. Today or tomorrow, I make the big cutover and we move to Google hosted email. Say what you will about privacy and security, its a great service and I've got many more interesting things I would rather be doing than maintaining Postfix and SpamAssasin. We also picked up another VPS and will be hosting our web sites and DNS. You could say we are masters of our own domain now...

In the way of good news, I've got the wiki moved over to the new web site and its been upgraded to the latest version of MediWiki. The ever so kind wiki ninjas (byte_bucket and mmiller) have helped me with some of the formatting issues that cropped up. A thousand thanks guys.

The new web site is half installed, and our web guru is going to very quickly fix the stylesheets so you can all enjoy a much better web site design and color scheme. I am working on some of the content, which is horribly out of date. Simple things are a big win, like actually having a page that tells visitors where our IRC channel is and how to get there, and posting all of our articles, presentations, and papers in one easy to find place.

So, if we drop offline for a bit, don't worry, I'm working on "unclogging the tubes" and bringing PaulDotCom to a happy, stable, state so I can focus on all those wonderful security projects I keep meaning to get around to, when I get to them, not that I am procrastinating or anything....

PaulDotCom

All:

The March Late-Breaking Computer Attack Vectors webcast this month will be held on:

Wednesday, March 26, 2008 2:00 pm EDT (GMT -04:00, New York)

Register Here For This Webcast

This month we are sponsored by Mu Security, makers of a security analyzer series of products (aka automated fuzzing). Very cool devices! I will discuss some of the latest attacks, including RFID, attacking SIM cards, and more! Hope to see you there...

PaulDotCom

All:

In collabortation with SNENUG (The Southern New England Network Users Group), OSHEAN, and PaulDotCom, we are proud to bring you a good 'ole fashion Linux installfest! Got an old PC hanging around? Bring it by! Got a dusty old ipod or wireless router? Come get help with installing Linux, a free operating system that is fun to learn and hack with.

Members of PaulDotCom (Larry and Myself), in addition to some other Linux "gurus" will be at OSHEAN for a full day on Saturday April 5, 2008 to assist people installing Linux.

For more information and to register for this event click here.

I hope to see you all there (however seating is limited so be certain to register at the link above).

Cheers,

Paul

NOTE: Our streaming method has changed as of episode, and is reflected in the links below.

The 100th episode of PaulDotCom Security Weekly, W00t! There will be much rejoicing, the Skype lines will be open, we have multiple audio clips to play, and this just in, Bob's true identity revealed!

The live stream should be active about 6:30-7:00 PM EST, Thursday February 28th. We should begin recording the live show at about 7:00 PM EST. Please keep in mind that these times are all estimates, but we will try to do the best that we can.

Don't forget to join in on the IRC channel during the stream - we can take live comments and discussion from the channel! Find us on IRC at irc.freenode.net #pauldotcom.

Don't forget, this is a call in type event! We will have Skype active (id "pauldotcom"), or call in to 401-626-4636!

We using Ustream.tv for this and future episodes (now with video!). We understand the importance of this monumental event, and we will be attempting to make both audio streams available for this episode.

When active, the live stream(s) can be found at:

Ustream: http://ustream.tv/channel/pauldotcom-security-weekly

Icecast: http://radio.oshean.org:8000

Please join us, and thanks for listening!

- Larry & Paul

This is the first webcast in a monthly webcast series that we are putting on, so bear with us while we work out all of the logistics. I wanted to share the direct registration link:

Late Breaking Computer Attack Vectors - Feb 27 2:00PM EST

I am very excited about this new opportunity and hope you are able to listen in!

Cheers,

PaulDotCom

All:

I recently spoke for the SNENUG (Southern New England Network Users Group) and gave a short presentation on penetration testing. I introduced the basic concepts, steps, phases, and components of a penetration test. You can download the slides below:

Introduction To Penetration Testing

Enjoy!

PaulDotCom

PaulDotCom is proud to announce it has joined forces with SANS to bring three SANS short courses, all hands-on, to North Kingston, RI. These will likely be the most enjoyable short courses SANS you have ever taken! We have hand picked these courses for your benefit, offering them in a series that is certain to increase your knowledge and awareness surrounding the latest security topics.

Registration for these training courses can be found on the SANS Institute web site by following the links below.

SEC452 IP Packet Analysis
Instructor Larry Pesce from Care New England
February 26th, 2008 (3.5 hour course)
9:00AM-12:30PM
Registration & Course description

SEC514 Advanced Network Worm and Bot Analysis - Hands On
Instructor Steve Marcelino from Care New England
March 25th, 2008 (1 Day Course)
9:00AM - 5:00PM
Registration & Course description

SEC517 Cutting-Edge Hacking Techniques - Hands On (2-day)
Instructor Paul Asadoorian from OSHEAN, Inc.
April 15th-16th, 2008 (2 Day)
9:00AM - 5:00PM
Registration & Course Description

These training events will all be held at:

OSHEAN, Inc.
6946 Post Road
Suite 402
North Kingstown, RI 02852
Directions

Registration Discounts:

SANS offers a group discount rate for two or more individuals registering from the same organization. These course are more challenging and fun when you attend with a colleague. We also offer a special rate of $1,200 for attending all three classes. To obtain the discount code, you must send an email to mentor@sans.org requesting the code ***PRIOR TO*** registering for this course. We can not go back and re-register with the discount code once you have already registered.

Hope to see you all there!

PaulDotCom

PaulDotCom has teamed up with White Hat World to bring you a monthly 30-40 minute webcast titled "Late-Breacking Computer Attack Vectors". I will be hosting the technical discussions where I will b covering the trends happening in security for that month and defensive strategies. Details below:

When: February 27th 2:00PM EST (They will all occur on the last Wednesday of each month at 2:00PM EST,with the exception of November 25, 2008 and December 23, 2008)

Who: Hosted by Paul Asadoorian from PaulDotCom Security Weekly

What Is It? This lively session will discuss recent and anticipated computer and network attack vectors, highlighting the current trends in information security and hacking. Understand some of the most powerful tools and methods in the bad guys' arsenal today, most importantly how to defend your network against them. For each attack vector, we will look at practical, real-world solutions for stemming the tide and keeping your network a safer place.

Registration: Please visit http://www.whitehatworld.com for more information.

We are very excited about this opportunity and I also hope to release these as a podcast as well.

PaulDotCom