Episode36Script

From PaulDotCom Security Weekly

(15 Seconds of silince)

- Record thinger for Chuck about "Sea Trek"

(15 Seconds of silince)

(Record the Welcome Intro)

(More silence)

FiT Stinger

Contents 1 Theme Music, Episode 36 for July 13, 2006 2 Sponsors 3 Announcements 4 1 - 2 - Listener Feedback 5 [Music] Storytime With Twitchy 6 3 - 4 - News 7 5

Theme Music, Episode 36 for July 13, 2006

"Welcome to PaulDotCom Security Weekly, Episode 36 for July 13, 2006"

From the PSW studios

This is PaulDotCom Security Weekly, enabling security engineers everywhere to hack the matrix. I am your host, Paul Asadoorian. "And I am your co-host Larry Pesce". And back from Washington DC where, and I quote, he absolutely annihilated the hacker callenge Neo- style on the last day of class we have the the only Twitchy!

Hello to all of our live audience listeners via Skypecast. Oh wait Streaming Server!

Sponsors

This episode is sponsored by Syngress Publishing, helping you master the arts of hacking, cracking, and security-foo for just $19.99.

Larry:Whaaaaaa Soundboard:Gong

Listen to the question at the end of each show, then go to the pauldotcom blog and be the first to post the CORRECT answer to recieve a free copy of any in-stock book on the Syngress web site!

This episode is also sponsored by Core Security Technologies.

"Penetrate your network like a lot lizzard at the Truck Stop. I mean....like a hot knife through butter."

Listen to this podcast and qualify to receive a 10% discount on Core Impact, worlds best penetration testing tool.

We are also sponsored by the SANS Institute, where you can get schooled and like it!. Get hands-on training in intrusion detection, forensics, hacking and exploiting, and drinking beer....

Announcements

On to listener feedback...

Announcement: Larry in SC Magazine, Healthcare Informatics next month..."

Annoucenment: Larry will be at Blackhat/Defcon and Paul & Larry will be at SANS Las Vegas. Look for a live show on Oct. 3rd.

1 - 2 - Listener Feedback

Stonegossard writes: Hey guys...I really appreciate the show and the effort you all put in to provide an entertaining podcast that is at the same time technical. I thought you might help point me in the right direction with an issue I'm having. Where I work we are looking to deploy a wireless network throughout our campus. Our executives have tasked us with providing a "guest" network that is open and accessible to anyone AND provide a corporate network for employees only. My dilemma is that I'm trying to figure out how to keep my laptop users (~400) from using the guest network either on purpose or by accident. Management has just simply said to provide an open network for everyone to use (including employees) and then our employees will have to VPN into our corp network in order to access our applications, etc. and they feel like it's enough to simply do that. I don't think I'm being overly paranoid by wanting to provide better security for our corporate users. I know that they use open wifi at places like hotels and while this situation is similar I think it is still different since we are providing the access within the walls of our corporate campus and therefore have the capability and responsibility provide such measures.

Am I thinking correctly on this? How can I keep our users from associating to the guest network without restricting their abilities to add connections from the road to other networks? Or is it not that big of a deal that they associate to an open network and then connect to the corp vpn?

Thanks guys. Keep up the great work...it is very much appreciated.

---

Thane Writes:

Hi Guys,

       Let me start by telling you that since I discovered your

podcast about two weeks ago, it has rapidly moved to the top of my list of must listen podcasts. I do a fair bit of driving on service calls, and I've been listening to all the back issues so I can catch up (once I'm caught up, I'm worried about what I'm going to listen to.) :) You're doing an awesome job, and once again, have opened my eyes to another area of computer expertise that I need to get into (I remember back in 85 when a prof I was assisting at Dalhousie asked me if I knew much about computers - when I told him I did, he pointed out that I'd know a lot about computers when I knew how much I didn't know - boy was he right!) I love the format, and am really looking forward to shows on specific topics.

       Here's my question:  I'd like to offer my clients some

options when it comes to firewalls and/or routers - right now they are buying the cheapest router they can find and using it. Most of my clients are small (four to eight computers) but I have a couple which are in the 30 to 60 computer range. I'm looking for options ranging from cheap (say in the $150 to $200 range) to more expensive (say in the $1500 to $2000 range.) I've been looking at Watchguard, and they seem to have good products, but I'm not sure how I can compare routers and how I can explain (in simple terms) why a company should spend $150 (instead of $40) or $2000 (instead of $150.) Any advice you could give would be greatly appreciated.

[Music] Storytime With Twitchy

[MUSIC]

3 - 4 - News

News

Episode36 Show Notes

5

Syngress question of the week: Name the actor who starred in Shaolin Master Killer (aka. 36 Chambers of Shaolin, Masta Killa). What style of Kung Fu does he practice? Bonus: What are his mandarin and cantonese names?

Core discount code impactbsg

SANS discount code is <pauldotcom>.

Thank you for listening, psw@pauldotcom.com, http://pauldotcom.com Phone number Pauldotcom Security Weekly, PO Box 860, Greenville RI, 02828

<outro>