[podcast]http://isdpodcast.com/podcasts/InfoSec Daily Podcast Episode 224.mp3[/podcast]
ISDPodcast Episode 224 for September 30, 2010. Tonight’s podcast is hosted by Rick Hayes and Keith Pachulski.
The Louisville Metro InfoSec Conference:
When: Thursday, October 7th, 2010
Where: Churchill Downs
When: Friday, October 8, 2010
Where: Think Inc World HQ, 1375 Peachtree St. Suite 600, Atlanta, Ga (The Earthlink Bldg).
MyHardDriveDied.com Data Recovery Class:
Dallas, TX – October 11th – 15th
Washington, DC – December 6th – 10th
Use the Discount Code: isdpodcast for a $300 discount.
SANS Mentoring Program:
Jason Lawrence – SANS Forensics 508 – Computer Forensics and Investigations in Sandy Springs, GA
When: Tuesday, October 12, 2010 – Tuesday, December 14, 2010
Use the Discount Code: isdpod15 for a 15% discount.
Adrian Sanabria - SANS Security 504 – Hacker Techniques, Exploits & Incident Handling in Knoxville, TN
When: Tuesday, October 12, 2010 – Tuesday, December 14, 2010
Use the Discount Code: isdpod15KY for a 15% discount.
When: Oct 15-17 2010
Where: Nashville, TN
When: Oct 23-24 2010
Where: Charleston, WV
I2P Anonymous Network Overview: http://www.i2p2.de/
Stories of Interest:
Thieves armed with little more than a drill and a powerful vacuum cleaner siphoned £60,000 out of a supermarket safe in France in what police said is the 15th such heist against the same store chain.
The burglars have made off with €500,000 by exploiting a flaw in the security system of Monoprix, the chain that has been targeted since 2006, The Sun reports. Once they get inside the premises, they drill a small hole in the “pneumatic tube” used to transport money from the checkout to the strong room. This allows them to raid a safe without ever having to break its locks.
Update to a story we discussed in August about Neil Weiner, a man who sought to ruin the life of a school caretaker by planting child pornography on his computer. Weiner has now been convicted on two counts of possession of child pornography and one count of perverting the course of justice. He was sentenced to 12 years in jail.
“The judge told Weiner that his plot to have Mr. Thompson sacked and prosecuted very nearly succeeded. Police had been careful not to make public their arrest of the caretaker and only informed those at the school who needed to know, he said. ‘But you gratuitously and spitefully informed the local press so that he and his wife suffered the distress of the unwelcome publicity which followed.’ Mr. Thompson’s health and that of his wife suffered. The judge said: ‘There are still those who believe, and probably always will, that he is a pedophile. I am wholly satisfied that Mr. Thompson is innocent.’ … Weiner had discovered the caretaker’s password by looking over his shoulder one day and been caught doing so. When Mr. Thompson was asked why he did not change it, he said he wished he had, adding: ‘Who in their worst nightmares would could have thought that anyone could stoop to do what he did?’”
@ChrisJohnRiley tweeted about a tool called Active Filter Detection (AFD). AFD allows security auditors to identify the presence of Intrusion Prevention Systems and other technologies that would directly impact the quality of a security assessment. So I decided to download and install the program. Not wanting to run it as part of a pen-test/audit, I decided to test it internally against a server running a HIDS. I took three packets for it to tell me that my packets were being filtered. This peaked my interest, so I contacted a friend that has an Internet presense with a WAF along with an IPS. This tool sends what could essentially be described as packets with known attack signatures and looks for and analyzes the response. It was able to detect when he had the WAF and IPS’s turned on and when I was communicating directly through to the web server. If you conduct external security assessments, you might want to further investigate AFD.
A Venezuelan citizen on Friday was sentenced to 10 years in US federal prison for hacking into the networks of telecommunications companies and then routing millions of minutes of voice over IP calls over their systems.
Edwin Andres Pena, 27, admitted in February that he pocketed more than $1m in the scam, in which he posed as a legitimate reseller of long-distance calling services. By scanning networks of AT&T and other companies, Pena was able to identify unprotected ports through which he could transmit more than 10 million minutes of unauthorized calls.
Pena, who spent much of his time in Miami, was described as the mastermind behind the operation. For technical help in identifying vulnerable networks, he turned to a Spokane, Washington, hacker named Robert Moore. He was previously sentenced to two years in prison for his role, which included performing more than 6 million scans on AT&T’s network alone over a five-month span in 2005.
Following the arrest of the two men in 2006, Pena fled the US and engaged authorities in a manhunt through South and Central America. Agents finally apprehended him in Mexico in 2009.
Prosecutors reckon that Pena’s scheme caused a loss of $1.4m in less than a year. One of the targeted companies – which was based in Newark, New Jersey, where the case was prosecuted – was billed for more than 500,000 unauthorized telephone calls that Pena routed through its network. In addition to his 120-month prison sentence, Pena was ordered to pay restitution of a little more than $1m.
In a blog post written by Leslie Sobon, the company’s vice president of marketing, Sobon describes her life in the largely male-dominated world of technology as being “mostly surrounded by guys all day,” but says: “I can tell you that – in general – technical guys are pretty cool.”
Sobon goes on to offer a five-step programme for girls who want to be able to land a bespectacled Dungeons & Dragons-loving hunk of their very own, starting with an exhortation to “learn the language” in order to better understand the near-gibberish that pours forth from their suitor’s mouth.
The next step is to, “hang out where the geeks hang out,” which might seem obvious – but Sobon does offer a list of likely events like QuakeCon, overclocking contests, and LAN parties. Not listed are other likely venues for the ultra-geeky, like chiptune concerts and – the ost common location – cloistered in the dark, eyes glued to a monitor.
Girls are advised to ask questions, too – although Sobon says, “You don’t really have to understand what these questions mean.” So don’t fret your little female brain if they’re too complicated for you to understand. Sobon suggests a list of queries that you could just “throw [...] into the conversation,” including, “What will win, x86 or ARM?” And, “What’s more important in the PC – the CPU or the GPU?”