PaulDotCom mailing list archives
Topics For Discussion - Episode 200
From: jackadaniel at gmail.com (Jack Daniel)
Date: Wed, 21 Apr 2010 09:58:15 -0400
Since it keeps coming up on the show (although one step removed), how about trying to get Cormac Herley on to talk about his "Rational rejection of security advice" paper? (That was behind an RSnake post and the Globe passwords article). Jack On 4/21/10, Bugbear <gbugbear at gmail.com> wrote:
python fu +1 Malware analysis is near and dear to my heart and Lenny always does a great job On Wed, Apr 21, 2010 at 7:45 AM, Sherwyn <infolookup at gmail.com> wrote:I would be interested in hearing Lenny Zeltser among others talk about building a low cost malware analysis lab, and the value this can add to an origination by having such a resource. I work for a University and too many times key machines are infected and the protocol is to either clean the infection or reimage the machine without really understanding the infection. Infolookup http://infolookup.securegossip.com www.twitter.com/infolookup -----Original Message----- From: Paul Asadoorian <paul at pauldotcom.com> Date: Tue, 20 Apr 2010 17:11:38 To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] Topics For Discussion - Episode 200 Thanks all, great suggestions so far. Lots of Metasploit stuff right off the bat, so I will look to include something special on Metasploit (no promises until I talk to the team, especially Carlos :) Keep em' comin'! Cheers, Paul On 4/20/10 3:55 PM, Craig Freyman wrote:My vote is privilege escalation. There is obviously getsystem in Metasploit, but what other techniques are used? Most of what I have found is on the "at" command which requires admin rights to run. Just wondering what other things a skilled attacker would do outside of Metasploit. On Tue, Apr 20, 2010 at 12:45 PM, Butturini, Russell <Russell.Butturini at healthways.com <mailto:Russell.Butturini at healthways.com>> wrote: ? ? I would like to hear a round table discussion of where Metasploit ? ? can fit in an enterprise environment. ?I know what my organization ? ? does with it, but would love to hear some more ideas. ? ? -----Original Message----- ? ? From: pauldotcom-bounces at mail.pauldotcom.com ? ? <mailto:pauldotcom-bounces at mail.pauldotcom.com> ? ? [mailto:pauldotcom-bounces at mail.pauldotcom.com ? ? <mailto:pauldotcom-bounces at mail.pauldotcom.com>] On Behalf Of Paul ? ? Asadoorian ? ? Sent: Tuesday, April 20, 2010 1:41 PM ? ? To: PaulDotCom Security Weekly Mailing List ? ? Subject: [Pauldotcom] Topics For Discussion - Episode 200 ? ? Hi All: ? ? I wanted to solicit the members of this list to get some topics for ? ? episode 200. ?We are planning on podcasting all day (June 4, 2010 ? ? 9am-5pm) so I would like suggestions for: ? ? - Debates ? ? - Discussions ? ? - "Round Tables" or panel discussion ? ? - Technical topics ? ? - Computer equipment you would like to see destroyed (not my iPad!) ? ? Please also include any guests you'd like us to try and get to discuss ? ? stuff too. ?These can be non-technical topics (like "passwords") or more ? ? technical things (like "post-exploitation"). ? ? Thank you in advance for your feedback and keep up the great discussion ? ? on this list! ? ? Cheers, ? ? Paul ? ? PS. I would also be interesting in hearing suggestions for Beer or ? ? cigars and promise to include a full review on the show! :) ? ? -- ? ? Paul Asadoorian ? ? PaulDotCom Enterprises ? ? Web: http://pauldotcom.com ? ? Phone: 401.829.9552 ? ? _______________________________________________ ? ? Pauldotcom mailing list ? ? Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com> ? ? http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom ? ? Main Web Site: http://pauldotcom.com ****************************************************************************** ? ? This email contains confidential and proprietary information and is ? ? not to be used or disclosed to anyone other than the named recipient ? ? of this email, ? ? and is to be used only for the intended purpose of this communication. ****************************************************************************** ? ? _______________________________________________ ? ? Pauldotcom mailing list ? ? Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com> ? ? http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom ? ? Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Sent from my mobile device ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com
Current thread:
- Topics For Discussion - Episode 200, (continued)
- Topics For Discussion - Episode 200 Craig Freyman (Apr 20)
- Topics For Discussion - Episode 200 Paul Asadoorian (Apr 20)
- Topics For Discussion - Episode 200 Karl Schuttler (Apr 20)
- Topics For Discussion - Episode 200 Chris Teodorski (Apr 21)
- Topics For Discussion - Episode 200 Sherwyn (Apr 21)
- Topics For Discussion - Episode 200 Robin Wood (Apr 21)
- Topics For Discussion - Episode 200 Butturini, Russell (Apr 21)
- Topics For Discussion - Episode 200 Nathan Sweaney (Apr 21)
- Topics For Discussion - Episode 200 Shane Kelly (Apr 21)
- Topics For Discussion - Episode 200 Craig Freyman (Apr 20)
- Topics For Discussion - Episode 200 Bugbear (Apr 21)
- Topics For Discussion - Episode 200 Jack Daniel (Apr 21)
- Topics For Discussion - Episode 200 Nathan Sweaney (Apr 21)
- Topics For Discussion - Episode 200 Daniel (Apr 21)
- Topics For Discussion - Episode 200 Josh Ciceraro (Apr 21)