PaulDotCom mailing list archives

Topics For Discussion - Episode 200

From: NSweaney at tulsacash.com (Nathan Sweaney)
Date: Wed, 21 Apr 2010 09:07:30 -0500

I was thinking Steve Gibson would be fantastic if you could find a topic that would be appropriate & create an 
interesting discussion.  He's not the arguing type so a debate wouldn't go far.  And just getting him on to laugh & 
make fun of him would be juvenile.  But a good serious conversation has merit.  Regardless of the mistakes & stupid 
things he says, he's been around a long time & seen a lot of stuff.  And in the process, if he learns things from you, 
it's only going to be better for us all.  Security Now is pretty popular & most of us have an end user or co-worker 
that listens to it so it'd be nice if he knew more about current attacks & possibilities.

Now Evans vs Nickerson would be freaking hilarious.  I seriously might consider paying to listen to that (not much 
though, I'm cheap).

At the very least, getting Evans by himself would be great fun.  



-----Original Message-----
From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Robin 
Wood
Sent: Wednesday, April 21, 2010 7:07 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Topics For Discussion - Episode 200

I would like to see a round table with Gregory Evans, Kevin Mitnick
and Steve Gibson.

And if you could get Chris Nickerson in there as well I think that
would create more explosions that even Larry and a truck of thermite
could manage.

On 21 April 2010 12:45, Sherwyn <infolookup at gmail.com> wrote:

I would be interested in hearing Lenny Zeltser among others talk about building a low cost malware analysis lab, and 
the value this can add to an origination by having such a resource.

I work for a University and too many times key machines are infected and the protocol is to either clean the 
infection or reimage the machine without really understanding the infection.
Infolookup
http://infolookup.securegossip.com
www.twitter.com/infolookup


-----Original Message-----
From: Paul Asadoorian <paul at pauldotcom.com>
Date: Tue, 20 Apr 2010 17:11:38
To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>
Subject: Re: [Pauldotcom] Topics For Discussion - Episode 200

Thanks all, great suggestions so far. Lots of Metasploit stuff right off
the bat, so I will look to include something special on Metasploit (no
promises until I talk to the team, especially Carlos :)

Keep em' comin'!

Cheers,
Paul

On 4/20/10 3:55 PM, Craig Freyman wrote:

My vote is privilege escalation. There is obviously getsystem in
Metasploit, but what other techniques are used? Most of what I have
found is on the "at" command which requires admin rights to run. Just
wondering what other things a skilled attacker would do outside of
Metasploit.

On Tue, Apr 20, 2010 at 12:45 PM, Butturini, Russell
<Russell.Butturini at healthways.com
<mailto:Russell.Butturini at healthways.com>> wrote:

? ? I would like to hear a round table discussion of where Metasploit
? ? can fit in an enterprise environment. ?I know what my organization
? ? does with it, but would love to hear some more ideas.

? ? -----Original Message-----
? ? From: pauldotcom-bounces at mail.pauldotcom.com
? ? <mailto:pauldotcom-bounces at mail.pauldotcom.com>
? ? [mailto:pauldotcom-bounces at mail.pauldotcom.com
? ? <mailto:pauldotcom-bounces at mail.pauldotcom.com>] On Behalf Of Paul
? ? Asadoorian
? ? Sent: Tuesday, April 20, 2010 1:41 PM
? ? To: PaulDotCom Security Weekly Mailing List
? ? Subject: [Pauldotcom] Topics For Discussion - Episode 200

? ? Hi All:

? ? I wanted to solicit the members of this list to get some topics for
? ? episode 200. ?We are planning on podcasting all day (June 4, 2010
? ? 9am-5pm) so I would like suggestions for:

? ? - Debates
? ? - Discussions
? ? - "Round Tables" or panel discussion
? ? - Technical topics
? ? - Computer equipment you would like to see destroyed (not my iPad!)

? ? Please also include any guests you'd like us to try and get to discuss
? ? stuff too. ?These can be non-technical topics (like "passwords") or more
? ? technical things (like "post-exploitation").

? ? Thank you in advance for your feedback and keep up the great discussion
? ? on this list!

? ? Cheers,
? ? Paul

? ? PS. I would also be interesting in hearing suggestions for Beer or
? ? cigars and promise to include a full review on the show! :)

? ? --
? ? Paul Asadoorian
? ? PaulDotCom Enterprises
? ? Web: http://pauldotcom.com
? ? Phone: 401.829.9552
? ? _______________________________________________
? ? Pauldotcom mailing list
? ? Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com>
? ? http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
? ? Main Web Site: http://pauldotcom.com


? ? ******************************************************************************
? ? This email contains confidential and proprietary information and is
? ? not to be used or disclosed to anyone other than the named recipient
? ? of this email,
? ? and is to be used only for the intended purpose of this communication.
? ? ******************************************************************************
? ? _______________________________________________
? ? Pauldotcom mailing list
? ? Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com>
? ? http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
? ? Main Web Site: http://pauldotcom.com




_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


--
Paul Asadoorian
PaulDotCom Enterprises
Web: http://pauldotcom.com
Phone: 401.829.9552
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Topics For Discussion - Episode 200 Paul Asadoorian (Apr 20)
- Topics For Discussion - Episode 200 Butturini, Russell (Apr 20)
  - Topics For Discussion - Episode 200 Craig Freyman (Apr 20)
    - Topics For Discussion - Episode 200 Paul Asadoorian (Apr 20)
    - Topics For Discussion - Episode 200 Karl Schuttler (Apr 20)
    - Topics For Discussion - Episode 200 Chris Teodorski (Apr 21)
    - Topics For Discussion - Episode 200 Sherwyn (Apr 21)
    - Topics For Discussion - Episode 200 Robin Wood (Apr 21)
    - Topics For Discussion - Episode 200 Butturini, Russell (Apr 21)
    - Topics For Discussion - Episode 200 Nathan Sweaney (Apr 21)
    - Topics For Discussion - Episode 200 Shane Kelly (Apr 21)
    - Topics For Discussion - Episode 200 Bugbear (Apr 21)
    - Topics For Discussion - Episode 200 Jack Daniel (Apr 21)
    - Topics For Discussion - Episode 200 Nathan Sweaney (Apr 21)
    - Topics For Discussion - Episode 200 Daniel (Apr 21)
    - Topics For Discussion - Episode 200 Josh Ciceraro (Apr 21)
- Topics For Discussion - Episode 200 Kennith Asher (Apr 20)
- Topics For Discussion - Episode 200 mailing lists (Apr 21)
- Topics For Discussion - Episode 200 Nicholas B. (Apr 21)
- Topics For Discussion - Episode 200 Bert Van Kets (Apr 22)

(Thread continues...)