PaulDotCom mailing list archives
Ideas For Tech Segments?
From: cdf123 at cdf123.net (Chris Frederick)
Date: Tue, 21 Oct 2008 23:26:54 -0500
I also like the log analysis, and also looking how to secure your log management on the cheap. I've seen a lot of examples on the net using a syslog server to collect logs, but very few on how to secure that server, and the data in transit. If you can sniff the traffic between a syslog server and a web server, maybe you can see that there's an IDS/IPS installed monitoring that server, and then you could change your tactics and focus somewhere else rather than risk detection. Or seeing the logs fly by, you can gain knowledge of what software is installed and maybe even be able to tell version info as well. Syslog-ng is a great example of this, since you have to pay for the enterprise version to get the ssl encryption options, and a lot of Linux distros come with the free version without ssl. Chris Paul Asadoorian wrote:
Excellent! Keep them coming. A few notes: - I like the idea of doing a tech segment on log analysis on the cheap. I've always been a big fan of collecting via syslog to a UNIX host, then using bash/perl/<insert favorite language here> to parse and alert. I've been meaning to play around with SWATCH again too. - We did a tech segment on evading AV: http://pauldotcom.com/wiki/index.php/Episode125#Tech_Segment:_Bypassing_Anti-Virus_Software_The_Script-Kiddie_Way - We've talked about bluetooth quite a bit, but never did a tech segment on it that I could find. I thought we did a video on it, but it was an episode that will forever be lost in the archives. Keep em' coming! Cheers, Paul xgermx wrote:Sorry, only two more, I promise. How about a segment on advanced netcat usage? What about an Evading AV detection segment? On Tue, Oct 21, 2008 at 3:51 PM, xgermx <xgermx at gmail.com> wrote:Also, I'd love to hear a tech segment on Yersinia. Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). Attacks for the following network protocols are implemented (but of course you are free for implementing new ones): * Spanning Tree Protocol (STP) * Cisco Discovery Protocol (CDP) * Dynamic Trunking Protocol (DTP) * Dynamic Host Configuration Protocol (DHCP) * Hot Standby Router Protocol (HSRP) * IEEE 802.1Q * IEEE 802.1X * Inter-Switch Link Protocol (ISL) * VLAN Trunking Protocol (VTP) http://www.yersinia.net/ On Tue, Oct 21, 2008 at 3:40 PM, wishi <wishinet at googlemail.com> wrote:Paul Asadoorian schrieb:So, Larry and I have this discussion every week. What should we be doing for tech segments? I'd love to hear your thoughts, and hopefully we can make it happen. So, suggest away! Cheers, Paula segment I always like hearing about is security data visualization. But that's very huge and not easy to cover. Maybe you want to have a look at DAVIX (http://davix.secviz.org/)? :) Another interesting topic is: mobile phone pentesting - speaking of smartphones, WiFi, and their TCP/IP and OS specifics. I guess... _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Ideas For Tech Segments? Paul Asadoorian (Oct 21)
- Ideas For Tech Segments? xgermx (Oct 21)
- Ideas For Tech Segments? Chris Merkel (Oct 21)
- Ideas For Tech Segments? Stephen Reese (Oct 21)
- Ideas For Tech Segments? Frog Fang (Oct 21)
- Ideas For Tech Segments? wishi (Oct 21)
- Ideas For Tech Segments? xgermx (Oct 21)
- Ideas For Tech Segments? xgermx (Oct 21)
- Ideas For Tech Segments? Paul Asadoorian (Oct 21)
- Ideas For Tech Segments? Chris Frederick (Oct 21)
- Ideas For Tech Segments? Mad Marv (Oct 21)
- Ideas For Tech Segments? Brian J. Almond (Oct 21)
- Ideas For Tech Segments? Justin Seitz (Oct 21)
- Ideas For Tech Segments? Karl Schuttler (Oct 21)
- Ideas For Tech Segments? xgermx (Oct 21)
- Ideas For Tech Segments? Paul Asadoorian (Oct 22)