BrakeSec Education Podcast

Active Defense... It conjures images of the lowly admin turning the tables on the evil black hat hackers, and giving them a dose of their own medicine by hacking their boxes and getting sweet, sweet revenge... But did you know that kind of 'revenge' is also rife with legal rammifications, even bordering on being illegal?? This week, Mr. Boettcher and I tackle this prickly subject, and discuss some software you can use to 'deter, prevent, and dissuade' potential bad guys... ADHD Training (courtesy of Paul's Security Weekly Podcast): http://blip.tv/securityweekly/active-defense-harbinger-distribution-release-party-7096833 Artillery - https://www.binarydefense.com/project-artillery/ DenyHosts - http://denyhosts.sourceforge.net/ Nova: http://www.sans.org/reading-room/whitepapers/detection/implementing-active-defense-systems-private-networks-34312 Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

If you think Halloween was scary, Paul Coggin gives us another reason to curl up in the fetal position as he goes explains Lawful Intercept, and Route Maps. And what's worse, your 3rd party auditors are starting to get the tools that will make you address network protocol issues. Lots of great material here below in our show notes, including some tools (free) that you can use to get yourself schooled on network protocols http://www.zdnet.com/researcher-describes-ease-to-detect-derail-and-exploit-nsas-lawful-interception-7000025073/ BGPmon - http://www.bgpmon.net/ Renesys (now Dyn Research) http://research.dyn.com/ BGP Play - http://bgplay.routeviews.org/ BGP Looking glass servers - http://www.bgp4.as/looking-glasses yersinia - http://www.yersinia.net/ Fx Twitter handle - https://twitter.com/41414141 ernw - https://www.ernw.de/ Cisco Route Maps - http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/49111-route-map-bestp.html Paul's Bsides Nashville talk - http://www.irongeek.com/i.php?page=videos/bsidesnashville2014/300-bending-and-twisting-networks-paul-coggin Huawei ENSP - http://enterprise.huawei.com/en/products/network-management/automation-tools/tools/hw-201999.htm NRL Core - http://www.nrl.navy.mil/itd/ncs/products/core NRL Mgen - http://www.nrl.navy.mil/itd/ncs/products/mgen Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

One of the talks my colleague got to see was Paul Coggin's talk about Internetworking routing and protocols. In this interview, we dicsuss some tools of the trade, how MPLS isn't secure, and why you should be doing end-to-end encryption without allowing your VPN or circuit provider to do it for you... If you have any interest in network security, including the higher order network protocols like BGP, MPLS, ATM, etc... You'll want to check out his DerbyCon talk, and our interview... Paul's Derbycon 2014 talk - http://www.irongeek.com/i.php?page=videos/derbycon4/t319-bending-and-twisting-networks-paul-coggins Hacking SNMP tips and tricks: http://securityreliks.securegossip.com/2011/04/hacking-snmp-in-a-few-simple-steps/ SNMPBlow: http://www.stoptheplague.com/?p=19 ERNW: https://www.ernw.de/research-community/index.html Fx paper on Lawful Intercept: http://phenoelit.org/stuff/CSLI.pdf Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

In an effort to educate ourselves for an upcoming interview, we sat down and talked about SNMP (Simple Network Management Protocol). We get into the basics, the ins and outs of the protocol, the different tools that use (or exploit) SNMP, and we talk about how to better secure your SNMP implementation. YOu should listen to this, because next week's interview will knock your socks off. :) Finally, We end with a DerbyCon interview Mr. Boettcher snagged with our friend Mr. Kevin Johnson about how we need to regulate ourselves with regard to a code of ethics, before someone regulates us... When one 'white hat' can run code on a server he/she doesn't control (unpatched Shellshock) and thinks it's okay, where do we draw the line from what is right, and what violates the CFAA? Mr. Johnson looks for an answer with our Mr. Boettcher. Wikipedia SNMP article:http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol SNMP Primer: http://www.tcpipguide.com/free/t_SNMPProtocolOverviewHistoryandGeneralConcepts.htm SNMP OIDS and MIBS: http://kb.paessler.com/en/topic/653-how-do-snmp-mibs-and-oids-work SNMP vulnserabilities - http://packetstormsecurity.com/search/?q=snmp SNMP Primer (IBM):http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtpc1%2Fpdus.html SNMP amplification attacks: http://www.pcworld.com/article/2159060/ddos-attacks-using-snmp-amplification-on-the-rise.html Securing SNMPv3: http://www.sans.org/reading-room/whitepapers/networkdevs/securing-snmp-net-snmp-snmpv3-1051 Kevin Johnson/James Jardine DerbyCon Talk: http://www.irongeek.com/i.php?page=videos/derbycon4/t308-ethical-control-ethics-and-privacy-in-a-target-rich-environment-kevin-johnson-and-james-jardine Image courtesy of Wikipedia.de Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

Tcpdump is just one of the tools that will make troubleshooting network issues, or testing applications, or even finding out what traffic is being generated on a host all that much easier. This podcast is to help you understand the Tcpdump program, and how powerful it is... http://danielmiessler.com/study/tcpdump/ http://www.thegeekstuff.com/2010/08/tcpdump-command-examples/ http://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/ http://www.amazon.com/TCP-Illustrated-Vol-Addison-Wesley-Professional/dp/0201633469 http://www.computerhope.com/unix/tcpdump.htm http://www.commandlinefu.com/commands/using/tcpdump -- excellent examples http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/ Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

Part 2 of our interview with Jarrod Frates (FRAY-tes). We ask him about the value that a pentest can create, the way that that 'perfect' pentest can change culture and help create dialogue. Also, we talk about how to take your automated testing info and then shift gears to manual testing... when to stop doing automated testing, and do the manual testing. Hope you enjoy, have a great week! Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

We went a little off the beaten path this week. I wanted to talk to Mr. Boettcher about his experience at DerbyCon, and we ended up having another friend of ours who also attended DerbyCon, Jarrod Frates, join us for a bit of discussion. We discussed several talks, and even spent a little bit of time talking about ShellShock and it's larger implications for those programs that are ubiquitous, yet are not being audited, like bash. (The llama graphic will make more sense next week...) :) http://www.irongeek.com/i.php?page=videos/derbycon4/t109-et-tu-kerberos-christopher-campbellhttp://www.irongeek.com/i.php?page=videos/derbycon4/t217-hacking-mainframes-vulnerabilities-in-applications-exposed-over-tn3270-dominic-whitehttp://www.irongeek.com/i.php?page=videos/derbycon4/t210-around-the-world-in-80-cons-jayson-e-streethttp://www.irongeek.com/i.php?page=videos/derbycon4/t216-once-upon-a-time-infosec-history-101-jack-danielhttp://askubuntu.com/questions/529511/explanation-of-the-command-to-check-shellshock Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

We finished up our odyssey with Marcus J. Carey this week. We picked his brain about how he feel about China, the coming cyberwar, and what kinds of tools he uses in his toolbox (hint: he doesn't use Kali). We also talk a bit about the entitlement of people, and what makes folks in poorer countries turn to hacking. We really enjoyed hearing his take on certifications and education. He's a Ruby nut, but suggests that people learn Python. He also talks about how he teaches people about security. The little everyday things that show you do security. A thought provoking interview that will definitely inspire you to pour yourself into a Python book, or to grab a Raspberry Pi and start learning. Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/

This month, I wanted to go over a piece of software that seems to give a lot of people problems. In business, there is always a need for sending secure communications, whether because a client asked for it, or because sending sensitive information unencrypted could result in loss of profit, competitve edge, reputation, or all of the above. This month's tutorial is on setting up PGP or GPG to be able to be more secure when sending emails. I show you commands that allow you to create public/private key pairs, and also discuss the software to be used on either Windows, Linux, and Mac OS.I mentioned signing and encrypting email attachments, and also explain that your headers are still unencrypted, so email metadata tracking is still possible. Brakeing Security Podcast on PGP/GPG: http://brakeingsecurity.com/pgp-and-gpg-protect-your-data Windows GPG solution: http://www.gpg4win.org Mac GPG solution: https://gpgtools.org/ Kali/Linux RNG daemon instructions: 1. apt-get install rngd 2. rngd -r /dev/urandom (should make PGP creation on Kali much faster)

Marcus J. Carey, a security research and software developer came on to talk to us about FireDrill.me, a tool used to help people work out their Incident Response muscles. He is also the creator of threatagent.com. Marcus is well known in Security circles, and after we talked to him about FireDrill and ThreatAgent, we got his opinion of other subjects that interested us in the Infosec industry. Marcus is a man of his own mind, and he certainly did not disappoint. Hope you enjoy Part 1 of our conversation with him. We also asked him about the celebrity that many in the industry face, and how it should be handled by people in the industry. HoneyDocs - http://www.pcworld.com/article/2048881/honeydocs-lays-irresistible-bait-for-hackers.html Malcolm Gladwell - http://en.wikipedia.org/wiki/Malcolm_Gladwell http://www.firedrill.me http://www.threatagent.com Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/