daily pastebin goal
51%
SHARE
TWEET

testyyy

a guest Mar 25th, 2015 597 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Mike P
  2. I think quite a few of us are in plenty of SN ITProTV videos
  3.        
  4. 13:40
  5. bob hope
  6. Networking: http://irc.lc/dal/offsec/irctc@@@ - Offsec IRC
  7.  
  8. http://www.reddit.com/r/AskNetsec/ - Netsec Reddit http://smashthestack.org/ Training
  9.  
  10. Materials: http://opensecuritytraining.info/Training.html - Internet-sourced Open Security
  11.  
  12. Training http://nullsecurity.net/ Hands on: http://www.dvwa.co.uk/ - Damn Vulnerable Web
  13.  
  14. Application http://www.try2hack.nl/ https://www.hacking-lab.com/index.html
  15.  
  16. https://www.hackthissite.org/ http://smashthestack.org/ Blogs, Articles, and Video Channels:
  17.  
  18. http://www.securitybistro.com/ http://pen-testing.sans.org/ http://www.ethicalhacker.net/
  19.  
  20. https://www.youtube.com/user/GeekBlogTV
  21.        
  22. 13:41
  23. bob hope
  24. Thanks Shawn!
  25.        
  26. 13:41
  27. bob hope
  28. Has anyone been having trouble with the stream locking up? I'm on my third provider and still
  29.  
  30. getting lock ups.
  31.        
  32. 13:41
  33. bob hope
  34. Thanks @Shawn. Awesome!
  35.        
  36. 13:41
  37. bob hope
  38. Thanks
  39.        
  40. 13:41
  41. bob hope
  42. https://www.sans.org/
  43.        
  44. 13:41
  45. bob hope
  46. yes
  47.        
  48. 13:41
  49. bob hope
  50. Probably should put Security Now in that list... had all that stuff before training
  51.        
  52. 13:41
  53. bob hope
  54. No
  55.        
  56. 13:42
  57. bob hope
  58. Dan a handler there @Sans good guy!
  59.        
  60. 13:42
  61. bob hope
  62. www.grc.com/sn
  63.        
  64. 13:42
  65. bob hope
  66. Good morning all
  67.        
  68. 13:42
  69. bob hope
  70. Morning Alan
  71.        
  72. 13:42
  73. bob hope
  74. What's today's chapter/video on?
  75.        
  76. 13:43
  77. bob hope
  78. Hi Alan.
  79.        
  80. 13:43
  81. bob hope
  82. @Gary yesterday I did have lockup issues with stream - so far today looks good
  83.        
  84. 13:43
  85. bob hope
  86. morning all!
  87.        
  88. 13:43
  89. bob hope
  90. I occasionally have streaming issues, but with my small DSL pipe I cant expect much...
  91.        
  92. 13:44
  93. bob hope
  94. Mike's plugged into the matrix!
  95.        
  96. 13:44
  97. bob hope
  98. Dino footprints.
  99.        
  100. 13:44
  101. bob hope
  102. Better shirt tdoay @Sean!
  103.        
  104. 13:44
  105. bob hope
  106. Good Morning!
  107.        
  108. 13:44
  109. bob hope
  110. wheres the ears!!
  111.        
  112. 13:45
  113. bob hope
  114. http://pastebin.com/yJuuvvvv - Chat log from yesterday
  115.        
  116. 13:45
  117. bob hope
  118. So, Sean is in the medical/science field today.
  119.        
  120. 13:45
  121. bob hope
  122. I created a pastebin account.
  123.        
  124. 13:45
  125. bob hope
  126. Highly illogical
  127.        
  128. 13:45
  129. bob hope
  130. Do the vulcan "Live Long and Prosper"!
  131.        
  132. 13:46
  133. bob hope
  134. Here @SFI we have our version of Marines.
  135.        
  136. 13:47
  137. bob hope
  138. Oh no, the Ft. Rucker stories are coming out!
  139.        
  140. 13:47
  141. bob hope
  142. God I would have been in the front leaning rest for ever if I forgot to salute an officer
  143.        
  144. 13:47
  145. bob hope
  146. Oh no, the Ft. Rucker stories are coming out!
  147.        
  148. 13:47
  149. bob hope
  150. Warrant officer
  151.        
  152. 13:47
  153. bob hope
  154. You don't play w/ officer in the 82nd or the 101st
  155.        
  156. 13:48
  157. bob hope
  158. Double post, sorry.
  159.        
  160. 13:48
  161. bob hope
  162. Good morning
  163.        
  164. 13:48
  165. bob hope
  166. Morning
  167.        
  168. 13:49
  169. bob hope
  170. or LLAP
  171.        
  172. 13:49
  173. bob hope
  174. I saw both sides, I was in the Army and Navy for 11 years apiece.
  175.        
  176. 13:50
  177. bob hope
  178. 32 years in the CAF
  179.        
  180. 13:51
  181. bob hope
  182. My thanks to everyone who served
  183.        
  184. 13:51
  185. bob hope
  186. Agreed.
  187.        
  188. 13:51
  189. bob hope
  190. In any country.
  191.        
  192. 13:51
  193. bob hope
  194. Yes many thanks to Military people.
  195.        
  196. 13:52
  197. bob hope
  198. and public servants! especially vol fire persons! Thanks!
  199.        
  200. 13:53
  201. bob hope
  202. @Michael absolutely!
  203.        
  204. 13:53
  205. bob hope
  206. We saw information "wayback", but they probably have upgraded in the interim.
  207.        
  208. 13:53
  209. bob hope
  210. Thanks Michael G. I never got a chance to go into the Military so I am on the local volunteer
  211.  
  212. fire dept instead.
  213.        
  214. 13:54
  215. bob hope
  216. Yes. Thanks to all public servants as well
  217.        
  218. 13:54
  219. bob hope
  220. https://www.arin.net/
  221.        
  222. 13:54
  223. bob hope
  224. http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority
  225.        
  226. 13:55
  227. bob hope
  228. Thanks Mike
  229.        
  230. 13:55
  231. bob hope
  232. awesome Mike
  233.        
  234. 13:55
  235. bob hope
  236. Thanks Mike!
  237.        
  238. 13:56
  239. bob hope
  240. hazaa!
  241.        
  242. 13:56
  243. bob hope
  244. https://www.hellboundhackers.org/articles/read-article.php?article_id=721
  245.        
  246. 13:56
  247. bob hope
  248. Errm, I know my way to ARIN.
  249.        
  250. 13:57
  251. bob hope
  252. Great @Mike
  253.        
  254. 13:57
  255. bob hope
  256. Thanks for the links
  257.        
  258. 13:58
  259. bob hope
  260. I'm being swatted.
  261.        
  262. 13:58
  263. bob hope
  264. great link @Mike P
  265.        
  266. 13:59
  267. bob hope
  268. I've watched for visitors to my domain, and seen Ft. Huachuca IP addresses.
  269.        
  270. 14:00
  271. bob hope
  272. Becareful not to click the chinese .cn instead of .com
  273.        
  274. 14:00
  275. bob hope
  276. The Army runs NETCOM and the Army Intelligence Center from there.
  277.        
  278. 14:00
  279. bob hope
  280. @ Sean thanks for the website
  281.        
  282. 14:01
  283. bob hope
  284. @Mike I posted that link to my FB page. ... > bit.ly/rlocone_fb
  285.        
  286. 14:02
  287. bob hope
  288. ITProTV's for example: http://itools.com/internet/ip-address#q=198.50.174.39&submit=Look
  289.  
  290. +up&tool=arin-whois-domain-search
  291.        
  292. 14:03
  293. bob hope
  294. This is great to get a global view of what IP each country may get for a given domain name:
  295.  
  296. https://www.whatsmydns.net/
  297.        
  298. 14:03
  299. bob hope
  300. what are the other registrars?
  301.        
  302. 14:03
  303. bob hope
  304. @Michael - http://en.wikipedia.org/wiki/Regional_Internet_registry
  305.        
  306. 14:03
  307. bob hope
  308. kewl, thx
  309.        
  310. 14:04
  311. bob hope
  312. is visual traceroute still around? I used that years ago
  313.        
  314. 14:04
  315. bob hope
  316. makes it look like the movies.
  317.        
  318. 14:05
  319. bob hope
  320. Think it is.
  321.        
  322. 14:05
  323. bob hope
  324. haha, I guess I need to learn patience...
  325.        
  326. 14:05
  327. bob hope
  328. Monitis have one: http://www.monitis.com/traceroute/
  329.        
  330. 14:05
  331. bob hope
  332. I prefer the command line but the GUI looks cool
  333.        
  334. 14:06
  335. bob hope
  336. online version http://www.monitis.com/traceroute/
  337.        
  338. 14:06
  339. bob hope
  340. It is easier copying text from the command line but this GUI might look better in a report
  341.        
  342. 14:07
  343. bob hope
  344. ip viking is cool tool shows attacks
  345.        
  346. 14:07
  347. bob hope
  348. route-fu
  349.        
  350. 14:07
  351. bob hope
  352. @James thanks link: http://map.ipviking.com/
  353.        
  354. 14:07
  355. bob hope
  356. Very hollywood
  357.        
  358. 14:07
  359. bob hope
  360. Yeah, love watching that
  361.        
  362. 14:07
  363. bob hope
  364. Great site. Looks so awesome
  365.        
  366. 14:08
  367. bob hope
  368. Had to refresh my Chromecast again, it work flawlessly last night.
  369.        
  370. 14:08
  371. bob hope
  372. I always wonder how accurate is that site really is.
  373.        
  374. 14:08
  375. bob hope
  376. Sorry Mike missed your post LOL
  377.        
  378. 14:08
  379. bob hope
  380. May need to shift to dual screens or pull out the new travel router.
  381.        
  382. 14:09
  383. bob hope
  384. whats funny in the movies is when they are trying to hack an IP address on the Internet and
  385.  
  386. they read it out as a 10.x.x.x
  387.        
  388. 14:09
  389. bob hope
  390. Command line - As my old boss would say, drop the "Foo Foo Crap"
  391.        
  392. 14:09
  393. bob hope
  394. or a 300 number in it.
  395.        
  396. 14:10
  397. bob hope
  398. The wannabe hackers type over and over watermelon.
  399.        
  400. 14:10
  401. bob hope
  402. Here's a good "hollywood" hacking video. Although surprising they do try to keep it accurate
  403.  
  404. on the tolls you see on the screens. Still a cool watch: https://www.youtube.com/watch?
  405.  
  406. v=l_XOrcBxy-E
  407.        
  408. 14:10
  409. bob hope
  410. When we were assigned a new /20 a couple years back, it marked us as being in Denmark.
  411.        
  412. 14:11
  413. bob hope
  414. Just now able to sit down. Wife isn';t feeling well.. anything that I really need to check out that
  415.  
  416. I missed?
  417.        
  418. 14:11
  419. bob hope
  420. Wasn't me to say that, but I do love my CLI.
  421.        
  422. 14:11
  423. bob hope
  424. @William - I think your ok
  425.        
  426. 14:11
  427. bob hope
  428. Thanks Mike
  429.        
  430. 14:11
  431. bob hope
  432. James ( I think) threw up some good links at the beginning
  433.        
  434. 14:12
  435. bob hope
  436. @William hope she feels better
  437.        
  438. 14:12
  439. bob hope
  440. @William We are just going over IP ranges, IP lookups, and now traceroute
  441.        
  442. 14:12
  443. bob hope
  444. Thank you very much brian
  445.        
  446. 14:12
  447. bob hope
  448. I used pathping one time to show the ISP that they had problems in their network.
  449.        
  450. 14:12
  451. bob hope
  452. looks like I am good then
  453.        
  454. 14:13
  455. bob hope
  456. @Mike P - The big paste full of links?
  457.        
  458. Shawn Prater
  459. Networking: http://irc.lc/dal/offsec/irctc@@@ - Offsec IRC http://www.reddit.com/r/AskNetsec/ - Netsec Reddit http://smashthestack.org/ Training Materials: http://opensecuritytraining.info/Training.html - Internet-sourced Open Security Training http://nullsecurity.net/ Hands on: http://www.dvwa.co.uk/ - Damn Vulnerable Web Application http://www.try2hack.nl/ https://www.hacking-lab.com/index.html https://www.hackthissite.org/ http://smashthestack.org/ Blogs, Articles, and Video Channels: http://www.securitybistro.com/ http://pen-testing.sans.org/ http://www.ethicalhacker.net/ https://www.youtube.com/user/GeekBlogTV
  460.        
  461. 14:14
  462. bob hope
  463. thanks shawn
  464.        
  465. 14:14
  466. bob hope
  467. Links from Mike P https://www.arin.net/ http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority https://www.hellboundhackers.org/articles/read-article.php?article_id=721
  468.        
  469. 14:14
  470. bob hope
  471. Im going through all my notes tonight, and consolidating all the links we've posted. Expect a big paste tomorrow
  472.        
  473. 14:14
  474. bob hope
  475. SOrry Shawn it was you my mistake
  476.        
  477. 14:15
  478. bob hope
  479. Nah, it's cool, I thought someone missed it, and wanted it again
  480.        
  481. 14:17
  482. bob hope
  483. BRB, taking the dog out
  484.        
  485. 14:17
  486. bob hope
  487. @Sean - Is there a particular reason we are going from tracert to social media and social engineering?
  488.        
  489. 14:17
  490. bob hope
  491. Thanks Shawn,
  492.        
  493. 14:17
  494. bob hope
  495. Release the beast.
  496.        
  497. 14:18
  498. bob hope
  499. @Sean or is this just covering the wide spectrum of footprinting, in no particular order
  500.        
  501. 14:18
  502. bob hope
  503. @Shawn - I think it's just footprinting topics in general.
  504.        
  505. 14:18
  506. bob hope
  507. Okay, thanks
  508.        
  509. 14:18
  510. bob hope
  511. Who let the dog(s) out?
  512.        
  513. 14:19
  514. bob hope
  515. Brian!
  516.        
  517. 14:19
  518. bob hope
  519. hah
  520.        
  521. 14:23
  522. bob hope
  523. Haha
  524.        
  525. 14:23
  526. bob hope
  527. Okay, thanks!
  528.        
  529. 14:23
  530. bob hope
  531. Brian Krebs has a very informative site for those who have not seen it yet http://krebsonsecurity.com/
  532.        
  533. 14:24
  534. bob hope
  535. Thanks James
  536.        
  537. 14:24
  538. bob hope
  539. The site I used for daily security news is : https://threatpost.com/
  540.        
  541. 14:24
  542. bob hope
  543. I swear I have 20 Chrome tabs open right now with all of these links lol
  544.        
  545. 14:24
  546. bob hope
  547. Thanks Mike
  548.        
  549. 14:24
  550. bob hope
  551. NICE MIKE! I've been looking for something EXACTLY like that
  552.        
  553. 14:24
  554. bob hope
  555. I am just keep a notepad open with them for later
  556.        
  557. 14:25
  558. bob hope
  559. I'm bookmarking them all. Hope I can remember later what each one was for.
  560.        
  561. 14:25
  562. bob hope
  563. HA
  564.        
  565. 14:26
  566. bob hope
  567. @brian Good idea
  568.        
  569. 14:26
  570. bob hope
  571. Symantec's white papers are sometimes good. Sometimes rubbish: http://www.symantec.com/security_response/publications/whitepapers.jsp
  572.        
  573. 14:26
  574. bob hope
  575. I've been doing the same. Bookmarking them to a folder.
  576.        
  577. 14:27
  578. bob hope
  579. is Symantec as good as they used to me?
  580.        
  581. 14:27
  582. bob hope
  583. to be^
  584.        
  585. 14:27
  586. bob hope
  587. @Michael - I don't use their products. Dreadful lol
  588.        
  589. 14:27
  590. bob hope
  591. I use tweetdeck to scan for #NSA topics. So much info out there.
  592.        
  593. 14:28
  594. bob hope
  595. @Michael - The research material they and even mcafeee publish is good for basic understanding about some of the new exploits etc...
  596.        
  597. 14:28
  598. bob hope
  599. @ Michael Who do you prefer?
  600.        
  601. 14:28
  602. bob hope
  603. Here is another link with tons of good links/info: https://www.defcon.org/html/links/links-o-rama.html
  604.        
  605. 14:29
  606. bob hope
  607. We have switched a few times over the past few years from Kaspersky to Vipre and now to Webroot, but that is mainly for management reasons on the back end and integration with RMM.
  608.        
  609. 14:29
  610. bob hope
  611. We use Vipre management with Labtech for our Technical Services department
  612.        
  613. 14:30
  614. bob hope
  615. I listen to Sans Dr J everyday and check Krebs too. The verizon reports are good foo, ANd the Cisco CYber Risk reports
  616.        
  617. 14:30
  618. bob hope
  619. Trying to figure out a good way to integrate Security into Managed Services, offerings, pricing, etc
  620.        
  621. 14:30
  622. bob hope
  623. Vipre has been really good for us, but our RMM is swtiching to webroot.
  624.        
  625. 14:30
  626. bob hope
  627. Ahh
  628.        
  629. 14:30
  630. bob hope
  631. We just switched to Vipre. So far I like the management tools.
  632.        
  633. 14:31
  634. bob hope
  635. we cringed when we heard that...
  636.        
  637. 14:31
  638. bob hope
  639. but we will see.
  640.        
  641. 14:31
  642. bob hope
  643. Hi all
  644.        
  645. 14:31
  646. bob hope
  647. Hey Michalas here!
  648.        
  649. 14:31
  650. bob hope
  651. Welcome back Michala
  652.        
  653. 14:31
  654. bob hope
  655. Webroot... man... I dont think I like the idea of using software that's mainly pushed by Best Buy geek squad... hahaha
  656.        
  657. 14:31
  658. bob hope
  659. thanks
  660.        
  661. 14:32
  662. bob hope
  663. heh, yeah we are wondering about it as well. We are going to go through some testing phases to see if the integration with RMM is worth it.
  664.        
  665. 14:32
  666. bob hope
  667. I have a friend that uses webroot home user and swears by it.
  668.        
  669. 14:32
  670. bob hope
  671. Rapid7 have whitepapers as well. Never read any of them so not sure if any good but hey a link costs nothing: http://www.rapid7.com/resources/white-papers.jsp
  672.        
  673. 14:33
  674. bob hope
  675. Passive now, active later
  676.        
  677. 14:34
  678. bob hope
  679. I recommend ESET to end users. I've had my nightmares with McAfee in corp environments.
  680.        
  681. 14:34
  682. bob hope
  683. Same here
  684.        
  685. 14:34
  686. bob hope
  687. AVG Business has been good so far. Not a fan of AVG home though
  688.        
  689. 14:34
  690. bob hope
  691. yeah, I really dont like McAfee even tho I hear good things about it. Just never had good experiences.
  692.        
  693. 14:34
  694. bob hope
  695. A lot of overlap... yeah  Thanks uys for explaining it
  696.        
  697. 14:34
  698. bob hope
  699. We used AVG at my last job and it was pretty good.
  700.        
  701. 14:35
  702. bob hope
  703. I have had good results with Avast
  704.        
  705. 14:35
  706. bob hope
  707. this give you a little bit of an idea about my previous companies security.... McAfee
  708.        
  709. 14:35
  710. bob hope
  711. Don't forget the ever popular Friendface
  712.        
  713. 14:36
  714. bob hope
  715. I am very fond of Avast!
  716.        
  717. 14:36
  718. bob hope
  719. Ha! Myspace...?
  720.        
  721. 14:36
  722. bob hope
  723. Photos have lots of info inside
  724.        
  725. 14:37
  726. bob hope
  727. Yep, metadata, especially cell phone pics
  728.        
  729. 14:37
  730. bob hope
  731. I post on Facebook no more than twice a year
  732.        
  733. 14:37
  734. bob hope
  735. Yep, been there.
  736.        
  737. 14:37
  738. bob hope
  739. Myspace's doom was allowing every idiot to inject javascript into their profile
  740.        
  741. 14:37
  742. bob hope
  743. yeah
  744.        
  745. 14:38
  746. bob hope
  747. mingle dot com ??? Are these register to use sites any worth?
  748.        
  749. 14:38
  750. bob hope
  751. My geocities site that I used to practice web devel a long time ago was up for several years.
  752.        
  753. 14:39
  754. bob hope
  755. Didnt google buy Geocities?
  756.        
  757. 14:39
  758. bob hope
  759. comes back to "once it's on the Internet, its there forever"
  760.        
  761. 14:39
  762. bob hope
  763. i mean... angelfire is still aroung
  764.        
  765. 14:39
  766. bob hope
  767. *around
  768.        
  769. 14:39
  770. bob hope
  771. samy is my hero ! : http://en.wikipedia.org/wiki/Samy_%28computer_worm%29
  772.        
  773. 14:39
  774. bob hope
  775. Wow, I remember Geocities. Been forever since I heard someone talk about it
  776.        
  777. 14:39
  778. bob hope
  779. Does anyone have the link to remove your facebook profile or other social sites as well?
  780.        
  781. 14:39
  782. bob hope
  783. Tripod had a page on there all written in Netscape Composer.
  784.        
  785. 14:40
  786. bob hope
  787. http://onemilliontweetmap.com/
  788.        
  789. 14:41
  790. bob hope
  791. lol
  792.        
  793. 14:41
  794. bob hope
  795. Im never posting on social media again
  796.        
  797. 14:41
  798. bob hope
  799. What day it is?
  800.        
  801. 14:42
  802. bob hope
  803. It is "Today".
  804.        
  805. 14:42
  806. bob hope
  807. LMAO @Shawn
  808.        
  809. 14:43
  810. bob hope
  811. *facepalm
  812.        
  813. 14:44
  814. bob hope
  815. Local Enforcement has similar tools for this.
  816.        
  817. 14:44
  818. bob hope
  819. Wow - great tool!
  820.        
  821. 14:44
  822. bob hope
  823. Who needs tools?It's all free
  824.        
  825. 14:44
  826. bob hope
  827. cool site
  828.        
  829. 14:44
  830. bob hope
  831. I want the NSA version
  832.        
  833. 14:44
  834. bob hope
  835. Like.... specific tools
  836.        
  837. 14:45
  838. bob hope
  839. https://app.echosec.net/
  840.        
  841. 14:46
  842. bob hope
  843. wow
  844.        
  845. 14:46
  846. bob hope
  847. nice!
  848.        
  849. 14:46
  850. bob hope
  851. awsome
  852.        
  853. 14:47
  854. bob hope
  855. how did they get my picture?? haha
  856.        
  857. 14:47
  858. bob hope
  859. Holy Crap!!!! I'm glad I don't have any social media accounts  
  860.        
  861. 14:48
  862. bob hope
  863. can you filter on Username?
  864.        
  865. 14:48
  866. bob hope
  867. gotta play around with this today
  868.        
  869. 14:48
  870. bob hope
  871. Mind = Blown
  872.        
  873. 14:49
  874. bob hope
  875. Can you pull up specific people through echosec?
  876.        
  877. 14:49
  878. bob hope
  879. We've just tweeted someone back who was at out shopping center (mall) a few minutes ago. He's shocked haha
  880.        
  881. 14:50
  882. bob hope
  883. This is public sector software. Law Enforcement & Govt have for more. Tripware.
  884.        
  885. 14:50
  886. bob hope
  887. "Hey @Dave! That Meeting in the conference room at 10am tomorrow" - things like that you can use
  888.        
  889. 14:50
  890. bob hope
  891. This is a great way for identifying any rogue tweeters at work
  892.        
  893. 14:50
  894. bob hope
  895. "Hey @ Dave Ugh, email is down AGAIN'
  896.        
  897. 14:51
  898. bob hope
  899. Interesting way to look for leaks
  900.        
  901. 14:52
  902. bob hope
  903. This is exactly why you should switch of Geo location on your apps. There is no real need for twitter or facebook to have it
  904.        
  905. 14:52
  906. bob hope
  907. USPS does this rogue social media behavior and cracking down on it.
  908.        
  909. 14:54
  910. bob hope
  911. Wow, someone in my area even tweeting about their court date.
  912.        
  913. 14:54
  914. bob hope
  915. LOL @Dave.
  916.        
  917. 14:54
  918. bob hope
  919. Spokeo I use.
  920.        
  921. 14:54
  922. bob hope
  923. What we can discover about our neighbours...
  924.        
  925. 14:55
  926. bob hope
  927. If your looking for someone specific, as was the persons question. Wouldn't you just look up their profile directly?
  928.        
  929. 14:55
  930. bob hope
  931. Think I just need to go off the GRID
  932.        
  933. 14:55
  934. bob hope
  935. http://www.zabasearch.com/
  936.        
  937. 14:55
  938. bob hope
  939. @David L: No, just be more careful.
  940.        
  941. 14:56
  942. bob hope
  943. Thanks Mike
  944.        
  945. 14:56
  946. bob hope
  947. Hey my neighbor just trash talked me! LOL JK  
  948.        
  949. 14:57
  950. bob hope
  951. @Mountain D Mike - Is your number the one ending 89 or 43?
  952.        
  953. 14:57
  954. bob hope
  955. A lot of those DB are stale.
  956.        
  957. 14:57
  958. bob hope
  959. only joking
  960.        
  961. 14:57
  962. bob hope
  963. Someone with similar name
  964.        
  965. 14:57
  966. bob hope
  967. For the UK http://www.192.com/ is helpful to find info from electoral register that people may not realise is still out there
  968.        
  969. 14:57
  970. bob hope
  971. RMS is another DB that Law Enforcement uses.
  972.        
  973. 14:58
  974. bob hope
  975. It's true.. .I could find a picture of him even
  976.        
  977. 14:58
  978. bob hope
  979. @Michala - I for one have always been ex-directory and I'm from the UK
  980.        
  981. 14:59
  982. bob hope
  983. Do you register to vote?
  984.        
  985. 14:59
  986. bob hope
  987. whitepages
  988.        
  989. 14:59
  990. bob hope
  991. What are the steps to keep yourself off these sites?
  992.        
  993. 14:59
  994. bob hope
  995. Yeah. But keep off the public electrol. No need to be on that unless you want double glazing
  996.        
  997. 14:59
  998. bob hope
  999. Go off the grid!
  1000.        
  1001. 15:00
  1002. bob hope
  1003. @David B I'm already so paranoid I do not apply for loyalty cards
  1004.        
  1005. 15:00
  1006. bob hope
  1007. So you opt-out of the register. But prior to 2002 that option wasn't available and some of these sites still publish the old data
  1008.        
  1009. 15:00
  1010. bob hope
  1011. rofl, i found my dog on pinterest
  1012.        
  1013. 15:00
  1014. bob hope
  1015. yeah I've tried to quite facebook like 3 times in the past couple years. my wife keeps pulling me back in so she can tag me in stuff
  1016.        
  1017. 15:00
  1018. bob hope
  1019. Prior to 2002 I didn't register for that reason
  1020.        
  1021. 15:00
  1022. bob hope
  1023. heh @Brian where did you take him when you took him out earlier>?
  1024.        
  1025. 15:00
  1026. bob hope
  1027. @Mike P Sensible guy  
  1028.        
  1029. 15:01
  1030. bob hope
  1031. Voting + ID = Jury Duty.
  1032.        
  1033. 15:01
  1034. bob hope
  1035. Moving house is one of the best things you can do
  1036.        
  1037. 15:01
  1038. bob hope
  1039. @Sean - Thanks for the paranoia. I will cherish it forever
  1040.        
  1041. 15:01
  1042. bob hope
  1043. With my data protection hat on I was always getting letters from people about receiving spam because they hadn't opted out of the register
  1044.        
  1045. 15:02
  1046. bob hope
  1047. In our state they can use DMV rolls
  1048.        
  1049. 15:02
  1050. bob hope
  1051. I've just thrown my wallet and phone in the fire
  1052.        
  1053. 15:02
  1054. bob hope
  1055. @James Voting is a duty. Jury duty is one of the prices I am willing to pay.
  1056.        
  1057. 15:02
  1058. bob hope
  1059. @Philip really, that's public?
  1060.        
  1061. 15:02
  1062. bob hope
  1063. We'll all go off and be hermits after this course!
  1064.        
  1065. 15:02
  1066. bob hope
  1067. To the circuit court clerk it is definitely public
  1068.        
  1069. 15:03
  1070. bob hope
  1071. @Mike P lol. Sometimes I want to be a hermit
  1072.        
  1073. 15:03
  1074. bob hope
  1075. I don't mind doing it never been called and will not. I'm visually impaired and would compromise a case.
  1076.        
  1077. 15:03
  1078. bob hope
  1079. I've run out of mesh. Just one wall to cover
  1080.        
  1081. 15:03
  1082. bob hope
  1083. In some states the DMV sells the information to mailing lists
  1084.        
  1085. 15:03
  1086. bob hope
  1087. @ David I agree with you. It is a duty I am willing to do as a citizen
  1088.        
  1089. 15:03
  1090. bob hope
  1091. Power and electrical companies sell new connections information
  1092.        
  1093. 15:04
  1094. bob hope
  1095. @James P roger that. Also one of the reasons I spent time in the military.
  1096.        
  1097. 15:05
  1098. bob hope
  1099. wonder if it would be a good thing to bring a portfolio of the manager that is interviewing me next week for a job?
  1100.        
  1101. 15:05
  1102. bob hope
  1103. Only been called up once, bounced off because my wife relative was the lead officer for the case
  1104.        
  1105. 15:05
  1106. bob hope
  1107. I can not serve in the military so I am grateful for those that do. Thank you
  1108.        
  1109. 15:06
  1110. bob hope
  1111. At the interview for the job I just got, they asked me how I'd hack them. I had done some social media searches on the interview panel and the end result got me the job so it can work
  1112.        
  1113. 15:06
  1114. bob hope
  1115. I hate when work gets in the way of learning. Phone won't quit ringing.
  1116.        
  1117. 15:06
  1118. bob hope
  1119. That was for Michael G
  1120.        
  1121. 15:06
  1122. bob hope
  1123. will the links be in the usual show notes
  1124.        
  1125. 15:06
  1126. bob hope
  1127. Nice @Michala
  1128.        
  1129. 15:06
  1130. bob hope
  1131. @Michael he'll either hire you or throw you out the door
  1132.        
  1133. 15:06
  1134. bob hope
  1135. she
  1136.        
  1137. 15:06
  1138. bob hope
  1139. @Michala - way to go
  1140.        
  1141. 15:07
  1142. bob hope
  1143. @Michael They are probably going to do it to you so why not return the favor
  1144.        
  1145. 15:07
  1146. bob hope
  1147. or she
  1148.        
  1149. 15:07
  1150. bob hope
  1151. The disadvantage of what I did is identifying that one of the directors puts far too much information about what they are ding in their technical environment on twitter - I have to address that pronto when I start
  1152.        
  1153. 15:07
  1154. bob hope
  1155. Why I limit my posts to hobbies or volunteer work
  1156.        
  1157. 15:08
  1158. bob hope
  1159. Sorry guys been nosy on some of you already
  1160.        
  1161. 15:08
  1162. bob hope
  1163. @Mike P Surely not
  1164.        
  1165. 15:08
  1166. bob hope
  1167. Well, my area.... surprised me. Not too much social media going on. Wonder if it's because I live in the south....
  1168.        
  1169. 15:08
  1170. bob hope
  1171. I'm getting addicted to echosec LOL
  1172.        
  1173. 15:09
  1174. bob hope
  1175. Your a BCS member Michala?
  1176.        
  1177. 15:09
  1178. bob hope
  1179. There is just so much public info out there. People just search your name in the county records if you own a house for example
  1180.        
  1181. 15:10
  1182. bob hope
  1183. @Mike P yes
  1184.        
  1185. 15:10
  1186. bob hope
  1187. It's also by the way people worth asking companies and councils for freedom of information stuff
  1188.        
  1189. 15:10
  1190. bob hope
  1191. @Shawn South of the US?
  1192.        
  1193. 15:10
  1194. bob hope
  1195. you will be surprised at what they have to legally tell you
  1196.        
  1197. 15:11
  1198. bob hope
  1199. I knew it, work would call me today!
  1200.        
  1201. 15:11
  1202. bob hope
  1203. @Mike P Oh yes, great tip. I trawled the FOI disclosure logs of my former company on a regular basis to check if anything got out. Unfortunately also a common form of data breach
  1204.        
  1205. 15:11
  1206. bob hope
  1207. Remember any non profit has to release their tax returns. Makes interesting reading, especially the salaries of those who earn over a certain amount
  1208.        
  1209. 15:11
  1210. bob hope
  1211. @Mike P Did you see that as of yesterday National Rail is now in scope of FOI?
  1212.        
  1213. 15:12
  1214. bob hope
  1215. Yep. lol
  1216.        
  1217. 15:14
  1218. bob hope
  1219. @Mike P Do you just say "Give me your freedom of information stuff" or is there a process?
  1220.        
  1221. 15:14
  1222. bob hope
  1223. Hmmm... echosec doesnt seem to be showing me twitter
  1224.        
  1225. 15:14
  1226. bob hope
  1227. I'm only getting flickr
  1228.        
  1229. 15:14
  1230. bob hope
  1231. Normally a process.
  1232.        
  1233. 15:14
  1234. bob hope
  1235. create a rectangle then you'll see it.
  1236.        
  1237. 15:15
  1238. bob hope
  1239. Public sectors normally have a form on a site to fill in
  1240.        
  1241. 15:15
  1242. bob hope
  1243. @Mike P Thanks
  1244.        
  1245. 15:15
  1246. bob hope
  1247. My wife had one once sent in, someone asking the amount of money spent on pens in a year
  1248.        
  1249. 15:15
  1250. bob hope
  1251. lol
  1252.        
  1253. 15:16
  1254. bob hope
  1255. For the dog lovers, this is my Pacino: https://www.pinterest.com/pin/119908408800960108/
  1256.        
  1257. 15:16
  1258. bob hope
  1259. With Echosec - if you use polygon select how do you close the polygon?
  1260.        
  1261. 15:16
  1262. bob hope
  1263. Nice dog @Brian
  1264.        
  1265. 15:16
  1266. bob hope
  1267. double click on the last one
  1268.        
  1269. 15:16
  1270. bob hope
  1271. @Brian, cool looking dog
  1272.        
  1273. 15:17
  1274. bob hope
  1275. I have a Corgi
  1276.        
  1277. 15:17
  1278. bob hope
  1279. Cool @Brian. I have 3 ankle biters myself.
  1280.        
  1281. 15:17
  1282. bob hope
  1283. echo polygon - double-click
  1284.        
  1285. 15:17
  1286. bob hope
  1287. Right click brings up menu for browser
  1288.        
  1289. 15:17
  1290. bob hope
  1291. @James, 3? Wow, I only can do one dog at a time!
  1292.        
  1293. 15:17
  1294. bob hope
  1295. double click closes and searches
  1296.        
  1297. 15:18
  1298. bob hope
  1299. That is the wifey doing not mine.
  1300.        
  1301. 15:18
  1302. bob hope
  1303. Aha - thanks Mike
  1304.        
  1305. 15:18
  1306. bob hope
  1307. Not happy about it either
  1308.        
  1309. 15:18
  1310. bob hope
  1311. @James, that is how I got my dog. I got back from an international trip and there he was!
  1312.        
  1313. 15:19
  1314. bob hope
  1315. Todays pastebin is going to be massive!
  1316.        
  1317. 15:19
  1318. bob hope
  1319. She sneaked it in on you @David. Low!
  1320.        
  1321. 15:20
  1322. bob hope
  1323. *Next time on ITProTV...*
  1324.        
  1325. 15:20
  1326. bob hope
  1327. I'm hooked looking at tweets, someone else locally: "I pray to God the nurse can help me out"
  1328.        
  1329. 15:20
  1330. bob hope
  1331. Can someone point me to the pastebin
  1332.        
  1333. 15:20
  1334. bob hope
  1335. ??
  1336.        
  1337. 15:21
  1338. bob hope
  1339. @James, yeah, that was the low point for our marriage for sure. Now things are different (much better). That was 10 years ago
  1340.        
  1341. 15:21
  1342. bob hope
  1343. No joke, Everytime I copy the chat logs to onenote, my com puter lags lol
  1344.        
  1345. 15:21
  1346. bob hope
  1347. Ha getting blueberry muggings from a user, because I recovered a file they deleted off the file server
  1348.        
  1349. 15:21
  1350. bob hope
  1351. there wont be a link until the end of the day daryll
  1352.        
  1353. 15:21
  1354. bob hope
  1355. muffins
  1356.        
  1357. 15:21
  1358. bob hope
  1359. OK, got it, thanks!
  1360.        
  1361. 15:21
  1362. bob hope
  1363. dam my typing
  1364.        
  1365. 15:21
  1366. bob hope
  1367. haha, Ive never had a blueberry mugging before...
  1368.        
  1369. 15:22
  1370. bob hope
  1371. Oh man! Not the animals fault though.
  1372.        
  1373. 15:22
  1374. bob hope
  1375. Dogs are like car purchases, should be discussed before purchase
  1376.        
  1377. 15:22
  1378. bob hope
  1379. I've heard of Chav Burberry Muggins?
  1380.        
  1381. 15:22
  1382. bob hope
  1383. it's when a bunch of blueberries attack a helpless raspberry on the street
  1384.        
  1385. 15:22
  1386. bob hope
  1387. heh
  1388.        
  1389. 15:22
  1390. bob hope
  1391. indeed, I ended up loving the mutt just the same but we agreed to the one Dog at a time policy
  1392.        
  1393. 15:23
  1394. bob hope
  1395. I'm always home so they keep me company.
  1396.        
  1397. 15:23
  1398. bob hope
  1399. Incidentally, I'm the only one that the dog really listens to
  1400.        
  1401. 15:23
  1402. bob hope
  1403. training and policies
  1404.        
  1405. 15:23
  1406. bob hope
  1407. Same here, I work from home 90% of the time
  1408.        
  1409. 15:24
  1410. bob hope
  1411. 1D10T errors
  1412.        
  1413. 15:24
  1414. bob hope
  1415. QUESTION: As social engineering is the biggest vulnerability for organistions, in your experience Sean - how many organisations actually do social engineering pen tests rather than technical only?
  1416.        
  1417. 15:24
  1418. bob hope
  1419. Borg Alcove.
  1420.        
  1421. 15:25
  1422. bob hope
  1423. i could see where that would definately be beneficial @Michala
  1424.        
  1425. 15:26
  1426. bob hope
  1427. It may not be a very big or very "important" company and dont have an interest in a full Pen Test, but a social engineering test could be more beneficial than a full one.
  1428.        
  1429. 15:26
  1430. bob hope
  1431. I always liked 'layer 8' errors myself
  1432.        
  1433. 15:27
  1434. bob hope
  1435. I hate those @James. hehe waste of time. The network and all the computers would run a lot better if we just got rid of the users...
  1436.        
  1437. 15:27
  1438. bob hope
  1439. Of course you want to do spear phishing.
  1440.        
  1441. 15:27
  1442. bob hope
  1443. DISA has some nice free INFOSEC courses - leveled for different levels employees, from passwd to BYOD...
  1444.        
  1445. 15:27
  1446. bob hope
  1447. lol
  1448.        
  1449. 15:28
  1450. bob hope
  1451. @Sean and Mike Okay - thank you.
  1452.        
  1453. 15:28
  1454. bob hope
  1455. Don't click on links in emails.
  1456.        
  1457. 15:28
  1458. bob hope
  1459. LOL
  1460.        
  1461. 15:29
  1462. bob hope
  1463. What all does Social Engineering encompass? You talked about a few, but like @James pointed out, phishing is part of that, but what else is included in that?
  1464.        
  1465. 15:29
  1466. bob hope
  1467. Call the help desk and request to have your pw reset. 90% of the time help desk will fall for the trick.
  1468.        
  1469. 15:30
  1470. bob hope
  1471. Never click links in chatrooms
  1472.        
  1473. 15:30
  1474. bob hope
  1475. Hospitals now require it to be up high due to regs
  1476.        
  1477. 15:30
  1478. bob hope
  1479. haha, good point @Mike
  1480.        
  1481. 15:30
  1482. bob hope
  1483. brb, I have to reload my computer...
  1484.        
  1485. 15:30
  1486. bob hope
  1487.  
  1488.        
  1489. 15:30
  1490. bob hope
  1491. @Mike R - Pretty sure they're coming to that
  1492.        
  1493. 15:30
  1494. bob hope
  1495.  - I'm sure our ISPs have already passed us on to NSA/GCHQ after today's searches
  1496.        
  1497. 15:31
  1498. bob hope
  1499. I'd get to see what their badges look like and try to make a fake one so I could pass.
  1500.        
  1501. 15:31
  1502. bob hope
  1503. Some orgs don't put the name on the front of the badge to prevent people getting names in this type of attack
  1504.        
  1505. 15:31
  1506. bob hope
  1507. When I go to my office (rare occurrence) I need to display my badge on my shirt pocket at all times, people actually challenge me if I forget to wear it
  1508.        
  1509. 15:31
  1510. bob hope
  1511. Our council makes employers where there badge "backwards"
  1512.        
  1513. 15:31
  1514. bob hope
  1515. @James Why not test it by using a novelty name badge?
  1516.        
  1517. 15:31
  1518. bob hope
  1519. *wear
  1520.        
  1521. 15:32
  1522. bob hope
  1523. auto correct is still killing me today
  1524.        
  1525. 15:32
  1526. bob hope
  1527. Tailgating is surprisingly easy to do in most companies
  1528.        
  1529. 15:32
  1530. bob hope
  1531. Some of those badges have RFID and can be copied.
  1532.        
  1533. 15:32
  1534. bob hope
  1535. Tailgating is a pet peeve of mine
  1536.        
  1537. 15:32
  1538. bob hope
  1539. @Mike, yeah, that happens to me on the iPad all the time
  1540.        
  1541. 15:33
  1542. bob hope
  1543. @James P - Yep. I feel bad slamming the door into a persons face evertime
  1544.        
  1545. 15:33
  1546. bob hope
  1547. But security first
  1548.        
  1549. 15:33
  1550. bob hope
  1551. Social engineering seems to encompass every old con-man confidence scheme that has been around since the beginning of human society. Gain someones trust, confidence, etc to get or take something from them.
  1552.        
  1553. 15:33
  1554. bob hope
  1555. @Creigh Exactly
  1556.        
  1557. 15:33
  1558. bob hope
  1559. One lesson I learned in 82nd. NO ID NO ACCESS. Never ever be afraid to deny entry to someone.
  1560.        
  1561. 15:33
  1562. bob hope
  1563. I don't even have card access to the building since I'm a telecommuter, I need to bug the guard when I need to get my mail
  1564.        
  1565. 15:33
  1566. bob hope
  1567. I walk people so someone I know who will vouch for the tailgater. Most people understand and thank you
  1568.        
  1569. 15:34
  1570. bob hope
  1571. at my previous place of work I was able to walk in without my badge, and get through the entire day without needing one.
  1572.        
  1573. 15:34
  1574. bob hope
  1575. Lingo comes in big here
  1576.        
  1577. 15:34
  1578. bob hope
  1579. Kevin who? Did someone catch that name?
  1580.        
  1581. 15:35
  1582. bob hope
  1583. Mitnick
  1584.        
  1585. 15:35
  1586. bob hope
  1587. Mitnick
  1588.        
  1589. 15:35
  1590. bob hope
  1591. He has some good books which explain what he used to get up to
  1592.        
  1593. 15:35
  1594. bob hope
  1595. He was the king of social engineering
  1596.        
  1597. 15:36
  1598. bob hope
  1599. His books are great
  1600.        
  1601. 15:36
  1602. bob hope
  1603. http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X
  1604.        
  1605. 15:36
  1606. bob hope
  1607. Hi-vis, iron on transfer the logo from their website
  1608.        
  1609. 15:36
  1610. bob hope
  1611. or by carrying a laptop bag or other tools
  1612.        
  1613. 15:36
  1614. bob hope
  1615. People fall for people who project authority and are afraid of questioning them
  1616.        
  1617. 15:36
  1618. bob hope
  1619. Good Book @Chris
  1620.        
  1621. 15:37
  1622. bob hope
  1623. I have all of Mitnick's books, Ghost in the wires is excellent
  1624.        
  1625. 15:37
  1626. bob hope
  1627. Love that film
  1628.        
  1629. 15:37
  1630. bob hope
  1631. @ James yes always wanted to red but haven't yet.
  1632.        
  1633. 15:37
  1634. bob hope
  1635. red it
  1636.        
  1637. 15:38
  1638. bob hope
  1639. read it
  1640.        
  1641. 15:38
  1642. bob hope
  1643. Catch me if you can movie is awesome, so is the book
  1644.        
  1645. 15:38
  1646. bob hope
  1647. Quickly! Can someone send me their login details to check the websites working for me. QUICK THE WORLDS ENDING
  1648.        
  1649. 15:38
  1650. bob hope
  1651. reddit?
  1652.        
  1653. 15:38
  1654. bob hope
  1655. *wonders how many techies here are also roleplayers* could be relevant to our acting ability
  1656.        
  1657. 15:38
  1658. bob hope
  1659. Many are short on the ears and long in the mouth.
  1660.        
  1661. 15:40
  1662. bob hope
  1663. Social eng is how Mat Honan from wired got all of his Apple devices wiped.
  1664.        
  1665. 15:40
  1666. bob hope
  1667. @James I could use longer ears
  1668.        
  1669. 15:40
  1670. bob hope
  1671. Anyone in a UPS uniform gets in no problem
  1672.        
  1673. 15:40
  1674. bob hope
  1675. Yeah, I remember that hack.
  1676.        
  1677. 15:40
  1678. bob hope
  1679. Wow... that's amazing
  1680.        
  1681. 15:40
  1682. bob hope
  1683. Longer ears would be classified as a Ferengi.
  1684.        
  1685. 15:41
  1686. bob hope
  1687. Look for an empty office, and move in, like George Costanza.
  1688.        
  1689. 15:41
  1690. bob hope
  1691. LOL
  1692.        
  1693. 15:41
  1694. bob hope
  1695. How do you teach someone to protect themselves from every effective con that has worked before in a 45 minute training seminar... No perfect solution to that one.
  1696.        
  1697. 15:41
  1698. bob hope
  1699. LOL
  1700.        
  1701. 15:41
  1702. bob hope
  1703. great social engineering book http://www.amazon.co.uk/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=asap_bc?ie=UTF8 by Chris Hadnagy who is behind http://www.social-engineer.org
  1704.        
  1705. 15:41
  1706. bob hope
  1707. @Darryl Thanks I heard that's a good book
  1708.        
  1709. 15:42
  1710. bob hope
  1711. @Darryl Thanks for link, adding to to read list
  1712.        
  1713. 15:42
  1714. bob hope
  1715. *Bookmarked
  1716.        
  1717. 15:42
  1718. bob hope
  1719. @Darryl, good book. That book teaches you facial expressions and how to look when you lie
  1720.        
  1721. 15:43
  1722. bob hope
  1723. I'm reminded of the show 'Lie to me'
  1724.        
  1725. 15:43
  1726. bob hope
  1727. Not quite on current topic, buy phishing crosses into social engineering. The OpenDNS test is worth a go: https://www.opendns.com/phishing-quiz/
  1728.        
  1729. 15:43
  1730. bob hope
  1731. That was a good show @Michala
  1732.        
  1733. 15:43
  1734. bob hope
  1735. @Michala, I remember that show
  1736.        
  1737. 15:44
  1738. bob hope
  1739. "Lie to me" was a good show for understanding body language
  1740.        
  1741. 15:44
  1742. bob hope
  1743. Thanks @Mike P
  1744.        
  1745. 15:44
  1746. bob hope
  1747. say your there for an interview/sales , say to receptionist i forgot my CV can you print it off handing them a rubberDucky Usb stick
  1748.        
  1749. 15:45
  1750. bob hope
  1751. @Sean - Isn't that what you hope for the company though? Wouldnt that be what you would WANT to happen?
  1752.        
  1753. 15:45
  1754. bob hope
  1755. Have a good lunch guys!
  1756.        
  1757. 15:45
  1758. bob hope
  1759. Michala - You and I had the same thought...sorry for the duplication
  1760.        
  1761. 15:45
  1762. bob hope
  1763. Thanks guys another top notch show!
  1764.        
  1765. 15:45
  1766. bob hope
  1767. @Sean - Catching you?
  1768.        
  1769. 15:45
  1770. bob hope
  1771. Thanks guys!
  1772.        
  1773. 15:45
  1774. bob hope
  1775. Enjoy guys!
  1776.        
  1777. 15:45
  1778. bob hope
  1779. See you after lunch thanks  Np James
  1780.        
  1781. 15:46
  1782. bob hope
  1783. its only 8:45 am on west coast. Maybe some breakfast
  1784.        
  1785. 15:46
  1786. bob hope
  1787. Sean looking forward to reading your book. The pre-view on amazon looks great.
  1788.        
  1789. 15:46
  1790. bob hope
  1791. Yeah, I think there is an example in the book that played on sympathy as well. Something like my kid spilled something on my last printed resume and I need this job so can you print this out for me
  1792.        
  1793. 15:47
  1794. bob hope
  1795. you want the to work for it
  1796.        
  1797. 15:47
  1798. bob hope
  1799. @Darryl, I'm with you there
  1800.        
  1801. 15:47
  1802. bob hope
  1803. Still breakfast hour for me too
  1804.        
  1805. 15:47
  1806. bob hope
  1807. Here's the link to the micro expressions stuff that Lie to me was about if anyone wants to look into further: http://www.paulekman.com/micro-expressions/
  1808.        
  1809. 15:48
  1810. bob hope
  1811. See you guys after lunch
  1812.        
  1813. 15:48
  1814. bob hope
  1815. ok, see you after breakfast
  1816.        
  1817. 15:48
  1818. bob hope
  1819. Thanks @Michala that is very interseting
  1820.        
  1821. 15:48
  1822. bob hope
  1823. Gonna look for something to nibble on. BRB in a few.
  1824.        
  1825. 15:48
  1826. bob hope
  1827. Thanks all. Great fun. Make sure you;'ve backed up your OneNote
  1828.        
  1829. 15:48
  1830. bob hope
  1831. would take a lot of practice to get it down like he did in the show
  1832.        
  1833. 15:48
  1834. bob hope
  1835. in case anyone does not know what a rubberDucky USB stick is http://hakshop.myshopify.com/products/usb-rubber-ducky-deluxe?variant=353378649
  1836.        
  1837. 15:50
  1838. bob hope
  1839. Need a case on the rubber ducky that says logitech or Microsoft so they think it is a receiver for USB keyboard
  1840.        
  1841. 15:50
  1842. bob hope
  1843. @Darryl Thanks
  1844.        
  1845. 15:50
  1846. bob hope
  1847. I have an older Ducky, works great!
  1848.        
  1849. 15:50
  1850. bob hope
  1851. The quick guide to microexpressions without forking out money: http://www.scienceofpeople.com/2013/09/guide-reading-microexpressions/
  1852.        
  1853. 15:50
  1854. bob hope
  1855. Rubber Ducks great, but most large companies have already cut those dead. Hard handed way, disable USB altogether. Or more commonly try to mitigate the attack by cutting the execution of the script
  1856.        
  1857. 15:51
  1858. bob hope
  1859. Thanks @Darryl
  1860.        
  1861. 15:51
  1862. bob hope
  1863. Hak5 is a great Podcast
  1864.        
  1865. 15:51
  1866. bob hope
  1867. Thats the way we do at our clients. @ Mike P
  1868.        
  1869. 15:52
  1870. bob hope
  1871. I use them for internal training, good to drop in company public area, labeled "Pictures" she who plugs it in!
  1872.        
  1873. 15:53
  1874. bob hope
  1875. A thanks to Jason for putting up that information in the lower third, it really helps.
  1876.        
  1877. 15:57
  1878. bob hope
  1879. Another good book again by Chris Handnagy for Micro Expression , with the help of Dr Paul Echam who discovered them is http://www.amazon.co.uk/Unmasking-Social-Engineer-Element-Security/dp/1118608577/ref=asap_bc?ie=UTF8
  1880.        
  1881. 15:58
  1882. bob hope
  1883. @Darryl thanks, adding to reading list
  1884.        
  1885. 15:58
  1886. bob hope
  1887. Btw, has any one here done the EC Council incident handler cert and have views on it they are willing to share?
  1888.        
  1889. 15:58
  1890. bob hope
  1891. Great show!
  1892.        
  1893. 16:00
  1894. bob hope
  1895. good show! ready for the next.
  1896.        
  1897. 16:00
  1898. bob hope
  1899. AFK
  1900.        
  1901. 16:03
  1902. bob hope
  1903. @Mike P Just did that phishing test - YOU'RE A PHISH-SPOTTING NINJA! YOU CORRECTLY IDENTIFIED 14 OUT OF 14 SITES IN THE OPENDNS PHISHING QUIZ - phew!
  1904.        
  1905. 16:07
  1906. bob hope
  1907. That would be a good one to have employees do.
  1908.        
  1909. 16:08
  1910. bob hope
  1911. haha I got 14 as well
  1912.        
  1913. 16:08
  1914. bob hope
  1915. @ Michael yes they would benefit the most.
  1916.        
  1917. 16:09
  1918. bob hope
  1919. It's worth even making one relevant for your company. Altering the company intranet/website and emails to test the employees
  1920.        
  1921. 16:09
  1922. bob hope
  1923. I like the first one yahoo mail is upgrading with a google address LOL
  1924.        
  1925. 16:10
  1926. bob hope
  1927. @Mike P that is a good idea.
  1928.        
  1929. 16:10
  1930. bob hope
  1931. good thought
  1932.        
  1933. 16:11
  1934. bob hope
  1935. Haha, I make the suggestion to my company that we should have our clients do that test and my dispatcher replies "The resutls may be quite depressing."
  1936.        
  1937. 16:11
  1938. bob hope
  1939. I missed the American Airlines phish, I was going through it too quick.
  1940.        
  1941. 16:11
  1942. bob hope
  1943. Has anyone had any success with the spt toolkit? It was an open source phishing education tool but I never got it working correctly to manage multiple campaigns
  1944.        
  1945. 16:14
  1946. bob hope
  1947. Never tried it.
  1948.        
  1949. 16:19
  1950. bob hope
  1951. Not heard of that
  1952.        
  1953. 16:20
  1954. bob hope
  1955. looks like it's discontinued
  1956.        
  1957. 16:25
  1958. bob hope
  1959. Mmmm mexican food
  1960.        
  1961. 16:27
  1962. bob hope
  1963. Rob got a new high score?
  1964.        
  1965. 16:28
  1966. bob hope
  1967. I'm married to a Mexican Shawn, so everything she cooks is "Mexican food".
  1968.        
  1969. 16:30
  1970. bob hope
  1971. mmm, sounds good, when should I come over? haha
  1972.        
  1973. 16:31
  1974. bob hope
  1975. depends on what she or david is preparing tonight... what on the menu this evening David
  1976.        
  1977. 16:32
  1978. bob hope
  1979. Most of it is good (I know how to cook too), but she uses more oil than necessary.
  1980.        
  1981. 16:32
  1982. bob hope
  1983. i think Rob is in 3rd place
  1984.        
  1985. 16:32
  1986. bob hope
  1987. I cooked a bunch of pork on Saturday (and just heated up some for lunch right now).
  1988.        
  1989. 16:34
  1990. bob hope
  1991. It's been hard teaching a Mexican family that you don't use a metal fork on Teflon (TM), then you don't need so much cooking oil.
  1992.        
  1993. 16:37
  1994. bob hope
  1995. hahah @David
  1996.        
  1997. 16:37
  1998. bob hope
  1999. Where are you Nate?
  2000.        
  2001. 16:38
  2002. bob hope
  2003. haha
  2004.        
  2005. 16:40
  2006. bob hope
  2007. My Chromecast is still infrequently dropping the cast.
  2008.        
  2009. 16:41
  2010. bob hope
  2011. Is it the latest build causing issues dave?
  2012.        
  2013. 16:41
  2014. bob hope
  2015. Or you have them before tomorrow
  2016.        
  2017. 16:41
  2018. bob hope
  2019. No, it is probably the corporate network.
  2020.        
  2021. 16:43
  2022. bob hope
  2023. I don't have any casting problems or my DSL line, but it has been too slow to see an unbuffered presentation from IT Pro.
  2024.        
  2025. 16:43
  2026. bob hope
  2027. So I switch over to our corporate LAN.
  2028.        
  2029. 16:44
  2030. bob hope
  2031. I still might try the new travel router, to see if that helps.
  2032.        
  2033. 16:45
  2034. bob hope
  2035. The drops aren't that frequent, but it is random.
  2036.        
  2037. 16:45
  2038. bob hope
  2039. I'm not going to attempt a suggestion, I'm sure you've tried everything
  2040.        
  2041. 16:46
  2042. bob hope
  2043. that was fun 14 of 14 hazaa!! https://www.opendns.com/phishing-quiz/
  2044.        
  2045. 16:46
  2046. bob hope
  2047. The ADTRAN WAPs that we have to use are only G-rate.
  2048.        
  2049. 16:47
  2050. bob hope
  2051. I keep a "rough" ap in my bag for hooking myself into the LAN wirelessly if I need it from say a meeting room but the main wifi is acting up.
  2052.        
  2053. 16:47
  2054. bob hope
  2055. obviously on a different channel
  2056.        
  2057. 16:47
  2058. bob hope
  2059. I can't believe that ADTRAN hasn't made a version that supports the N rate yet.
  2060.        
  2061. 16:47
  2062. bob hope
  2063. @Michael - Good in't it
  2064.        
  2065. 16:48
  2066. bob hope
  2067. Be back - have to relo
  2068.        
  2069. 16:48
  2070. bob hope
  2071. The bad one I think, is the one where they show the EV in blue. Which is incorrect but they still say it's a correct image
  2072.        
  2073. 16:48
  2074. bob hope
  2075. Can anyone suggest a LEGAL way that I can find a lab for learning/working with MAC?
  2076.        
  2077. 16:48
  2078. bob hope
  2079. I guess that they will skip it, and go to AC.
  2080.        
  2081. 16:49
  2082. bob hope
  2083. I've moved to AC at home, for the first time ever I considered ripping out the cat cables, only for a few minutes
  2084.        
  2085. 16:49
  2086. bob hope
  2087. Yeah - I liked it. Super Hands on training for future employees - definitely added to my list of training aides.
  2088.        
  2089. 16:49
  2090. bob hope
  2091. now if only I can find a job!!!
  2092.        
  2093. 16:49
  2094. bob hope
  2095. lol
  2096.        
  2097. 16:49
  2098. bob hope
  2099. @William - MAC?
  2100.        
  2101. 16:50
  2102. bob hope
  2103. sorry Mac
  2104.        
  2105. 16:50
  2106. bob hope
  2107. as in Mac os
  2108.        
  2109. 16:50
  2110. bob hope
  2111. Ah. You need a VM company
  2112.        
  2113. 16:51
  2114. bob hope
  2115. The one I used to use went bust. I'm just asking in the office what else there is.
  2116.        
  2117. 16:52
  2118. bob hope
  2119. thanks
  2120.        
  2121. 16:53
  2122. bob hope
  2123. Nah none knows of anything legal I'm afraid.
  2124.        
  2125. 16:53
  2126. bob hope
  2127. i figured.... oh wel
  2128.        
  2129. 16:53
  2130. bob hope
  2131. l
  2132.        
  2133. 16:53
  2134. bob hope
  2135. If you don't want to buy the OS. You need to find a VM as a service company
  2136.        
  2137. 16:54
  2138. bob hope
  2139. They are around. although most are Windows and Linux offerings. I guess the Mac licencing causes problems
  2140.        
  2141. 16:54
  2142. bob hope
  2143. I mean.. .technically... it's not legal to run the OS on anything but their hardware... per the terms of agreement
  2144.        
  2145. 16:54
  2146. bob hope
  2147. You can (I believe) run the OS On VirtualBox
  2148.        
  2149. 16:55
  2150. bob hope
  2151. I've attempted that in the past... jsut not sure how to start it up
  2152.        
  2153. 16:55
  2154. bob hope
  2155. YouTube is your best bet for that
  2156.        
  2157. 16:57
  2158. bob hope
  2159. yep... just figured if someone knew of a quick and easy way
  2160.        
  2161. 16:57
  2162. bob hope
  2163. Afraid not. Apple arn't to accommodating about you jamming their OS on none Mac products
  2164.        
  2165. 16:57
  2166. bob hope
  2167. Maybe Sean knows how to "hack it in"
  2168.        
  2169. 17:01
  2170. bob hope
  2171. i mean
  2172.        
  2173. 17:02
  2174. bob hope
  2175. a lot of hacer take macbooks to conferences
  2176.        
  2177. 17:02
  2178. bob hope
  2179. they use them as thei main devices and have vms running inside them
  2180.        
  2181. 17:02
  2182. bob hope
  2183. ugh... typing today
  2184.        
  2185. 17:02
  2186. bob hope
  2187. Yeah most Mac people run windows as a VM
  2188.        
  2189. 17:02
  2190. bob hope
  2191. so they can do some actual work
  2192.        
  2193. 17:02
  2194. bob hope
  2195. Awaiting an Apple thrown at my face
  2196.        
  2197. 17:03
  2198. bob hope
  2199. plus once you drop down to terminal in mac... you can do ALMOST as much as you can in linux. As long as you can get the source and compile it locally
  2200.        
  2201. 17:03
  2202. bob hope
  2203. @Mike P: Including Don.
  2204.        
  2205. 17:03
  2206. bob hope
  2207. plus it gives you that nice cult like sense of belonging
  2208.        
  2209. 17:04
  2210. bob hope
  2211. If you want linux get a linux,
  2212.        
  2213. 17:04
  2214. bob hope
  2215. only joking by the way William
  2216.        
  2217. 17:04
  2218. bob hope
  2219. Speaking of which... if Don is on here now... and thoughts on when the 9lo-525(Certified Technical Coordinator) series will finish up?
  2220.        
  2221. 17:06
  2222. bob hope
  2223. I've always liked Microsoft (dodges thrown glass). That's why i'm a .NET developer. Like any large long running company they have made some dire mistakes though. Windows ME argh!
  2224.        
  2225. 17:06
  2226. bob hope
  2227. @mike... yeah... i have a dual core celeron netbook with 4gb of ram that i run point linux on. That's my main linux machine... then I have an OLD PII running my print server, and my media/file server
  2228.        
  2229. 17:06
  2230. bob hope
  2231. I haven't virtualized much with clients yet, almost all of our servers in the office are however.
  2232.        
  2233. 17:06
  2234. bob hope
  2235. i used to love microsoft in the DOS days
  2236.        
  2237. 17:07
  2238. bob hope
  2239. you type in al lthe commands and get places... and people look at you like "Are you a wizard?"
  2240.        
  2241. 17:07
  2242. bob hope
  2243. DOS is the cause of most of their long running inherited problems
  2244.        
  2245. 17:07
  2246. bob hope
  2247. William, I'm just asking Don. It may be in a couple of weeks (week of April 6 or April 16)after the CEH course, that will resume and finish that ACTC.
  2248.        
  2249. 17:07
  2250. bob hope
  2251. Well... to be fair... they didn't start it.
  2252.        
  2253. 17:08
  2254. bob hope
  2255. Thanks Ronnie
  2256.        
  2257. 17:08
  2258. bob hope
  2259. @Ronnie any plans for a CCNA voice yet?
  2260.        
  2261. 17:08
  2262. bob hope
  2263. Nope Microsoft don't start anything
  2264.        
  2265. 17:08
  2266. bob hope
  2267. @Michael - Second that request
  2268.        
  2269. 17:08
  2270. bob hope
  2271. MS-DOS? Heck, I was on PC-DOS.
  2272.        
  2273. 17:09
  2274. bob hope
  2275. I've had to use Dos box for a couple old printers at a clients
  2276.        
  2277. 17:09
  2278. bob hope
  2279. Not yet...
  2280.        
  2281. 17:09
  2282. bob hope
  2283. I suspect you also have that machine in your house still Save ;P
  2284.        
  2285. 17:09
  2286. bob hope
  2287. for CCNA Voice
  2288.        
  2289. 17:09
  2290. bob hope
  2291. Dave*
  2292.        
  2293. 17:09
  2294. bob hope
  2295. Need a place to vote up topics for shows on the website.
  2296.        
  2297. 17:09
  2298. bob hope
  2299. Yes I do, in fact several.
  2300.        
  2301. 17:10
  2302. bob hope
  2303. Stored away, but there.
  2304.        
  2305. 17:10
  2306. bob hope
  2307. @Michael, I will let the team know about your suggestion.
  2308.        
  2309. 17:10
  2310. bob hope
  2311. Thanks!
  2312.        
  2313. 17:10
  2314. bob hope
  2315. Forum is a good place Michael
  2316.        
  2317. 17:11
  2318. bob hope
  2319. I think Don once mentioned there is a post somewhere for people to add to
  2320.        
  2321. 17:11
  2322. bob hope
  2323. ?I think?
  2324.        
  2325. 17:11
  2326. bob hope
  2327. Right know, we track every course suggestion as it comes it
  2328.        
  2329. 17:11
  2330. bob hope
  2331. *in*
  2332.        
  2333. 17:11
  2334. bob hope
  2335. tbh I havent really dug to deep on the website, just had the idea. I will check it out @Mike
  2336.        
  2337. 17:12
  2338. bob hope
  2339. Ronnie's not lying. I requested Nate to do a plumbing one, which I believe is being scheduled
  2340.        
  2341. 17:12
  2342. bob hope
  2343. I'm waiting on the Toilet cleaning episode...
  2344.        
  2345. 17:12
  2346. bob hope
  2347.  
  2348.        
  2349. 17:13
  2350. bob hope
  2351. Me too that is critical hardware to keep clean in any data center
  2352.        
  2353. 17:14
  2354. bob hope
  2355. Did you guys ever do that Powershell segment @Ron
  2356.        
  2357. 17:15
  2358. bob hope
  2359. If you check in our course library...Mike and Don did a bangup PowerShell Kung-Fu series!
  2360.        
  2361. 17:15
  2362. bob hope
  2363. Thanks  Chrome is super laggy right now with all the tabs open, or I woulda checked :D... I was waiting for that! I might need to check that out
  2364.        
  2365. 17:16
  2366. bob hope
  2367. Their Fu is strong!
  2368.        
  2369. 17:16
  2370. bob hope
  2371. I keep asking about new course, but I havent even made it through all the other courses I want to watch yet.
  2372.        
  2373. 17:17
  2374. bob hope
  2375. I knew nothing of PowerShell before the IT Pro segments....
  2376.        
  2377. 17:17
  2378. bob hope
  2379. TECH COURSE RETREAT WEEKEND!!!! I think Ronnie said we could use his place for it right Ronnie. This weekend... everyone in the chat is coming over
  2380.        
  2381. 17:17
  2382. bob hope
  2383.  
  2384.        
  2385. 17:17
  2386. bob hope
  2387. And now I am pulling up things to teach others.
  2388.        
  2389. 17:18
  2390. bob hope
  2391. https://www.youtube.com/watch?v=aUqes9QdLQ4&list=PL09FCD460700D99DE - Kevin Mitnick
  2392.        
  2393. 17:19
  2394. bob hope
  2395. I even learned empirically the "Windows 8.1 with Bing" comes with PS4.0, and can't be upgraded to v5.0.
  2396.        
  2397. 17:20
  2398. bob hope
  2399. At least I didn't wait through the looping "Preparing for setup" after an hour.
  2400.        
  2401. 17:22
  2402. bob hope
  2403. @David I didn't know v5 came out yet
  2404.        
  2405. 17:22
  2406. bob hope
  2407. stackoverflow is where you want to be looking for powershell or any code help really. The guys on their are superb
  2408.        
  2409. 17:24
  2410. bob hope
  2411. It is a "Preview"/beta for 8.1 / S2012, part of the WMF package: http://www.microsoft.com/en-us/download/details.aspx?id=44987
  2412.        
  2413. 17:24
  2414. bob hope
  2415. The best way to learn powershell is to actually use it though. So why not script out a whole new server build script. Setting up an AD domain, ACL's, DNS etc... Once you done that you will be Ninja!
  2416.        
  2417. 17:24
  2418. bob hope
  2419. haha, that Kevin Mitnick video is awesome.
  2420.        
  2421. 17:27
  2422. bob hope
  2423. It is. I've been enjoying it over mexican food
  2424.        
  2425. 17:27
  2426. bob hope
  2427. I like how he hacks the prison phones .... made me lol
  2428.        
  2429. 17:28
  2430. bob hope
  2431. havent gotten there yet, just heard about the McDonalds drive through hack.
  2432.        
  2433. 17:28
  2434. bob hope
  2435. For many people, Taco Bell or burritos/hard shell tacos are "Mexican food".
  2436.        
  2437. 17:29
  2438. bob hope
  2439. Most of the inmate phones now are done through "SECURUS".
  2440.        
  2441. 17:31
  2442. bob hope
  2443. @Michael I have read his books and some of the stories he tells are great
  2444.        
  2445. 17:31
  2446. bob hope
  2447. I bet
  2448.        
  2449. 17:32
  2450. bob hope
  2451. geesh sean
  2452.        
  2453. 17:33
  2454. bob hope
  2455. saving the human race instead of teaching
  2456.        
  2457. 17:35
  2458. bob hope
  2459. TIL Sean is a timelord.
  2460.        
  2461. 17:35
  2462. bob hope
  2463. @Sean I really like your book through Sybex no less, it is a nice informative read.
  2464.        
  2465. 17:36
  2466. bob hope
  2467. I'm back.
  2468.        
  2469. 17:37
  2470. bob hope
  2471. @Sean book arriving today looking forward to it.
  2472.        
  2473. 17:37
  2474. bob hope
  2475. I will say this @David... i can only eat like 1 or two REAL mexican (corn) tortillas
  2476.        
  2477. 17:38
  2478. bob hope
  2479. GERONIMO!
  2480.        
  2481. 17:39
  2482. bob hope
  2483. Wibbly Wobbly Security?
  2484.        
  2485. 17:39
  2486. bob hope
  2487. Awesome
  2488.        
  2489. 17:39
  2490. bob hope
  2491. Hi all! I couldn't make it earlier, what did I miss?
  2492.        
  2493. 17:40
  2494. bob hope
  2495. In other news, I have the awesome Star Trek Enterprise Pizza Cutter downstairs
  2496.        
  2497. 17:40
  2498. bob hope
  2499. You missed how to pull tweets from a geolocation
  2500.        
  2501. 17:40
  2502. bob hope
  2503. cool
  2504.        
  2505. 17:40
  2506. bob hope
  2507. I h ave the pizza cutter too! hehe
  2508.        
  2509. 17:40
  2510. bob hope
  2511. What time are we starting again?
  2512.        
  2513. 17:41
  2514. bob hope
  2515. @Mike R lovely isn't it?
  2516.        
  2517. 17:41
  2518. bob hope
  2519. I have one
  2520.        
  2521. 17:41
  2522. bob hope
  2523. @mike w.... nowish
  2524.        
  2525. 17:41
  2526. bob hope
  2527. Well it was until my mother in law cleaned it with a scrub brush...
  2528.        
  2529. 17:41
  2530. bob hope
  2531. now it's all scratched up
  2532.        
  2533. 17:41
  2534. bob hope
  2535. Eek, sacrilege
  2536.        
  2537. 17:41
  2538. bob hope
  2539. ish?
  2540.        
  2541. 17:41
  2542. bob hope
  2543. sp
  2544.        
  2545. 17:41
  2546. bob hope
  2547. Most folks don't realize the original sound effects for Star Trek were done on a Yamaha Organ
  2548.        
  2549. 17:41
  2550. bob hope
  2551. thanks
  2552.        
  2553. 17:42
  2554. bob hope
  2555. I fully support Theme Week. I want to see Don show up in a Harry Potter costume lol
  2556.        
  2557. 17:42
  2558. bob hope
  2559. (I mean, it fits)
  2560.        
  2561. 17:42
  2562. bob hope
  2563. The transporter was chrismas lights.
  2564.        
  2565. 17:44
  2566. bob hope Sandez
  2567. made it
  2568.        
  2569. 17:44
  2570. bob hope
  2571. And not very many buttons on their consoles.
  2572.        
  2573. 17:44
  2574. bob hope
  2575. hahahahaha
  2576.        
  2577. 17:46
  2578. bob hope
  2579. You got it, rule of thirds!
  2580.        
  2581. 17:46
  2582. bob hope
  2583. Use those all of the time.
  2584.        
  2585. 17:47
  2586. bob hope
  2587. FB WILL STRIP THIS INFO.
  2588.        
  2589. 17:48
  2590. bob hope
  2591. Konica Minolta... good copiers lol
  2592.        
  2593. 17:48
  2594. bob hope
  2595. G+ will not, they will keep it.
  2596.        
  2597. 17:48
  2598. bob hope
  2599. They caught John McAfee through geotagging
  2600.        
  2601. 17:48
  2602. bob hope
  2603. LOL
  2604.        
  2605. 17:48
  2606. bob hope
  2607. That's right though.
  2608.        
  2609. 17:49
  2610. bob hope
  2611. in McAfee's case it was the journalist who posted it, not him
  2612.        
  2613. 17:49
  2614. bob hope
  2615. Yeah, but small companies will put pictures from their phones, or other cameras, on their websites. That's not secure
  2616.        
  2617. 17:50
  2618. bob hope
  2619. You can also identify the camera because cameras have fingerprints, usually pixels that get damaged over time
  2620.        
  2621. 17:51
  2622. bob hope
  2623. CSI Cyber Used these last week with the Mustache Taxi episode...
  2624.        
  2625. 17:51
  2626. bob hope
  2627. < I'm shaking my head too!! LoL >
  2628.        
  2629. 17:51
  2630. bob hope
  2631. Appraiser uses that a l ot
  2632.        
  2633. 17:51
  2634. bob hope
  2635. House appraisers
  2636.        
  2637. 17:52
  2638. bob hope
  2639. I want timestamps
  2640.        
  2641. 17:53
  2642. bob hope
  2643. Great, now I have to take all my online photos down
  2644.        
  2645. 17:54
  2646. bob hope
  2647. Hmm... is this one any good Sean? http://www.geocreepy.com/
  2648.        
  2649. 17:54
  2650. bob hope
  2651. https://www.paterva.com/web6/
  2652.        
  2653. 17:54
  2654. bob hope
  2655. Yep ran that @Michala
  2656.        
  2657. 17:55
  2658. bob hope
  2659. Yo ho....
  2660.        
  2661. 17:55
  2662. bob hope
  2663. Would you recommend it James O?
  2664.        
  2665. 17:55
  2666. bob hope
  2667. Somebody's watchin' me!
  2668.        
  2669. 17:56
  2670. bob hope
  2671. I messed with that a few months ago.
  2672.        
  2673. 17:56
  2674. bob hope
  2675. cool
  2676.        
  2677. 17:57
  2678. bob hope
  2679. thats kewl
  2680.        
  2681. 17:57
  2682. bob hope
  2683. where am i
  2684.        
  2685. 17:57
  2686. bob hope
  2687. does it drill down to connections??
  2688.        
  2689. 17:57
  2690. bob hope
  2691. nodal
  2692.        
  2693. 17:57
  2694. bob hope
  2695. Did IT Pro TV contract with Sean to find all security vulnerabilities before these episodes?
  2696.        
  2697. 17:58
  2698. bob hope
  2699. haha, thats what I was wondering @David
  2700.        
  2701. 17:58
  2702. bob hope
  2703. or maybe this is the test...
  2704.        
  2705. 17:58
  2706. bob hope
  2707. this looks internal though
  2708.        
  2709. 17:59
  2710. bob hope
  2711. Does it matter that Sean's microphone is upside down?
  2712.        
  2713. 17:59
  2714. bob hope
  2715. that will be very educational, hacking ITPro.tv
  2716.        
  2717. 17:59
  2718. bob hope
  2719. HOLY CRAP
  2720.        
  2721. 18:00
  2722. bob hope
  2723. @Stanley no. it's an omnidirectional mic
  2724.        
  2725. 18:00
  2726. bob hope
  2727. but you are inside the network.
  2728.        
  2729. 18:00
  2730. bob hope
  2731. I assume Internal verses External creates different results
  2732.        
  2733. 18:00
  2734. bob hope
  2735. Would you get the same results from the internet as opposed to internal?
  2736.        
  2737. 18:00
  2738. bob hope
  2739. It's actually working better for hime upside down than it did right side up
  2740.        
  2741. 18:00
  2742. bob hope
  2743. I'm salivating right now. Too Sweet!
  2744.        
  2745. 18:01
  2746. bob hope
  2747. LOL
  2748.        
  2749. 18:01
  2750. bob hope
  2751. hehe
  2752.        
  2753. 18:01
  2754. bob hope
  2755. itpro.tv resolves to the web server, so it depends on where it's hosted
  2756.        
  2757. 18:01
  2758. bob hope
  2759. olvidosplace.net
  2760.        
  2761. 18:02
  2762. bob hope
  2763. that's my website... i host is in a secure place
  2764.        
  2765. 18:02
  2766. bob hope
  2767. people need to add it to their hosts file currently
  2768.        
  2769. 18:02
  2770. bob hope
  2771. my website is nsa.org
  2772.        
  2773. 18:02
  2774. bob hope
  2775. You can't hit it. NXDOMAIN.
  2776.        
  2777. 18:02
  2778. bob hope
  2779. HAHAHAH
  2780.        
  2781. 18:03
  2782. bob hope
  2783. They are on Google Apps for Work, but I think they are on AWS too.
  2784.        
  2785. 18:03
  2786. bob hope
  2787. How about whitehouse.gov
  2788.        
  2789. 18:04
  2790. bob hope
  2791. welll it was nice knowing you Philip
  2792.        
  2793. 18:04
  2794. bob hope
  2795. 0_0
  2796.        
  2797. 18:04
  2798. bob hope
  2799. lol
  2800.        
  2801. 18:04
  2802. bob hope
  2803. LOL
  2804.        
  2805. 18:04
  2806. bob hope
  2807. LOL
  2808.        
  2809. 18:05
  2810. bob hope
  2811. Q: Any SaaS that combine tools like this and shodan, etc???
  2812.        
  2813. 18:06
  2814. bob hope
  2815. ^^ I second that question
  2816.        
  2817. 18:07
  2818. bob hope
  2819. A honeypot would be helpful in detecting something like this
  2820.        
  2821. 18:07
  2822. bob hope
  2823. sounds like this is the tool tht does it
  2824.        
  2825. 18:08
  2826. bob hope
  2827. It (maltego) should be powerful for the price
  2828.        
  2829. 18:09
  2830. bob hope
  2831. fair enough revised question
  2832.        
  2833. 18:09
  2834. bob hope
  2835. Question: Does Maltego also cross reference with Shodan?
  2836.        
  2837. 18:10
  2838. bob hope
  2839. alias+name@gmail.com
  2840.        
  2841. 18:10
  2842. bob hope
  2843. James, a lot of sites don't accept the + required for alias with gmail
  2844.        
  2845. 18:11
  2846. bob hope
  2847. it's not like Gmail is going to read your email and use it in thier products.
  2848.        
  2849. 18:11
  2850. bob hope
  2851. lol
  2852.        
  2853. 18:11
  2854. bob hope
  2855. Q: Should the CEH have paid acounts for some of these "lookup" services?? I would think that the "Black-Hats" have paid for some lookup services...
  2856.        
  2857. 18:11
  2858. bob hope
  2859. Can you strip the Geoinformation out of a picture after the fact?
  2860.        
  2861. 18:12
  2862. bob hope
  2863. It's scary how much information is out there about me. I know I was shocked when I would google myself. Things have changed however, thankfully there are others with my name that are more popular than I
  2864.        
  2865. 18:12
  2866. bob hope
  2867. yeah... I have a friend named tim jones
  2868.        
  2869. 18:12
  2870. bob hope
  2871. hard to find
  2872.        
  2873. 18:13
  2874. bob hope
  2875. KanyeWest seems to think the internet does "Takebacks"
  2876.        
  2877. 18:13
  2878. bob hope
  2879. @Matthew it's amazing what you find. Apparently there is a judge in NZ with the same as mine
  2880.        
  2881. 18:14
  2882. bob hope
  2883. I have book authors and criminal investigators, and doctors. I am none of these
  2884.        
  2885. 18:14
  2886. bob hope
  2887. TOR is not as good as it used to be.
  2888.        
  2889. 18:14
  2890. bob hope
  2891. are you going to demonstrate any of those "hiding" techniques?
  2892.        
  2893. 18:14
  2894. bob hope
  2895. or am I?
  2896.        
  2897. 18:14
  2898. bob hope
  2899. leaking info
  2900.        
  2901. 18:15
  2902. bob hope
  2903. People don't understand this technology they use
  2904.        
  2905. 18:15
  2906. bob hope
  2907. Dependent upon the budget of the attacker, Tor is definitely not anonymous anymore.
  2908.        
  2909. 18:15
  2910. bob hope
  2911. Question: Is there a list of mac addresses you can access?
  2912.        
  2913. 18:16
  2914. bob hope
  2915. I can't wait till I re-watch all the eps I have missed and such. This is what I want to do.
  2916.        
  2917. 14:18
  2918. bob hope
  2919. @Sean or is this just covering the wide spectrum of footprinting, in no particular order
  2920.        
  2921. 14:18
  2922. bob hope
  2923. @Shawn - I think it's just footprinting topics in general.
  2924.  
  2925. Mike P
  2926. @Shawn - I think it's just footprinting topics in general.
  2927.        
  2928. 14:18
  2929. bob hope
  2930. Okay, thanks
  2931.        
  2932. 14:18
  2933. bob hope
  2934. Who let the dog(s) out?
  2935.        
  2936. 14:19
  2937. bob hope
  2938. Brian!
  2939.        
  2940. 14:19
  2941. bob hope
  2942. hah
  2943.        
  2944. 14:23
  2945. bob hope
  2946. Haha
  2947.        
  2948. 14:23
  2949. bob hope
  2950. Okay, thanks!
  2951.        
  2952. 14:23
  2953. bob hope
  2954. Brian Krebs has a very informative site for those who have not seen it yet http://krebsonsecurity.com/
  2955.        
  2956. 14:24
  2957. bob hope
  2958. Thanks James
  2959.        
  2960. 14:24
  2961. bob hope
  2962. The site I used for daily security news is : https://threatpost.com/
  2963.        
  2964. 14:24
  2965. bob hope
  2966. I swear I have 20 Chrome tabs open right now with all of these links lol
  2967.        
  2968. 14:24
  2969. bob hope
  2970. Thanks Mike
  2971.        
  2972. 14:24
  2973. bob hope
  2974. NICE MIKE! I've been looking for something EXACTLY like that
  2975.        
  2976. 14:24
  2977. bob hope
  2978. I am just keep a notepad open with them for later
  2979.        
  2980. 14:25
  2981. bob hope
  2982. I'm bookmarking them all. Hope I can remember later what each one was for.
  2983.        
  2984. 14:25
  2985. bob hope
  2986. HA
  2987.        
  2988. 14:26
  2989. bob hope
  2990. @brian Good idea
  2991.        
  2992. 14:26
  2993. bob hope
  2994. Symantec's white papers are sometimes good. Sometimes rubbish: http://www.symantec.com/security_response/publications/whitepapers.jsp
  2995.        
  2996. 14:26
  2997. bob hope
  2998. I've been doing the same. Bookmarking them to a folder.
  2999.        
  3000. 14:27
  3001. bob hope
  3002. is Symantec as good as they used to me?
  3003.        
  3004. 14:27
  3005. bob hope
  3006. to be^
  3007.        
  3008. 14:27
  3009. bob hope
  3010. @Michael - I don't use their products. Dreadful lol
  3011.        
  3012. 14:27
  3013. bob hope
  3014. I use tweetdeck to scan for #NSA topics. So much info out there.
  3015.        
  3016. 14:28
  3017. bob hope
  3018. @Michael - The research material they and even mcafeee publish is good for basic understanding about some of the new exploits etc...
  3019.        
  3020. 14:28
  3021. bob hope
  3022. @ Michael Who do you prefer?
  3023.        
  3024. 14:28
  3025. bob hope
  3026. Here is another link with tons of good links/info: https://www.defcon.org/html/links/links-o-rama.html
  3027.        
  3028. 14:29
  3029. bob hope
  3030. We have switched a few times over the past few years from Kaspersky to Vipre and now to Webroot, but that is mainly for management reasons on the back end and integration with RMM.
  3031.        
  3032. 14:29
  3033. bob hope
  3034. We use Vipre management with Labtech for our Technical Services department
  3035.        
  3036. 14:30
  3037. bob hope
  3038. I listen to Sans Dr J everyday and check Krebs too. The verizon reports are good foo, ANd the Cisco CYber Risk reports
  3039.        
  3040. 14:30
  3041. bob hope
  3042. Trying to figure out a good way to integrate Security into Managed Services, offerings, pricing, etc
  3043.        
  3044. 14:30
  3045. bob hope
  3046. Vipre has been really good for us, but our RMM is swtiching to webroot.
  3047.        
  3048. 14:30
  3049. bob hope
  3050. Ahh
  3051.        
  3052. 14:30
  3053. bob hope
  3054. We just switched to Vipre. So far I like the management tools.
  3055.        
  3056. 14:31
  3057. bob hope
  3058. we cringed when we heard that...
  3059.        
  3060. 14:31
  3061. bob hope
  3062. but we will see.
  3063.        
  3064. 14:31
  3065. bob hope
  3066. Hi all
  3067.        
  3068. 14:31
  3069. bob hope
  3070. Hey Michalas here!
  3071.        
  3072. 14:31
  3073. bob hope
  3074. Welcome back Michala
  3075.        
  3076. 14:31
  3077. bob hope
  3078. Webroot... man... I dont think I like the idea of using software that's mainly pushed by Best Buy geek squad... hahaha
  3079.        
  3080. 14:31
  3081. bob hope
  3082. thanks
  3083.        
  3084. 14:32
  3085. bob hope
  3086. heh, yeah we are wondering about it as well. We are going to go through some testing phases to see if the integration with RMM is worth it.
  3087.        
  3088. 14:32
  3089. bob hope
  3090. I have a friend that uses webroot home user and swears by it.
  3091.        
  3092. 14:32
  3093. bob hope
  3094. Rapid7 have whitepapers as well. Never read any of them so not sure if any good but hey a link costs nothing: http://www.rapid7.com/resources/white-papers.jsp
  3095.        
  3096. 14:33
  3097. bob hope
  3098. Passive now, active later
  3099.        
  3100. 14:34
  3101. bob hope
  3102. I recommend ESET to end users. I've had my nightmares with McAfee in corp environments.
  3103.        
  3104. 14:34
  3105. bob hope
  3106. Same here
  3107.        
  3108. 14:34
  3109. bob hope
  3110. AVG Business has been good so far. Not a fan of AVG home though
  3111.        
  3112. 14:34
  3113. bob hope
  3114. yeah, I really dont like McAfee even tho I hear good things about it. Just never had good experiences.
  3115.        
  3116. 14:34
  3117. bob hope
  3118. A lot of overlap... yeah  Thanks uys for explaining it
  3119.        
  3120. 14:34
  3121. bob hope
  3122. We used AVG at my last job and it was pretty good.
  3123.        
  3124. 14:35
  3125. bob hope
  3126. I have had good results with Avast
  3127.        
  3128. 14:35
  3129. bob hope
  3130. this give you a little bit of an idea about my previous companies security.... McAfee
  3131.        
  3132. 14:35
  3133. bob hope
  3134. Don't forget the ever popular Friendface
  3135.        
  3136. 14:36
  3137. bob hope
  3138. I am very fond of Avast!
  3139.        
  3140. 14:36
  3141. bob hope
  3142. Ha! Myspace...?
  3143.        
  3144. 14:36
  3145. bob hope
  3146. Photos have lots of info inside
  3147.        
  3148. 14:37
  3149. bob hope
  3150. Yep, metadata, especially cell phone pics
  3151.        
  3152. 14:37
  3153. bob hope
  3154. I post on Facebook no more than twice a year
  3155.        
  3156. 14:37
  3157. bob hope
  3158. Yep, been there.
  3159.        
  3160. 14:37
  3161. bob hope
  3162. Myspace's doom was allowing every idiot to inject javascript into their profile
  3163.        
  3164. 14:37
  3165. bob hope
  3166. yeah
  3167.        
  3168. 14:38
  3169. bob hope
  3170. mingle dot com ??? Are these register to use sites any worth?
  3171.        
  3172. 14:38
  3173. bob hope
  3174. My geocities site that I used to practice web devel a long time ago was up for several years.
  3175.        
  3176. 14:39
  3177. bob hope
  3178. Didnt google buy Geocities?
  3179.        
  3180. 14:39
  3181. bob hope
  3182. comes back to "once it's on the Internet, its there forever"
  3183.        
  3184. 14:39
  3185. bob hope
  3186. i mean... angelfire is still aroung
  3187.        
  3188. 14:39
  3189. bob hope
  3190. *around
  3191.        
  3192. 14:39
  3193. bob hope
  3194. samy is my hero ! : http://en.wikipedia.org/wiki/Samy_%28computer_worm%29
  3195.        
  3196. 14:39
  3197. bob hope
  3198. Wow, I remember Geocities. Been forever since I heard someone talk about it
  3199.        
  3200. 14:39
  3201. bob hope
  3202. Does anyone have the link to remove your facebook profile or other social sites as well?
  3203.        
  3204. 14:39
  3205. bob hope
  3206. Tripod had a page on there all written in Netscape Composer.
  3207.        
  3208. 14:40
  3209. bob hope
  3210. http://onemilliontweetmap.com/
  3211.        
  3212. 14:41
  3213. bob hope
  3214. lol
  3215.        
  3216. 14:41
  3217. bob hope
  3218. Im never posting on social media again
  3219.        
  3220. 14:41
  3221. bob hope
  3222. What day it is?
  3223.        
  3224. 14:42
  3225. bob hope
  3226. It is "Today".
  3227.        
  3228. 14:42
  3229. bob hope
  3230. LMAO @Shawn
  3231.        
  3232. 14:43
  3233. bob hope
  3234. *facepalm
  3235.        
  3236. 14:44
  3237. bob hope
  3238. Local Enforcement has similar tools for this.
  3239.        
  3240. 14:44
  3241. bob hope
  3242. Wow - great tool!
  3243.        
  3244. 14:44
  3245. bob hope
  3246. Who needs tools?It's all free
  3247.        
  3248. 14:44
  3249. bob hope
  3250. cool site
  3251.        
  3252. 14:44
  3253. bob hope
  3254. I want the NSA version
  3255.        
  3256. 14:44
  3257. bob hope
  3258. Like.... specific tools
  3259.        
  3260. 14:45
  3261. bob hope
  3262. https://app.echosec.net/
  3263.        
  3264. 14:46
  3265. bob hope
  3266. wow
  3267.        
  3268. 14:46
  3269. bob hope
  3270. nice!
  3271.        
  3272. 14:46
  3273. bob hope
  3274. awsome
  3275.        
  3276. 14:47
  3277. bob hope
  3278. how did they get my picture?? haha
  3279.        
  3280. 14:47
  3281. bob hope
  3282. Holy Crap!!!! I'm glad I don't have any social media accounts  
  3283.        
  3284. 14:48
  3285. bob hope
  3286. can you filter on Username?
  3287.        
  3288. 14:48
  3289. bob hope
  3290. gotta play around with this today
  3291.        
  3292. 14:48
  3293. bob hope
  3294. Mind = Blown
  3295.        
  3296. 14:49
  3297. bob hope
  3298. Can you pull up specific people through echosec?
  3299.        
  3300. 14:49
  3301. bob hope
  3302. We've just tweeted someone back who was at out shopping center (mall) a few minutes ago. He's shocked haha
  3303.        
  3304. 14:50
  3305. bob hope
  3306. This is public sector software. Law Enforcement & Govt have for more. Tripware.
  3307.        
  3308. 14:50
  3309. bob hope
  3310. "Hey @Dave! That Meeting in the conference room at 10am tomorrow" - things like that you can use
  3311.        
  3312. 14:50
  3313. bob hope
  3314. This is a great way for identifying any rogue tweeters at work
  3315.        
  3316. 14:50
  3317. bob hope
  3318. "Hey @ Dave Ugh, email is down AGAIN'
  3319.        
  3320. 14:51
  3321. bob hope
  3322. Interesting way to look for leaks
  3323.        
  3324. 14:52
  3325. bob hope
  3326. This is exactly why you should switch of Geo location on your apps. There is no real need for twitter or facebook to have it
  3327.        
  3328. 14:52
  3329. bob hope
  3330. USPS does this rogue social media behavior and cracking down on it.
  3331.        
  3332. 14:54
  3333. bob hope
  3334. Wow, someone in my area even tweeting about their court date.
  3335.        
  3336. 14:54
  3337. bob hope
  3338. LOL @Dave.
  3339.        
  3340. 14:54
  3341. bob hope
  3342. Spokeo I use.
  3343.        
  3344. 14:54
  3345. bob hope
  3346. What we can discover about our neighbours...
  3347.        
  3348. 14:55
  3349. bob hope
  3350. If your looking for someone specific, as was the persons question. Wouldn't you just look up their profile directly?
  3351.        
  3352. 14:55
  3353. bob hope
  3354. Think I just need to go off the GRID
  3355.        
  3356. 14:55
  3357. bob hope
  3358. http://www.zabasearch.com/
  3359.        
  3360. 14:55
  3361. bob hope
  3362. @David L: No, just be more careful.
  3363.        
  3364. 14:56
  3365. bob hope
  3366. Thanks Mike
  3367.        
  3368. 14:56
  3369. bob hope
  3370. Hey my neighbor just trash talked me! LOL JK  
  3371.        
  3372. 14:57
  3373. bob hope
  3374. @Mountain D Mike - Is your number the one ending 89 or 43?
  3375.        
  3376. 14:57
  3377. bob hope
  3378. A lot of those DB are stale.
  3379.        
  3380. 14:57
  3381. bob hope
  3382. only joking
  3383.        
  3384. 14:57
  3385. bob hope
  3386. Someone with similar name
  3387.        
  3388. 14:57
  3389. bob hope
  3390. For the UK http://www.192.com/ is helpful to find info from electoral register that people may not realise is still out there
  3391.        
  3392. 14:57
  3393. bob hope
  3394. RMS is another DB that Law Enforcement uses.
  3395.        
  3396. 14:58
  3397. bob hope
  3398. It's true.. .I could find a picture of him even
  3399.        
  3400. 14:58
  3401. bob hope
  3402. @Michala - I for one have always been ex-directory and I'm from the UK
  3403.        
  3404. 14:59
  3405. bob hope
  3406. Do you register to vote?
  3407.        
  3408. 14:59
  3409. bob hope
  3410. whitepages
  3411.        
  3412. 14:59
  3413. bob hope
  3414. What are the steps to keep yourself off these sites?
  3415.        
  3416. 14:59
  3417. bob hope
  3418. Yeah. But keep off the public electrol. No need to be on that unless you want double glazing
  3419.        
  3420. 14:59
  3421. bob hope
  3422. Go off the grid!
  3423.        
  3424. 15:00
  3425. bob hope
  3426. @David B I'm already so paranoid I do not apply for loyalty cards
  3427.        
  3428. 15:00
  3429. bob hope
  3430. So you opt-out of the register. But prior to 2002 that option wasn't available and some of these sites still publish the old data
  3431.        
  3432. 15:00
  3433. bob hope
  3434. rofl, i found my dog on pinterest
  3435.        
  3436. 15:00
  3437. bob hope
  3438. yeah I've tried to quite facebook like 3 times in the past couple years. my wife keeps pulling me back in so she can tag me in stuff
  3439.        
  3440. 15:00
  3441. bob hope
  3442. Prior to 2002 I didn't register for that reason
  3443.        
  3444. 15:00
  3445. bob hope
  3446. heh @Brian where did you take him when you took him out earlier>?
  3447.        
  3448. 15:00
  3449. bob hope
  3450. @Mike P Sensible guy  
  3451.        
  3452. 15:01
  3453. bob hope
  3454. Voting + ID = Jury Duty.
  3455.        
  3456. 15:01
  3457. bob hope
  3458. Moving house is one of the best things you can do
  3459.        
  3460. 15:01
  3461. bob hope
  3462. @Sean - Thanks for the paranoia. I will cherish it forever
  3463.        
  3464. 15:01
  3465. bob hope
  3466. With my data protection hat on I was always getting letters from people about receiving spam because they hadn't opted out of the register
  3467.        
  3468. 15:02
  3469. bob hope
  3470. In our state they can use DMV rolls
  3471.        
  3472. 15:02
  3473. bob hope
  3474. I've just thrown my wallet and phone in the fire
  3475.        
  3476. 15:02
  3477. bob hope
  3478. @James Voting is a duty. Jury duty is one of the prices I am willing to pay.
  3479.        
  3480. 15:02
  3481. bob hope
  3482. @Philip really, that's public?
  3483.        
  3484. 15:02
  3485. bob hope
  3486. We'll all go off and be hermits after this course!
  3487.        
  3488. 15:02
  3489. bob hope
  3490. To the circuit court clerk it is definitely public
  3491.        
  3492. 15:03
  3493. bob hope
  3494. @Mike P lol. Sometimes I want to be a hermit
  3495.        
  3496. 15:03
  3497. bob hope
  3498. I don't mind doing it never been called and will not. I'm visually impaired and would compromise a case.
  3499.        
  3500. 15:03
  3501. bob hope
  3502. I've run out of mesh. Just one wall to cover
  3503.        
  3504. 15:03
  3505. bob hope
  3506. In some states the DMV sells the information to mailing lists
  3507.        
  3508. 15:03
  3509. bob hope
  3510. @ David I agree with you. It is a duty I am willing to do as a citizen
  3511.        
  3512. 15:03
  3513. bob hope
  3514. Power and electrical companies sell new connections information
  3515.        
  3516. 15:04
  3517. bob hope
  3518. @James P roger that. Also one of the reasons I spent time in the military.
  3519.        
  3520. 15:05
  3521. bob hope
  3522. wonder if it would be a good thing to bring a portfolio of the manager that is interviewing me next week for a job?
  3523.        
  3524. 15:05
  3525. bob hope
  3526. Only been called up once, bounced off because my wife relative was the lead officer for the case
  3527.        
  3528. 15:05
  3529. bob hope
  3530. I can not serve in the military so I am grateful for those that do. Thank you
  3531.        
  3532. 15:06
  3533. bob hope
  3534. At the interview for the job I just got, they asked me how I'd hack them. I had done some social media searches on the interview panel and the end result got me the job so it can work
  3535.        
  3536. 15:06
  3537. bob hope
  3538. I hate when work gets in the way of learning. Phone won't quit ringing.
  3539.        
  3540. 15:06
  3541. bob hope
  3542. That was for Michael G
  3543.        
  3544. 15:06
  3545. bob hope
  3546. will the links be in the usual show notes
  3547.        
  3548. 15:06
  3549. bob hope
  3550. Nice @Michala
  3551.        
  3552. 15:06
  3553. bob hope
  3554. @Michael he'll either hire you or throw you out the door
  3555.        
  3556. 15:06
  3557. bob hope
  3558. she
  3559.        
  3560. 15:06
  3561. bob hope
  3562. @Michala - way to go
  3563.        
  3564. 15:07
  3565. bob hope
  3566. @Michael They are probably going to do it to you so why not return the favor
  3567.        
  3568. 15:07
  3569. bob hope
  3570. or she
  3571.        
  3572. 15:07
  3573. bob hope
  3574. The disadvantage of what I did is identifying that one of the directors puts far too much information about what they are ding in their technical environment on twitter - I have to address that pronto when I start
  3575.        
  3576. 15:07
  3577. bob hope
  3578. Why I limit my posts to hobbies or volunteer work
  3579.        
  3580. 15:08
  3581. bob hope
  3582. Sorry guys been nosy on some of you already
  3583.        
  3584. 15:08
  3585. bob hope
  3586. @Mike P Surely not
  3587.        
  3588. 15:08
  3589. bob hope
  3590. Well, my area.... surprised me. Not too much social media going on. Wonder if it's because I live in the south....
  3591.        
  3592. 15:08
  3593. bob hope
  3594. I'm getting addicted to echosec LOL
  3595.        
  3596. 15:09
  3597. bob hope
  3598. Your a BCS member Michala?
  3599.        
  3600. 15:09
  3601. bob hope
  3602. There is just so much public info out there. People just search your name in the county records if you own a house for example
  3603.        
  3604. 15:10
  3605. bob hope
  3606. @Mike P yes
  3607.        
  3608. 15:10
  3609. bob hope
  3610. It's also by the way people worth asking companies and councils for freedom of information stuff
  3611.        
  3612. 15:10
  3613. bob hope
  3614. @Shawn South of the US?
  3615.        
  3616. 15:10
  3617. bob hope
  3618. you will be surprised at what they have to legally tell you
  3619.        
  3620. 15:11
  3621. bob hope
  3622. I knew it, work would call me today!
  3623.        
  3624. 15:11
  3625. bob hope
  3626. @Mike P Oh yes, great tip. I trawled the FOI disclosure logs of my former company on a regular basis to check if anything got out. Unfortunately also a common form of data breach
  3627.        
  3628. 15:11
  3629. bob hope
  3630. Remember any non profit has to release their tax returns. Makes interesting reading, especially the salaries of those who earn over a certain amount
  3631.        
  3632. 15:11
  3633. bob hope
  3634. @Mike P Did you see that as of yesterday National Rail is now in scope of FOI?
  3635.        
  3636. 15:12
  3637. bob hope
  3638. Yep. lol
  3639.        
  3640. 15:14
  3641. bob hope
  3642. @Mike P Do you just say "Give me your freedom of information stuff" or is there a process?
  3643.        
  3644. 15:14
  3645. bob hope
  3646. Hmmm... echosec doesnt seem to be showing me twitter
  3647.        
  3648. 15:14
  3649. bob hope
  3650. I'm only getting flickr
  3651.        
  3652. 15:14
  3653. bob hope
  3654. Normally a process.
  3655.        
  3656. 15:14
  3657. bob hope
  3658. create a rectangle then you'll see it.
  3659.        
  3660. 15:15
  3661. bob hope
  3662. Public sectors normally have a form on a site to fill in
  3663.        
  3664. 15:15
  3665. bob hope
  3666. @Mike P Thanks
  3667.        
  3668. 15:15
  3669. bob hope
  3670. My wife had one once sent in, someone asking the amount of money spent on pens in a year
  3671.        
  3672. 15:15
  3673. bob hope
  3674. lol
  3675.        
  3676. 15:16
  3677. bob hope
  3678. For the dog lovers, this is my Pacino: https://www.pinterest.com/pin/119908408800960108/
  3679.        
  3680. 15:16
  3681. bob hope
  3682. With Echosec - if you use polygon select how do you close the polygon?
  3683.        
  3684. 15:16
  3685. bob hope
  3686. Nice dog @Brian
  3687.        
  3688. 15:16
  3689. bob hope
  3690. double click on the last one
  3691.        
  3692. 15:16
  3693. bob hope
  3694. @Brian, cool looking dog
  3695.        
  3696. 15:17
  3697. bob hope
  3698. I have a Corgi
  3699.        
  3700. 15:17
  3701. bob hope
  3702. Cool @Brian. I have 3 ankle biters myself.
  3703.        
  3704. 15:17
  3705. bob hope
  3706. echo polygon - double-click
  3707.        
  3708. 15:17
  3709. bob hope
  3710. Right click brings up menu for browser
  3711.        
  3712. 15:17
  3713. bob hope
  3714. @James, 3? Wow, I only can do one dog at a time!
  3715.        
  3716. 15:17
  3717. bob hope
  3718. double click closes and searches
  3719.        
  3720. 15:18
  3721. bob hope
  3722. That is the wifey doing not mine.
  3723.        
  3724. 15:18
  3725. bob hope
  3726. Aha - thanks Mike
  3727.        
  3728. 15:18
  3729. bob hope
  3730. Not happy about it either
  3731.        
  3732. 15:18
  3733. bob hope
  3734. @James, that is how I got my dog. I got back from an international trip and there he was!
  3735.        
  3736. 15:19
  3737. bob hope
  3738. Todays pastebin is going to be massive!
  3739.        
  3740. 15:19
  3741. bob hope
  3742. She sneaked it in on you @David. Low!
  3743.        
  3744. 15:20
  3745. bob hope
  3746. *Next time on ITProTV...*
  3747.        
  3748. 15:20
  3749. bob hope
  3750. I'm hooked looking at tweets, someone else locally: "I pray to God the nurse can help me out"
  3751.        
  3752. 15:20
  3753. bob hope
  3754. Can someone point me to the pastebin
  3755.        
  3756. 15:20
  3757. bob hope
  3758. ??
  3759.        
  3760. 15:21
  3761. bob hope
  3762. @James, yeah, that was the low point for our marriage for sure. Now things are different (much better). That was 10 years ago
  3763.        
  3764. 15:21
  3765. bob hope
  3766. No joke, Everytime I copy the chat logs to onenote, my com puter lags lol
  3767.        
  3768. 15:21
  3769. bob hope
  3770. Ha getting blueberry muggings from a user, because I recovered a file they deleted off the file server
  3771.        
  3772. 15:21
  3773. bob hope
  3774. there wont be a link until the end of the day daryll
  3775.        
  3776. 15:21
  3777. bob hope
  3778. muffins
  3779.        
  3780. 15:21
  3781. bob hope
  3782. OK, got it, thanks!
  3783.        
  3784. 15:21
  3785. bob hope
  3786. dam my typing
  3787.        
  3788. 15:21
  3789. bob hope
  3790. haha, Ive never had a blueberry mugging before...
  3791.        
  3792. 15:22
  3793. bob hope
  3794. Oh man! Not the animals fault though.
  3795.        
  3796. 15:22
  3797. bob hope
  3798. Dogs are like car purchases, should be discussed before purchase
  3799.        
  3800. 15:22
  3801. bob hope
  3802. I've heard of Chav Burberry Muggins?
  3803.        
  3804. 15:22
  3805. bob hope
  3806. it's when a bunch of blueberries attack a helpless raspberry on the street
  3807.        
  3808. 15:22
  3809. bob hope
  3810. heh
  3811.        
  3812. 15:22
  3813. bob hope
  3814. indeed, I ended up loving the mutt just the same but we agreed to the one Dog at a time policy
  3815.        
  3816. 15:23
  3817. bob hope
  3818. I'm always home so they keep me company.
  3819.        
  3820. 15:23
  3821. bob hope
  3822. Incidentally, I'm the only one that the dog really listens to
  3823.        
  3824. 15:23
  3825. bob hope
  3826. training and policies
  3827.        
  3828. 15:23
  3829. bob hope
  3830. Same here, I work from home 90% of the time
  3831.        
  3832. 15:24
  3833. bob hope
  3834. 1D10T errors
  3835.        
  3836. 15:24
  3837. bob hope
  3838. QUESTION: As social engineering is the biggest vulnerability for organistions, in your experience Sean - how many organisations actually do social engineering pen tests rather than technical only?
  3839.        
  3840. 15:24
  3841. bob hope
  3842. Borg Alcove.
  3843.        
  3844. 15:25
  3845. bob hope
  3846. i could see where that would definately be beneficial @Michala
  3847.        
  3848. 15:26
  3849. bob hope
  3850. It may not be a very big or very "important" company and dont have an interest in a full Pen Test, but a social engineering test could be more beneficial than a full one.
  3851.        
  3852. 15:26
  3853. bob hope
  3854. I always liked 'layer 8' errors myself
  3855.        
  3856. 15:27
  3857. bob hope
  3858. I hate those @James. hehe waste of time. The network and all the computers would run a lot better if we just got rid of the users...
  3859.        
  3860. 15:27
  3861. bob hope
  3862. Of course you want to do spear phishing.
  3863.        
  3864. 15:27
  3865. bob hope
  3866. DISA has some nice free INFOSEC courses - leveled for different levels employees, from passwd to BYOD...
  3867.        
  3868. 15:27
  3869. bob hope
  3870. lol
  3871.        
  3872. 15:28
  3873. bob hope
  3874. @Sean and Mike Okay - thank you.
  3875.        
  3876. 15:28
  3877. bob hope
  3878. Don't click on links in emails.
  3879.        
  3880. 15:28
  3881. bob hope
  3882. LOL
  3883.        
  3884. 15:29
  3885. bob hope
  3886. What all does Social Engineering encompass? You talked about a few, but like @James pointed out, phishing is part of that, but what else is included in that?
  3887.        
  3888. 15:29
  3889. bob hope
  3890. Call the help desk and request to have your pw reset. 90% of the time help desk will fall for the trick.
  3891.        
  3892. 15:30
  3893. bob hope
  3894. Never click links in chatrooms
  3895.        
  3896. 15:30
  3897. bob hope
  3898. Hospitals now require it to be up high due to regs
  3899.        
  3900. 15:30
  3901. bob hope
  3902. haha, good point @Mike
  3903.        
  3904. 15:30
  3905. bob hope
  3906. brb, I have to reload my computer...
  3907.        
  3908. 15:30
  3909. bob hope
  3910.  
  3911.        
  3912. 15:30
  3913. bob hope
  3914. @Mike R - Pretty sure they're coming to that
  3915.        
  3916. 15:30
  3917. bob hope
  3918.  - I'm sure our ISPs have already passed us on to NSA/GCHQ after today's searches
  3919.        
  3920. 15:31
  3921. bob hope
  3922. I'd get to see what their badges look like and try to make a fake one so I could pass.
  3923.        
  3924. 15:31
  3925. bob hope
  3926. Some orgs don't put the name on the front of the badge to prevent people getting names in this type of attack
  3927.        
  3928. 15:31
  3929. bob hope
  3930. When I go to my office (rare occurrence) I need to display my badge on my shirt pocket at all times, people actually challenge me if I forget to wear it
  3931.        
  3932. 15:31
  3933. bob hope
  3934. Our council makes employers where there badge "backwards"
  3935.        
  3936. 15:31
  3937. bob hope
  3938. @James Why not test it by using a novelty name badge?
  3939.        
  3940. 15:31
  3941. bob hope
  3942. *wear
  3943.        
  3944. 15:32
  3945. bob hope
  3946. auto correct is still killing me today
  3947.        
  3948. 15:32
  3949. bob hope
  3950. Tailgating is surprisingly easy to do in most companies
  3951.        
  3952. 15:32
  3953. bob hope
  3954. Some of those badges have RFID and can be copied.
  3955.        
  3956. 15:32
  3957. bob hope
  3958. Tailgating is a pet peeve of mine
  3959.        
  3960. 15:32
  3961. bob hope
  3962. @Mike, yeah, that happens to me on the iPad all the time
  3963.        
  3964. 15:33
  3965. bob hope
  3966. @James P - Yep. I feel bad slamming the door into a persons face evertime
  3967.        
  3968. 15:33
  3969. bob hope
  3970. But security first
  3971.        
  3972. 15:33
  3973. bob hope
  3974. Social engineering seems to encompass every old con-man confidence scheme that has been around since the beginning of human society. Gain someones trust, confidence, etc to get or take something from them.
  3975.        
  3976. 15:33
  3977. bob hope
  3978. @Creigh Exactly
  3979.        
  3980. 15:33
  3981. bob hope
  3982. One lesson I learned in 82nd. NO ID NO ACCESS. Never ever be afraid to deny entry to someone.
  3983.        
  3984. 15:33
  3985. bob hope
  3986. I don't even have card access to the building since I'm a telecommuter, I need to bug the guard when I need to get my mail
  3987.        
  3988. 15:33
  3989. bob hope
  3990. I walk people so someone I know who will vouch for the tailgater. Most people understand and thank you
  3991.        
  3992. 15:34
  3993. bob hope
  3994. at my previous place of work I was able to walk in without my badge, and get through the entire day without needing one.
  3995.        
  3996. 15:34
  3997. bob hope
  3998. Lingo comes in big here
  3999.        
  4000. 15:34
  4001. bob hope
  4002. Kevin who? Did someone catch that name?
  4003.        
  4004. 15:35
  4005. bob hope
  4006. Mitnick
  4007.        
  4008. 15:35
  4009. bob hope
  4010. Mitnick
  4011.        
  4012. 15:35
  4013. bob hope
  4014. He has some good books which explain what he used to get up to
  4015.        
  4016. 15:35
  4017. bob hope
  4018. He was the king of social engineering
  4019.        
  4020. 15:36
  4021. bob hope
  4022. His books are great
  4023.        
  4024. 15:36
  4025. bob hope
  4026. http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X
  4027.        
  4028. 15:36
  4029. bob hope
  4030. Hi-vis, iron on transfer the logo from their website
  4031.        
  4032. 15:36
  4033. bob hope
  4034. or by carrying a laptop bag or other tools
  4035.        
  4036. 15:36
  4037. bob hope
  4038. People fall for people who project authority and are afraid of questioning them
  4039.        
  4040. 15:36
  4041. bob hope
  4042. Good Book @Chris
  4043.        
  4044. 15:37
  4045. bob hope
  4046. I have all of Mitnick's books, Ghost in the wires is excellent
  4047.        
  4048. 15:37
  4049. bob hope
  4050. Love that film
  4051.        
  4052. 15:37
  4053. bob hope
  4054. @ James yes always wanted to red but haven't yet.
  4055.        
  4056. 15:37
  4057. bob hope
  4058. red it
  4059.        
  4060. 15:38
  4061. bob hope
  4062. read it
  4063.        
  4064. 15:38
  4065. bob hope
  4066. Catch me if you can movie is awesome, so is the book
  4067.        
  4068. 15:38
  4069. bob hope
  4070. Quickly! Can someone send me their login details to check the websites working for me. QUICK THE WORLDS ENDING
  4071.        
  4072. 15:38
  4073. bob hope
  4074. reddit?
  4075.        
  4076. 15:38
  4077. bob hope
  4078. *wonders how many techies here are also roleplayers* could be relevant to our acting ability
  4079.        
  4080. 15:38
  4081. bob hope
  4082. Many are short on the ears and long in the mouth.
  4083.        
  4084. 15:40
  4085. bob hope
  4086. Social eng is how Mat Honan from wired got all of his Apple devices wiped.
  4087.        
  4088. 15:40
  4089. bob hope
  4090. @James I could use longer ears
  4091.        
  4092. 15:40
  4093. bob hope
  4094. Anyone in a UPS uniform gets in no problem
  4095.        
  4096. 15:40
  4097. bob hope
  4098. Yeah, I remember that hack.
  4099.        
  4100. 15:40
  4101. bob hope
  4102. Wow... that's amazing
  4103.        
  4104. 15:40
  4105. bob hope
  4106. Longer ears would be classified as a Ferengi.
  4107.        
  4108. 15:41
  4109. bob hope
  4110. Look for an empty office, and move in, like George Costanza.
  4111.        
  4112. 15:41
  4113. bob hope
  4114. LOL
  4115.        
  4116. 15:41
  4117. bob hope
  4118. How do you teach someone to protect themselves from every effective con that has worked before in a 45 minute training seminar... No perfect solution to that one.
  4119.        
  4120. 15:41
  4121. bob hope
  4122. LOL
  4123.        
  4124. 15:41
  4125. bob hope
  4126. great social engineering book http://www.amazon.co.uk/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=asap_bc?ie=UTF8 by Chris Hadnagy who is behind http://www.social-engineer.org
  4127.        
  4128. 15:41
  4129. bob hope
  4130. @Darryl Thanks I heard that's a good book
  4131.        
  4132. 15:42
  4133. bob hope
  4134. @Darryl Thanks for link, adding to to read list
  4135.        
  4136. 15:42
  4137. bob hope
  4138. *Bookmarked
  4139.        
  4140. 15:42
  4141. bob hope
  4142. @Darryl, good book. That book teaches you facial expressions and how to look when you lie
  4143.        
  4144. 15:43
  4145. bob hope
  4146. I'm reminded of the show 'Lie to me'
  4147.        
  4148. 15:43
  4149. bob hope
  4150. Not quite on current topic, buy phishing crosses into social engineering. The OpenDNS test is worth a go: https://www.opendns.com/phishing-quiz/
  4151.        
  4152. 15:43
  4153. bob hope
  4154. That was a good show @Michala
  4155.        
  4156. 15:43
  4157. bob hope
  4158. @Michala, I remember that show
  4159.        
  4160. 15:44
  4161. bob hope
  4162. "Lie to me" was a good show for understanding body language
  4163.        
  4164. 15:44
  4165. bob hope
  4166. Thanks @Mike P
  4167.        
  4168. 15:44
  4169. bob hope
  4170. say your there for an interview/sales , say to receptionist i forgot my CV can you print it off handing them a rubberDucky Usb stick
  4171.        
  4172. 15:45
  4173. bob hope
  4174. @Sean - Isn't that what you hope for the company though? Wouldnt that be what you would WANT to happen?
  4175.        
  4176. 15:45
  4177. bob hope
  4178. Have a good lunch guys!
  4179.        
  4180. 15:45
  4181. bob hope
  4182. Michala - You and I had the same thought...sorry for the duplication
  4183.        
  4184. 15:45
  4185. bob hope
  4186. Thanks guys another top notch show!
  4187.        
  4188. 15:45
  4189. bob hope
  4190. @Sean - Catching you?
  4191.        
  4192. 15:45
  4193. bob hope
  4194. Thanks guys!
  4195.        
  4196. 15:45
  4197. bob hope
  4198. Enjoy guys!
  4199.        
  4200. 15:45
  4201. bob hope
  4202. See you after lunch thanks  Np James
  4203.        
  4204. 15:46
  4205. bob hope
  4206. its only 8:45 am on west coast. Maybe some breakfast
  4207.        
  4208. 15:46
  4209. bob hope
  4210. Sean looking forward to reading your book. The pre-view on amazon looks great.
  4211.        
  4212. 15:46
  4213. bob hope
  4214. Yeah, I think there is an example in the book that played on sympathy as well. Something like my kid spilled something on my last printed resume and I need this job so can you print this out for me
  4215.        
  4216. 15:47
  4217. bob hope
  4218. you want the to work for it
  4219.        
  4220. 15:47
  4221. bob hope
  4222. @Darryl, I'm with you there
  4223.        
  4224. 15:47
  4225. bob hope
  4226. Still breakfast hour for me too
  4227.        
  4228. 15:47
  4229. bob hope
  4230. Here's the link to the micro expressions stuff that Lie to me was about if anyone wants to look into further: http://www.paulekman.com/micro-expressions/
  4231.        
  4232. 15:48
  4233. bob hope
  4234. See you guys after lunch
  4235.        
  4236. 15:48
  4237. bob hope
  4238. ok, see you after breakfast
  4239.        
  4240. 15:48
  4241. bob hope
  4242. Thanks @Michala that is very interseting
  4243.        
  4244. 15:48
  4245. bob hope
  4246. Gonna look for something to nibble on. BRB in a few.
  4247.        
  4248. 15:48
  4249. bob hope
  4250. Thanks all. Great fun. Make sure you;'ve backed up your OneNote
  4251.        
  4252. 15:48
  4253. bob hope
  4254. would take a lot of practice to get it down like he did in the show
  4255.        
  4256. 15:48
  4257. bob hope
  4258. in case anyone does not know what a rubberDucky USB stick is http://hakshop.myshopify.com/products/usb-rubber-ducky-deluxe?variant=353378649
  4259.        
  4260. 15:50
  4261. bob hope
  4262. Need a case on the rubber ducky that says logitech or Microsoft so they think it is a receiver for USB keyboard
  4263.        
  4264. 15:50
  4265. bob hope
  4266. @Darryl Thanks
  4267.        
  4268. 15:50
  4269. bob hope
  4270. I have an older Ducky, works great!
  4271.        
  4272. 15:50
  4273. bob hope
  4274. The quick guide to microexpressions without forking out money: http://www.scienceofpeople.com/2013/09/guide-reading-microexpressions/
  4275.        
  4276. 15:50
  4277. bob hope
  4278. Rubber Ducks great, but most large companies have already cut those dead. Hard handed way, disable USB altogether. Or more commonly try to mitigate the attack by cutting the execution of the script
  4279.        
  4280. 15:51
  4281. bob hope
  4282. Thanks @Darryl
  4283.        
  4284. 15:51
  4285. bob hope
  4286. Hak5 is a great Podcast
  4287.        
  4288. 15:51
  4289. bob hope
  4290. Thats the way we do at our clients. @ Mike P
  4291.        
  4292. 15:52
  4293. bob hope
  4294. I use them for internal training, good to drop in company public area, labeled "Pictures" she who plugs it in!
  4295.        
  4296. 15:53
  4297. bob hope
  4298. A thanks to Jason for putting up that information in the lower third, it really helps.
  4299.        
  4300. 15:57
  4301. bob hope
  4302. Another good book again by Chris Handnagy for Micro Expression , with the help of Dr Paul Echam who discovered them is http://www.amazon.co.uk/Unmasking-Social-Engineer-Element-Security/dp/1118608577/ref=asap_bc?ie=UTF8
  4303.        
  4304. 15:58
  4305. bob hope
  4306. @Darryl thanks, adding to reading list
  4307.        
  4308. 15:58
  4309. bob hope
  4310. Btw, has any one here done the EC Council incident handler cert and have views on it they are willing to share?
  4311.        
  4312. 15:58
  4313. bob hope
  4314. Great show!
  4315.        
  4316. 16:00
  4317. bob hope
  4318. good show! ready for the next.
  4319.        
  4320. 16:00
  4321. bob hope
  4322. AFK
  4323.        
  4324. 16:03
  4325. bob hope
  4326. @Mike P Just did that phishing test - YOU'RE A PHISH-SPOTTING NINJA! YOU CORRECTLY IDENTIFIED 14 OUT OF 14 SITES IN THE OPENDNS PHISHING QUIZ - phew!
  4327.        
  4328. 16:07
  4329. bob hope
  4330. That would be a good one to have employees do.
  4331.        
  4332. 16:08
  4333. bob hope
  4334. haha I got 14 as well
  4335.        
  4336. 16:08
  4337. bob hope
  4338. @ Michael yes they would benefit the most.
  4339.        
  4340. 16:09
  4341. bob hope
  4342. It's worth even making one relevant for your company. Altering the company intranet/website and emails to test the employees
  4343.        
  4344. 16:09
  4345. bob hope
  4346. I like the first one yahoo mail is upgrading with a google address LOL
  4347.        
  4348. 16:10
  4349. bob hope
  4350. @Mike P that is a good idea.
  4351.        
  4352. 16:10
  4353. bob hope
  4354. good thought
  4355.        
  4356. 16:11
  4357. bob hope
  4358. Haha, I make the suggestion to my company that we should have our clients do that test and my dispatcher replies "The resutls may be quite depressing."
  4359.        
  4360. 16:11
  4361. bob hope
  4362. I missed the American Airlines phish, I was going through it too quick.
  4363.        
  4364. 16:11
  4365. bob hope
  4366. Has anyone had any success with the spt toolkit? It was an open source phishing education tool but I never got it working correctly to manage multiple campaigns
  4367.        
  4368. 16:14
  4369. bob hope
  4370. Never tried it.
  4371.        
  4372. 16:19
  4373. bob hope
  4374. Not heard of that
  4375.        
  4376. 16:20
  4377. bob hope
  4378. looks like it's discontinued
  4379.        
  4380. 16:25
  4381. bob hope
  4382. Mmmm mexican food
  4383.        
  4384. 16:27
  4385. bob hope
  4386. Rob got a new high score?
  4387.        
  4388. 16:28
  4389. bob hope
  4390. I'm married to a Mexican Shawn, so everything she cooks is "Mexican food".
  4391.        
  4392. 16:30
  4393. bob hope
  4394. mmm, sounds good, when should I come over? haha
  4395.        
  4396. 16:31
  4397. bob hope
  4398. depends on what she or david is preparing tonight... what on the menu this evening David
  4399.        
  4400. 16:32
  4401. bob hope
  4402. Most of it is good (I know how to cook too), but she uses more oil than necessary.
  4403.        
  4404. 16:32
  4405. bob hope
  4406. i think Rob is in 3rd place
  4407.        
  4408. 16:32
  4409. bob hope
  4410. I cooked a bunch of pork on Saturday (and just heated up some for lunch right now).
  4411.        
  4412. 16:34
  4413. bob hope
  4414. It's been hard teaching a Mexican family that you don't use a metal fork on Teflon (TM), then you don't need so much cooking oil.
  4415.        
  4416. 16:37
  4417. bob hope
  4418. hahah @David
  4419.        
  4420. 16:37
  4421. bob hope
  4422. Where are you Nate?
  4423.        
  4424. 16:38
  4425. bob hope
  4426. haha
  4427.        
  4428. 16:40
  4429. bob hope
  4430. My Chromecast is still infrequently dropping the cast.
  4431.        
  4432. 16:41
  4433. bob hope
  4434. Is it the latest build causing issues dave?
  4435.        
  4436. 16:41
  4437. bob hope
  4438. Or you have them before tomorrow
  4439.        
  4440. 16:41
  4441. bob hope
  4442. No, it is probably the corporate network.
  4443.        
  4444. 16:43
  4445. bob hope
  4446. I don't have any casting problems or my DSL line, but it has been too slow to see an unbuffered presentation from IT Pro.
  4447.        
  4448. 16:43
  4449. bob hope
  4450. So I switch over to our corporate LAN.
  4451.        
  4452. 16:44
  4453. bob hope
  4454. I still might try the new travel router, to see if that helps.
  4455.        
  4456. 16:45
  4457. bob hope
  4458. The drops aren't that frequent, but it is random.
  4459.        
  4460. 16:45
  4461. bob hope
  4462. I'm not going to attempt a suggestion, I'm sure you've tried everything
  4463.        
  4464. 16:46
  4465. bob hope
  4466. that was fun 14 of 14 hazaa!! https://www.opendns.com/phishing-quiz/
  4467.        
  4468. 16:46
  4469. bob hope
  4470. The ADTRAN WAPs that we have to use are only G-rate.
  4471.        
  4472. 16:47
  4473. bob hope
  4474. I keep a "rough" ap in my bag for hooking myself into the LAN wirelessly if I need it from say a meeting room but the main wifi is acting up.
  4475.        
  4476. 16:47
  4477. bob hope
  4478. obviously on a different channel
  4479.        
  4480. 16:47
  4481. bob hope
  4482. I can't believe that ADTRAN hasn't made a version that supports the N rate yet.
  4483.        
  4484. 16:47
  4485. bob hope
  4486. @Michael - Good in't it
  4487.        
  4488. 16:48
  4489. bob hope
  4490. Be back - have to relo
  4491.        
  4492. 16:48
  4493. bob hope
  4494. The bad one I think, is the one where they show the EV in blue. Which is incorrect but they still say it's a correct image
  4495.        
  4496. 16:48
  4497. bob hope
  4498. Can anyone suggest a LEGAL way that I can find a lab for learning/working with MAC?
  4499.        
  4500. 16:48
  4501. bob hope
  4502. I guess that they will skip it, and go to AC.
  4503.        
  4504. 16:49
  4505. bob hope
  4506. I've moved to AC at home, for the first time ever I considered ripping out the cat cables, only for a few minutes
  4507.        
  4508. 16:49
  4509. bob hope
  4510. Yeah - I liked it. Super Hands on training for future employees - definitely added to my list of training aides.
  4511.        
  4512. 16:49
  4513. bob hope
  4514. now if only I can find a job!!!
  4515.        
  4516. 16:49
  4517. bob hope
  4518. lol
  4519.        
  4520. 16:49
  4521. bob hope
  4522. @William - MAC?
  4523.        
  4524. 16:50
  4525. bob hope
  4526. sorry Mac
  4527.        
  4528. 16:50
  4529. bob hope
  4530. as in Mac os
  4531.        
  4532. 16:50
  4533. bob hope
  4534. Ah. You need a VM company
  4535.        
  4536. 16:51
  4537. bob hope
  4538. The one I used to use went bust. I'm just asking in the office what else there is.
  4539.        
  4540. 16:52
  4541. bob hope
  4542. thanks
  4543.        
  4544. 16:53
  4545. bob hope
  4546. Nah none knows of anything legal I'm afraid.
  4547.        
  4548. 16:53
  4549. bob hope
  4550. i figured.... oh wel
  4551.        
  4552. 16:53
  4553. bob hope
  4554. l
  4555.        
  4556. 16:53
  4557. bob hope
  4558. If you don't want to buy the OS. You need to find a VM as a service company
  4559.        
  4560. 16:54
  4561. bob hope
  4562. They are around. although most are Windows and Linux offerings. I guess the Mac licencing causes problems
  4563.        
  4564. 16:54
  4565. bob hope
  4566. I mean.. .technically... it's not legal to run the OS on anything but their hardware... per the terms of agreement
  4567.        
  4568. 16:54
  4569. bob hope
  4570. You can (I believe) run the OS On VirtualBox
  4571.        
  4572. 16:55
  4573. bob hope
  4574. I've attempted that in the past... jsut not sure how to start it up
  4575.        
  4576. 16:55
  4577. bob hope
  4578. YouTube is your best bet for that
  4579.        
  4580. 16:57
  4581. bob hope
  4582. yep... just figured if someone knew of a quick and easy way
  4583.        
  4584. 16:57
  4585. bob hope
  4586. Afraid not. Apple arn't to accommodating about you jamming their OS on none Mac products
  4587.        
  4588. 16:57
  4589. bob hope
  4590. Maybe Sean knows how to "hack it in"
  4591.        
  4592. 17:01
  4593. bob hope
  4594. i mean
  4595.        
  4596. 17:02
  4597. bob hope
  4598. a lot of hacer take macbooks to conferences
  4599.        
  4600. 17:02
  4601. bob hope
  4602. they use them as thei main devices and have vms running inside them
  4603.        
  4604. 17:02
  4605. bob hope
  4606. ugh... typing today
  4607.        
  4608. 17:02
  4609. bob hope
  4610. Yeah most Mac people run windows as a VM
  4611.        
  4612. 17:02
  4613. bob hope
  4614. so they can do some actual work
  4615.        
  4616. 17:02
  4617. bob hope
  4618. Awaiting an Apple thrown at my face
  4619.        
  4620. 17:03
  4621. bob hope
  4622. plus once you drop down to terminal in mac... you can do ALMOST as much as you can in linux. As long as you can get the source and compile it locally
  4623.        
  4624. 17:03
  4625. bob hope
  4626. @Mike P: Including Don.
  4627.        
  4628. 17:03
  4629. bob hope
  4630. plus it gives you that nice cult like sense of belonging
  4631.        
  4632. 17:04
  4633. bob hope
  4634. If you want linux get a linux,
  4635.        
  4636. 17:04
  4637. bob hope
  4638. only joking by the way William
  4639.        
  4640. 17:04
  4641. bob hope
  4642. Speaking of which... if Don is on here now... and thoughts on when the 9lo-525(Certified Technical Coordinator) series will finish up?
  4643.        
  4644. 17:06
  4645. bob hope
  4646. I've always liked Microsoft (dodges thrown glass). That's why i'm a .NET developer. Like any large long running company they have made some dire mistakes though. Windows ME argh!
  4647.        
  4648. 17:06
  4649. bob hope
  4650. @mike... yeah... i have a dual core celeron netbook with 4gb of ram that i run point linux on. That's my main linux machine... then I have an OLD PII running my print server, and my media/file server
  4651.        
  4652. 17:06
  4653. bob hope
  4654. I haven't virtualized much with clients yet, almost all of our servers in the office are however.
  4655.        
  4656. 17:06
  4657. bob hope
  4658. i used to love microsoft in the DOS days
  4659.        
  4660. 17:07
  4661. bob hope
  4662. you type in al lthe commands and get places... and people look at you like "Are you a wizard?"
  4663.        
  4664. 17:07
  4665. bob hope
  4666. DOS is the cause of most of their long running inherited problems
  4667.        
  4668. 17:07
  4669. bob hope
  4670. William, I'm just asking Don. It may be in a couple of weeks (week of April 6 or April 16)after the CEH course, that will resume and finish that ACTC.
  4671.        
  4672. 17:07
  4673. bob hope
  4674. Well... to be fair... they didn't start it.
  4675.        
  4676. 17:08
  4677. bob hope
  4678. Thanks Ronnie
  4679.        
  4680. 17:08
  4681. bob hope
  4682. @Ronnie any plans for a CCNA voice yet?
  4683.        
  4684. 17:08
  4685. bob hope
  4686. Nope Microsoft don't start anything
  4687.        
  4688. 17:08
  4689. bob hope
  4690. @Michael - Second that request
  4691.        
  4692. 17:08
  4693. bob hope
  4694. MS-DOS? Heck, I was on PC-DOS.
  4695.        
  4696. 17:09
  4697. bob hope
  4698. I've had to use Dos box for a couple old printers at a clients
  4699.        
  4700. 17:09
  4701. bob hope
  4702. Not yet...
  4703.        
  4704. 17:09
  4705. bob hope
  4706. I suspect you also have that machine in your house still Save ;P
  4707.        
  4708. 17:09
  4709. bob hope
  4710. for CCNA Voice
  4711.        
  4712. 17:09
  4713. bob hope
  4714. Dave*
  4715.        
  4716. 17:09
  4717. bob hope
  4718. Need a place to vote up topics for shows on the website.
  4719.        
  4720. 17:09
  4721. bob hope
  4722. Yes I do, in fact several.
  4723.        
  4724. 17:10
  4725. bob hope
  4726. Stored away, but there.
  4727.        
  4728. 17:10
  4729. bob hope
  4730. @Michael, I will let the team know about your suggestion.
  4731.        
  4732. 17:10
  4733. bob hope
  4734. Thanks!
  4735.        
  4736. 17:10
  4737. bob hope
  4738. Forum is a good place Michael
  4739.        
  4740. 17:11
  4741. bob hope
  4742. I think Don once mentioned there is a post somewhere for people to add to
  4743.        
  4744. 17:11
  4745. bob hope
  4746. ?I think?
  4747.        
  4748. 17:11
  4749. bob hope
  4750. Right know, we track every course suggestion as it comes it
  4751.        
  4752. 17:11
  4753. bob hope
  4754. *in*
  4755.        
  4756. 17:11
  4757. bob hope
  4758. tbh I havent really dug to deep on the website, just had the idea. I will check it out @Mike
  4759.        
  4760. 17:12
  4761. bob hope
  4762. Ronnie's not lying. I requested Nate to do a plumbing one, which I believe is being scheduled
  4763.        
  4764. 17:12
  4765. bob hope
  4766. I'm waiting on the Toilet cleaning episode...
  4767.        
  4768. 17:12
  4769. bob hope
  4770.  
  4771.        
  4772. 17:13
  4773. bob hope
  4774. Me too that is critical hardware to keep clean in any data center
  4775.        
  4776. 17:14
  4777. bob hope
  4778. Did you guys ever do that Powershell segment @Ron
  4779.        
  4780. 17:15
  4781. bob hope
  4782. If you check in our course library...Mike and Don did a bangup PowerShell Kung-Fu series!
  4783.        
  4784. 17:15
  4785. bob hope
  4786. Thanks  Chrome is super laggy right now with all the tabs open, or I woulda checked :D... I was waiting for that! I might need to check that out
  4787.        
  4788. 17:16
  4789. bob hope
  4790. Their Fu is strong!
  4791.        
  4792. 17:16
  4793. bob hope
  4794. I keep asking about new course, but I havent even made it through all the other courses I want to watch yet.
  4795.        
  4796. 17:17
  4797. bob hope
  4798. I knew nothing of PowerShell before the IT Pro segments....
  4799.        
  4800. 17:17
  4801. bob hope
  4802. TECH COURSE RETREAT WEEKEND!!!! I think Ronnie said we could use his place for it right Ronnie. This weekend... everyone in the chat is coming over
  4803.        
  4804. 17:17
  4805. bob hope
  4806.  
  4807.        
  4808. 17:17
  4809. bob hope
  4810. And now I am pulling up things to teach others.
  4811.        
  4812. 17:18
  4813. bob hope
  4814. https://www.youtube.com/watch?v=aUqes9QdLQ4&list=PL09FCD460700D99DE - Kevin Mitnick
  4815.        
  4816. 17:19
  4817. bob hope
  4818. I even learned empirically the "Windows 8.1 with Bing" comes with PS4.0, and can't be upgraded to v5.0.
  4819.        
  4820. 17:20
  4821. bob hope
  4822. At least I didn't wait through the looping "Preparing for setup" after an hour.
  4823.        
  4824. 17:22
  4825. bob hope
  4826. @David I didn't know v5 came out yet
  4827.        
  4828. 17:22
  4829. bob hope
  4830. stackoverflow is where you want to be looking for powershell or any code help really. The guys on their are superb
  4831.        
  4832. 17:24
  4833. bob hope
  4834. It is a "Preview"/beta for 8.1 / S2012, part of the WMF package: http://www.microsoft.com/en-us/download/details.aspx?id=44987
  4835.        
  4836. 17:24
  4837. bob hope
  4838. The best way to learn powershell is to actually use it though. So why not script out a whole new server build script. Setting up an AD domain, ACL's, DNS etc... Once you done that you will be Ninja!
  4839.        
  4840. 17:24
  4841. bob hope
  4842. haha, that Kevin Mitnick video is awesome.
  4843.        
  4844. 17:27
  4845. bob hope
  4846. It is. I've been enjoying it over mexican food
  4847.        
  4848. 17:27
  4849. bob hope
  4850. I like how he hacks the prison phones .... made me lol
  4851.        
  4852. 17:28
  4853. bob hope
  4854. havent gotten there yet, just heard about the McDonalds drive through hack.
  4855.        
  4856. 17:28
  4857. bob hope
  4858. For many people, Taco Bell or burritos/hard shell tacos are "Mexican food".
  4859.        
  4860. 17:29
  4861. bob hope
  4862. Most of the inmate phones now are done through "SECURUS".
  4863.        
  4864. 17:31
  4865. bob hope
  4866. @Michael I have read his books and some of the stories he tells are great
  4867.        
  4868. 17:31
  4869. bob hope
  4870. I bet
  4871.        
  4872. 17:32
  4873. bob hope
  4874. geesh sean
  4875.        
  4876. 17:33
  4877. bob hope
  4878. saving the human race instead of teaching
  4879.        
  4880. 17:35
  4881. bob hope
  4882. TIL Sean is a timelord.
  4883.        
  4884. 17:35
  4885. bob hope
  4886. @Sean I really like your book through Sybex no less, it is a nice informative read.
  4887.        
  4888. 17:36
  4889. bob hope
  4890. I'm back.
  4891.        
  4892. 17:37
  4893. bob hope
  4894. @Sean book arriving today looking forward to it.
  4895.        
  4896. 17:37
  4897. bob hope
  4898. I will say this @David... i can only eat like 1 or two REAL mexican (corn) tortillas
  4899.        
  4900. 17:38
  4901. bob hope
  4902. GERONIMO!
  4903.        
  4904. 17:39
  4905. bob hope
  4906. Wibbly Wobbly Security?
  4907.        
  4908. 17:39
  4909. bob hope
  4910. Awesome
  4911.        
  4912. 17:39
  4913. bob hope
  4914. Hi all! I couldn't make it earlier, what did I miss?
  4915.        
  4916. 17:40
  4917. bob hope
  4918. In other news, I have the awesome Star Trek Enterprise Pizza Cutter downstairs
  4919.        
  4920. 17:40
  4921. bob hope
  4922. You missed how to pull tweets from a geolocation
  4923.        
  4924. 17:40
  4925. bob hope
  4926. cool
  4927.        
  4928. 17:40
  4929. bob hope
  4930. I h ave the pizza cutter too! hehe
  4931.        
  4932. 17:40
  4933. bob hope
  4934. What time are we starting again?
  4935.        
  4936. 17:41
  4937. bob hope
  4938. @Mike R lovely isn't it?
  4939.        
  4940. 17:41
  4941. bob hope
  4942. I have one
  4943.        
  4944. 17:41
  4945. bob hope
  4946. @mike w.... nowish
  4947.        
  4948. 17:41
  4949. bob hope
  4950. Well it was until my mother in law cleaned it with a scrub brush...
  4951.        
  4952. 17:41
  4953. bob hope
  4954. now it's all scratched up
  4955.        
  4956. 17:41
  4957. bob hope
  4958. Eek, sacrilege
  4959.        
  4960. 17:41
  4961. bob hope
  4962. ish?
  4963.        
  4964. 17:41
  4965. bob hope
  4966. sp
  4967.        
  4968. 17:41
  4969. bob hope
  4970. Most folks don't realize the original sound effects for Star Trek were done on a Yamaha Organ
  4971.        
  4972. 17:41
  4973. bob hope
  4974. thanks
  4975.        
  4976. 17:42
  4977. bob hope
  4978. I fully support Theme Week. I want to see Don show up in a Harry Potter costume lol
  4979.        
  4980. 17:42
  4981. bob hope
  4982. (I mean, it fits)
  4983.        
  4984. 17:42
  4985. bob hope
  4986. The transporter was chrismas lights.
  4987.        
  4988. 17:44
  4989. bob hope Sandez
  4990. made it
  4991.        
  4992. 17:44
  4993. bob hope
  4994. And not very many buttons on their consoles.
  4995.        
  4996. 17:44
  4997. bob hope
  4998. hahahahaha
  4999.        
  5000. 17:46
  5001. bob hope
  5002. You got it, rule of thirds!
  5003.        
  5004. 17:46
  5005. bob hope
  5006. Use those all of the time.
  5007.        
  5008. 17:47
  5009. bob hope
  5010. FB WILL STRIP THIS INFO.
  5011.        
  5012. 17:48
  5013. bob hope
  5014. Konica Minolta... good copiers lol
  5015.        
  5016. 17:48
  5017. bob hope
  5018. G+ will not, they will keep it.
  5019.        
  5020. 17:48
  5021. bob hope
  5022. They caught John McAfee through geotagging
  5023.        
  5024. 17:48
  5025. bob hope
  5026. LOL
  5027.        
  5028. 17:48
  5029. bob hope
  5030. That's right though.
  5031.        
  5032. 17:49
  5033. bob hope
  5034. in McAfee's case it was the journalist who posted it, not him
  5035.        
  5036. 17:49
  5037. bob hope
  5038. Yeah, but small companies will put pictures from their phones, or other cameras, on their websites. That's not secure
  5039.        
  5040. 17:50
  5041. bob hope
  5042. You can also identify the camera because cameras have fingerprints, usually pixels that get damaged over time
  5043.        
  5044. 17:51
  5045. bob hope
  5046. CSI Cyber Used these last week with the Mustache Taxi episode...
  5047.        
  5048. 17:51
  5049. bob hope
  5050. < I'm shaking my head too!! LoL >
  5051.        
  5052. 17:51
  5053. bob hope
  5054. Appraiser uses that a l ot
  5055.        
  5056. 17:51
  5057. bob hope
  5058. House appraisers
  5059.        
  5060. 17:52
  5061. bob hope
  5062. I want timestamps
  5063.        
  5064. 17:53
  5065. bob hope
  5066. Great, now I have to take all my online photos down
  5067.        
  5068. 17:54
  5069. bob hope
  5070. Hmm... is this one any good Sean? http://www.geocreepy.com/
  5071.        
  5072. 17:54
  5073. bob hope
  5074. https://www.paterva.com/web6/
  5075.        
  5076. 17:54
  5077. bob hope
  5078. Yep ran that @Michala
  5079.        
  5080. 17:55
  5081. bob hope
  5082. Yo ho....
  5083.        
  5084. 17:55
  5085. bob hope
  5086. Would you recommend it James O?
  5087.        
  5088. 17:55
  5089. bob hope
  5090. Somebody's watchin' me!
  5091.        
  5092. 17:56
  5093. bob hope
  5094. I messed with that a few months ago.
  5095.        
  5096. 17:56
  5097. bob hope
  5098. cool
  5099.        
  5100. 17:57
  5101. bob hope
  5102. thats kewl
  5103.        
  5104. 17:57
  5105. bob hope
  5106. where am i
  5107.        
  5108. 17:57
  5109. bob hope
  5110. does it drill down to connections??
  5111.        
  5112. 17:57
  5113. bob hope
  5114. nodal
  5115.        
  5116. 17:57
  5117. bob hope
  5118. Did IT Pro TV contract with Sean to find all security vulnerabilities before these episodes?
  5119.        
  5120. 17:58
  5121. bob hope
  5122. haha, thats what I was wondering @David
  5123.        
  5124. 17:58
  5125. bob hope
  5126. or maybe this is the test...
  5127.        
  5128. 17:58
  5129. bob hope
  5130. this looks internal though
  5131.        
  5132. 17:59
  5133. bob hope
  5134. Does it matter that Sean's microphone is upside down?
  5135.        
  5136. 17:59
  5137. bob hope
  5138. that will be very educational, hacking ITPro.tv
  5139.        
  5140. 17:59
  5141. bob hope
  5142. HOLY CRAP
  5143.        
  5144. 18:00
  5145. bob hope
  5146. @Stanley no. it's an omnidirectional mic
  5147.        
  5148. 18:00
  5149. bob hope
  5150. but you are inside the network.
  5151.        
  5152. 18:00
  5153. bob hope
  5154. I assume Internal verses External creates different results
  5155.        
  5156. 18:00
  5157. bob hope
  5158. Would you get the same results from the internet as opposed to internal?
  5159.        
  5160. 18:00
  5161. bob hope
  5162. It's actually working better for hime upside down than it did right side up
  5163.        
  5164. 18:00
  5165. bob hope
  5166. I'm salivating right now. Too Sweet!
  5167.        
  5168. 18:01
  5169. bob hope
  5170. LOL
  5171.        
  5172. 18:01
  5173. bob hope
  5174. hehe
  5175.        
  5176. 18:01
  5177. bob hope
  5178. itpro.tv resolves to the web server, so it depends on where it's hosted
  5179.        
  5180. 18:01
  5181. bob hope
  5182. olvidosplace.net
  5183.        
  5184. 18:02
  5185. bob hope
  5186. that's my website... i host is in a secure place
  5187.        
  5188. 18:02
  5189. bob hope
  5190. people need to add it to their hosts file currently
  5191.        
  5192. 18:02
  5193. bob hope
  5194. my website is nsa.org
  5195.        
  5196. 18:02
  5197. bob hope
  5198. You can't hit it. NXDOMAIN.
  5199.        
  5200. 18:02
  5201. bob hope
  5202. HAHAHAH
  5203.        
  5204. 18:03
  5205. bob hope
  5206. They are on Google Apps for Work, but I think they are on AWS too.
  5207.        
  5208. 18:03
  5209. bob hope
  5210. How about whitehouse.gov
  5211.        
  5212. 18:04
  5213. bob hope
  5214. welll it was nice knowing you Philip
  5215.        
  5216. 18:04
  5217. bob hope
  5218. 0_0
  5219.        
  5220. 18:04
  5221. bob hope
  5222. lol
  5223.        
  5224. 18:04
  5225. bob hope
  5226. LOL
  5227.        
  5228. 18:04
  5229. bob hope
  5230. LOL
  5231.        
  5232. 18:05
  5233. bob hope
  5234. Q: Any SaaS that combine tools like this and shodan, etc???
  5235.        
  5236. 18:06
  5237. bob hope
  5238. ^^ I second that question
  5239.        
  5240. 18:07
  5241. bob hope
  5242. A honeypot would be helpful in detecting something like this
  5243.        
  5244. 18:07
  5245. bob hope
  5246. sounds like this is the tool tht does it
  5247.        
  5248. 18:08
  5249. bob hope
  5250. It (maltego) should be powerful for the price
  5251.        
  5252. 18:09
  5253. bob hope
  5254. fair enough revised question
  5255.        
  5256. 18:09
  5257. bob hope
  5258. Question: Does Maltego also cross reference with Shodan?
  5259.        
  5260. 18:10
  5261. bob hope
  5262. alias+name@gmail.com
  5263.        
  5264. 18:10
  5265. bob hope
  5266. James, a lot of sites don't accept the + required for alias with gmail
  5267.        
  5268. 18:11
  5269. bob hope
  5270. it's not like Gmail is going to read your email and use it in thier products.
  5271.        
  5272. 18:11
  5273. bob hope
  5274. lol
  5275.        
  5276. 18:11
  5277. bob hope
  5278. Q: Should the CEH have paid acounts for some of these "lookup" services?? I would think that the "Black-Hats" have paid for some lookup services...
  5279.        
  5280. 18:11
  5281. bob hope
  5282. Can you strip the Geoinformation out of a picture after the fact?
  5283.        
  5284. 18:12
  5285. bob hope
  5286. It's scary how much information is out there about me. I know I was shocked when I would google myself. Things have changed however, thankfully there are others with my name that are more popular than I
  5287.        
  5288. 18:12
  5289. bob hope
  5290. yeah... I have a friend named tim jones
  5291.        
  5292. 18:12
  5293. bob hope
  5294. hard to find
  5295.        
  5296. 18:13
  5297. bob hope
  5298. KanyeWest seems to think the internet does "Takebacks"
  5299.        
  5300. 18:13
  5301. bob hope
  5302. @Matthew it's amazing what you find. Apparently there is a judge in NZ with the same as mine
  5303.        
  5304. 18:14
  5305. bob hope
  5306. I have book authors and criminal investigators, and doctors. I am none of these
  5307.        
  5308. 18:14
  5309. bob hope
  5310. TOR is not as good as it used to be.
  5311.        
  5312. 18:14
  5313. bob hope
  5314. are you going to demonstrate any of those "hiding" techniques?
  5315.        
  5316. 18:14
  5317. bob hope
  5318. or am I?
  5319.        
  5320. 18:14
  5321. bob hope
  5322. leaking info
  5323.        
  5324. 18:15
  5325. bob hope
  5326. People don't understand this technology they use
  5327.        
  5328. 18:15
  5329. bob hope
  5330. Dependent upon the budget of the attacker, Tor is definitely not anonymous anymore.
  5331.        
  5332. 18:15
  5333. bob hope
  5334. Question: Is there a list of mac addresses you can access?
  5335.        
  5336. 18:16
  5337. bob hope
  5338. I can't wait till I re-watch all the eps I have missed and such. This is what I want to do.
  5339.        
  5340. 18:16
  5341. bob hope
  5342. awesome episode guys!
  5343.        
  5344. 18:16
  5345. bob hope
  5346. Where is Maltego Carbon's main site? Never know which google link to click on that isn't malware
  5347.        
  5348. 18:16
  5349. bob hope
  5350. https://www.paterva.com/web6/
  5351.        
  5352. 18:17
  5353. bob hope
  5354. Have a good one all!
  5355.        
  5356. 18:17
  5357. bob hope
  5358. no more shows for today?
  5359.        
  5360. 18:17
  5361. bob hope
  5362. @Matthew https://www.paterva.com/web6/
  5363.        
  5364. 18:17
  5365. bob hope
  5366. Great show
  5367.        
  5368. 18:17
  5369. bob hope
  5370. like does Starbucks record your Mac address and sell the info
  5371.        
  5372. 18:17
  5373. bob hope
  5374. Tor Not So Anonymous: http://twit.cachefly.net/audio/sn/sn0493/sn0493.mp3
  5375.        
  5376. 18:17
  5377. bob hope
  5378. wow paterva doesn't even come up in the first 10
  5379.        
  5380. 18:18
  5381. bob hope
  5382. bye
  5383.        
  5384. 18:18
  5385. bob hope
  5386. ty guys!
  5387.        
  5388. 18:18
  5389. bob hope
  5390. I wish I could get up at 5am to catch you guys
  5391.        
  5392. 18:18
  5393. bob hope
  5394. I'm having troubles running it too.
  5395.        
  5396. 18:18
  5397. bob hope
  5398. @Sean - How do you feel about VPN services, or proxy services... any favs?
  5399.        
  5400. 18:19
  5401. bob hope
  5402. Hmm... this is interesting
  5403.        
  5404. 18:19
  5405. bob hope
  5406. Using Maltego I can see which other websites are hosted by our third party provider
  5407.        
  5408. 18:19
  5409. bob hope
  5410. TV time out lol
  5411.        
  5412. 18:19
  5413. bob hope
  5414. would it be better to work, for example, in Public Libraries?
  5415.        
  5416. 18:19
  5417. bob hope
  5418. Could be useful for independently verifying references from a procurement perspective
  5419.        
  5420. 18:20
  5421. bob hope
  5422. @Sean, also Fabian's questions
  5423.        
  5424. 18:20
  5425. bob hope
  5426.  
  5427.        
  5428. 18:21
  5429. bob hope
  5430. We can hardly hear Sean
  5431.        
  5432. 18:21
  5433. bob hope
  5434. his mic is muted
  5435.        
  5436. 18:21
  5437. bob hope
  5438. ahhh
  5439.        
  5440. 18:21
  5441. bob hope
  5442. I'm having work interrupt, IP address allocation.
  5443.        
  5444. 18:21
  5445. bob hope
  5446. Plug in your mic Sean!
  5447.        
  5448. 18:21
  5449. bob hope
  5450. or unplugged... one of the two
  5451.        
  5452. 18:21
  5453. bob hope
  5454. Security camera DVRs.
  5455.        
  5456. 18:22
  5457. bob hope
  5458. lol
  5459.        
  5460. 18:22
  5461. bob hope
  5462. for hiding I think is what he meant
  5463.        
  5464. 18:23
  5465. bob hope
  5466. @Sean - to hide your footprint
  5467.        
  5468. 18:23
  5469. bob hope
  5470. so.... he is more a darker shade of white hat
  5471.        
  5472. 18:23
  5473. bob hope
  5474. yeah - hear you! Wish I had some of the All in One forensic kits...
  5475.        
  5476. 18:24
  5477. bob hope
  5478. ok, I need to drive home now
  5479.        
  5480. 18:24
  5481. bob hope
  5482. just kidding.
  5483.        
  5484. 18:24
  5485. bob hope
  5486. lol fabian
  5487.        
  5488. 18:24
  5489. bob hope
  5490. Use McDonalds network
  5491.        
  5492. 18:24
  5493. bob hope
  5494. local library SWATTED
  5495.        
  5496. 18:25
  5497. bob hope
  5498. LOL
  5499.        
  5500. 18:25
  5501. bob hope
  5502. Thanks guys
  5503.        
  5504. 18:25
  5505. bob hope
  5506. @Sean - duyring initial client meetings, do you ever have the pessimistic decision maker who doesn't see the value of your service.... are there any paths you take to reel them in... show them the importance of this... or hell, even make them paranoid (like some of us have felt since you started showing us)
  5507.        
  5508. 18:25
  5509. bob hope
  5510. during*
  5511.        
  5512. 18:26
  5513. bob hope
  5514. I did a test where I got rid of my cell service and used a throwaway phone, if I needed network on my iphone (which had no cell service) I'd just find a starbucks, mcdonalds, or other free wifi
  5515.        
  5516. 18:26
  5517. bob hope
  5518. Thanks guys, good session as always. Looking forward to getting into scanning
  5519.        
  5520. 18:28
  5521. bob hope
  5522. IE: I see the value of this, but I'm an IT Professional with 10+ years of experience. Others might not see it... selling pts
  5523.        
  5524. 18:28
  5525. bob hope
  5526. @ Matt... how did that go?
  5527.        
  5528. 18:30
  5529. bob hope
  5530. I find your exposure to fines and Lawsuits moves mountains
  5531.        
  5532. 18:31
  5533. bob hope
  5534. walk in and start the scan while you talk to them and then after your discussion turn your laptop around and say look at htis.
  5535.        
  5536. 18:32
  5537. bob hope
  5538. @robins. and then go straigh to jail
  5539.        
  5540. 18:32
  5541. bob hope
  5542. Do you ever recommend PR and goodwill. Are you less likely to get hacked if you are a liked company
  5543.        
  5544. 18:32
  5545. bob hope
  5546. Do not pass go do not collect $200
  5547.        
  5548. 18:32
  5549. bob hope
  5550. Proof is in the puddin sometimes I guess. Thanks for your time
  5551.        
  5552. 18:32
  5553. bob hope
  5554. wow seriously? i am not the only person who works in my group, why do they all call me when i am at home
  5555.        
  5556. 18:32
  5557. bob hope
  5558. have you been called to testified in court?
  5559.        
  5560. 18:33
  5561. bob hope
  5562. @william well I survived a year and was only inconvienenced a few times where I thought "Dang it I wish I had a network now" It's amazing how we get attached to these devices and yet we really don't need them.
  5563.        
  5564. 18:33
  5565. bob hope
  5566. I don't know if this was asked before
  5567.        
  5568. 18:33
  5569. bob hope
  5570. My next experiement is going with a throwaway cellphone and leave it off unless in an emergency (off and battery removed.)
  5571.        
  5572. 18:33
  5573. bob hope
  5574. getting SR management to own up to being vulnerable may be a big hurdle. constant denial.
  5575.        
  5576. 18:34
  5577. bob hope
  5578. I wonder if Target was hacked simply because they had the name Target and they hackers thought it would be funny?
  5579.        
  5580. 18:35
  5581. bob hope
  5582. Probably more to it than that James P.
  5583.        
  5584. 18:35
  5585. bob hope
  5586. *the
  5587.        
  5588. 18:35
  5589. bob hope
  5590. @Michael I am having the same problem here. Management wants all of the employees to go thru email security training but will not go thru it themselves
  5591.        
  5592. 18:36
  5593. bob hope
  5594. hahahaha
  5595.        
  5596. 18:36
  5597. bob hope
  5598. pieces of scat
  5599.        
  5600. 18:36
  5601. bob hope
  5602. -not you @Jeff
  5603.        
  5604. 18:36
  5605. bob hope
  5606. disgruntled current/former employees are a dangerous thing
  5607.        
  5608. 18:37
  5609. bob hope
  5610. I hate Target
  5611.        
  5612. 18:37
  5613. bob hope
  5614. It usually turns out that Upper management is a big vulnerability.
  5615.        
  5616. 18:37
  5617. bob hope
  5618. Their return policy is ridiculous
  5619.        
  5620. 18:37
  5621. bob hope
  5622. Thanks @Mike @Sean
  5623.        
  5624. 18:38
  5625. bob hope
  5626. @Brian Yes, some great material over on https://www.cert.org/insider-threat/ regarding research
  5627.        
  5628. 18:38
  5629. bob hope
  5630. You want to see something scary? I know of banks (and most banks do this) hire outside cleaning teams that when they are done they take the trash with them.
  5631.        
  5632. 18:38
  5633. bob hope
  5634. I have one that will click on every link and open every attachment and thinks that since he is on a Mac nothing will happen to him
  5635.        
  5636. 18:38
  5637. bob hope
  5638. Yep, worked with a dude he knew he was gonna get can. He went in and used hedge cutters and clipped all of the cables in the server room.
  5639.        
  5640. 18:38
  5641. bob hope
  5642. I wonder how much sensitive info is in that trash, and what do theses cleaning services do with it.
  5643.        
  5644. 18:38
  5645. bob hope
  5646. We had a company manager (thankfully former) that was always compromising his laptop.
  5647.        
  5648. 18:39
  5649. bob hope
  5650. 2JAMEs LOL
  5651.        
  5652. 18:39
  5653. bob hope
  5654. @Jeff - I understand - And I feel you! ... ... ...
  5655.        
  5656. 18:39
  5657. bob hope
  5658. I wish I had hacked Target... I'd be rich! ... In Jail, but Rich
  5659.        
  5660. 18:39
  5661. bob hope
  5662. I almost had to go to the point of imaging his drive, so the rebuild would be easier.
  5663.        
  5664. 18:40
  5665. bob hope
  5666. @James O that's crazy. At least they didn't do serious damage in terms of deleting data or AD trees etc
  5667.        
  5668. 18:40
  5669. bob hope
  5670. It's why a lot of people hire contractors, so they can fire w/o cause.
  5671.        
  5672. 18:40
  5673. bob hope
  5674. Crosscut personal shredder in my office Matthew.
  5675.        
  5676. 18:41
  5677. bob hope
  5678. This was many years go. LIke 20 yrs.
  5679.        
  5680. 18:41
  5681. bob hope
  5682. David: your office, how about your bank
  5683.        
  5684. 18:41
  5685. bob hope
  5686. yeah ... I have a feeling that people at my old job are worried about that still... and it's been 2 weeks
  5687.        
  5688. 18:41
  5689. bob hope
  5690. You know those little trash trays where you fill out deposit slips?
  5691.        
  5692. 18:41
  5693. bob hope
  5694. I have way too much access just handed to me in all the different areas
  5695.        
  5696. 18:41
  5697. bob hope
  5698. and as it turns out i need to go
  5699.        
  5700. 18:41
  5701. bob hope
  5702. have you ever been called to testify in court?
  5703.        
  5704. 18:41
  5705. bob hope
  5706. catch you later
  5707.        
  5708. 18:41
  5709. bob hope
  5710. back
  5711.        
  5712. 18:42
  5713. bob hope
  5714. My bank doesn't have a local branch, so it is all electronic transactions with them for me.
  5715.        
  5716. 18:42
  5717. bob hope
  5718. But point taken.
  5719.        
  5720. 18:42
  5721. bob hope
  5722. Not me. LOVE my job!
  5723.        
  5724. 18:42
  5725. bob hope
  5726. David: I have considered that
  5727.        
  5728. 18:42
  5729. bob hope
  5730. who doesnt complain about their jobs lol
  5731.        
  5732. 18:42
  5733. bob hope
  5734. Vivian: I am sure you have complained about me a few times
  5735.        
  5736. 18:42
  5737. bob hope
  5738. Snowden
  5739.        
  5740. 18:42
  5741. bob hope
  5742. I'm back!
  5743.        
  5744. 18:42
  5745. bob hope
  5746. Silent ones are the deadliest.
  5747.        
  5748. 18:43
  5749. bob hope
  5750. 0.0000001%
  5751.        
  5752. 18:43
  5753. bob hope
  5754. Ha ha.
  5755.        
  5756. 18:43
  5757. bob hope
  5758.  
  5759.        
  5760. 18:43
  5761. bob hope
  5762. any know woman hacker?
  5763.        
  5764. 18:44
  5765. bob hope
  5766. known
  5767.        
  5768. 18:44
  5769. bob hope
  5770. Shannon Morse & Colleen Kelley.
  5771.        
  5772. 18:44
  5773. bob hope
  5774. thats right!
  5775.        
  5776. 18:44
  5777. bob hope
  5778. In many languages American == Lazy
  5779.        
  5780. 18:44
  5781. bob hope
  5782. Navy sensitive document disposal in San Diego circa 25 years ago was to mulch it with a shredder driven by a V-8 engine, then incinerate the output....
  5783.        
  5784. 18:45
  5785. bob hope
  5786. They are named Pat
  5787.        
  5788. 18:45
  5789. bob hope
  5790. and Chris
  5791.        
  5792. 18:45
  5793. bob hope
  5794. nope. no women hackers. move along.
  5795.        
  5796. 18:45
  5797. bob hope
  5798. I never knew why they just didn't burn it from the beginning.
  5799.        
  5800. 18:45
  5801. bob hope
  5802. apparently women are more stealthy
  5803.        
  5804. 18:46
  5805. bob hope
  5806. pink hat hackers
  5807.        
  5808. 18:46
  5809. bob hope
  5810. I was at a seminar with Peter Wood recently and he said his best social engineers were women
  5811.        
  5812. 18:46
  5813. bob hope
  5814. feel like i ve given away the farm just registeringmaltego...
  5815.        
  5816. 18:46
  5817. bob hope
  5818. Peggy calling
  5819.        
  5820. 18:46
  5821. bob hope
  5822. He's right... people tell me lots of interesting things when they are trying to 'teach' me
  5823.        
  5824. 18:47
  5825. bob hope
  5826. #NSA PickUp Lines..........
  5827.        
  5828. 18:47
  5829. bob hope
  5830. Hit it guys!
  5831.        
  5832. 18:47
  5833. bob hope
  5834. anxious to learn about scanning!
  5835.        
  5836. 18:47
  5837. bob hope
  5838. @Deborah Nice one:)
  5839.        
  5840. 18:47
  5841. bob hope
  5842. http://slowrobot.com/i/51361
  5843.        
  5844. 18:48
  5845. bob hope
  5846. It's not always the best... you're right it has perks... but it's not always fun
  5847.        
  5848. 18:49
  5849. bob hope
  5850. Speaking of shredding documents, anyone ever see that Iran reconstructed some documents that U.S. Embassy staff shredded before they had to be evacuated?
  5851.        
  5852. 18:49
  5853. bob hope
  5854. @Sean Have you ever tried to anger someone to make them slip up?
  5855.        
  5856. 18:50
  5857. bob hope
  5858. They were shredded into strips not cross cuts
  5859.        
  5860. 18:50
  5861. bob hope
  5862. Still, "Better Call Saul" aside, that still is some work.
  5863.        
  5864. 18:50
  5865. bob hope
  5866. nsa would bring in an archeologist to piece it back togehter..
  5867.        
  5868. 18:51
  5869. bob hope
  5870. No, they just probably had a room of women in burkas doing it.
  5871.        
  5872. 18:51
  5873. bob hope
  5874. Still need to put the stuff into an acid bath to disolve
  5875.        
  5876. 18:52
  5877. bob hope
  5878. heat the house with it..
  5879.        
  5880. 18:52
  5881. bob hope
  5882. @James P Interesting question
  5883.        
  5884. 18:53
  5885. bob hope
  5886. what is a GREAT tool for doing screen capturing AND a running log of your activity taken during the engagement;
  5887.        
  5888. 18:53
  5889. bob hope
  5890. http://www.bbc.com/news/magazine-16036967
  5891.        
  5892. 18:53
  5893. bob hope
  5894. should we say agree?
  5895.        
  5896. 18:53
  5897. bob hope
  5898. LOL @ Mike R.
  5899.        
  5900. 18:54
  5901. bob hope
  5902. *fires up VM*
  5903.        
  5904. 18:54
  5905. bob hope
  5906. I can't afford Sean, but I'd love to be pentested and given a report on how bad I am. (I know there are holes.)
  5907.        
  5908. 18:54
  5909. bob hope
  5910. I agree to the disclaime
  5911.        
  5912. 18:54
  5913. bob hope
  5914.  
  5915.        
  5916. 18:54
  5917. bob hope
  5918. disclaimer*
  5919.        
  5920. 18:55
  5921. bob hope
  5922. That BBC article shows that computers can be used to reconstruct shredded documents (David waves to NSA).
  5923.        
  5924. 18:55
  5925. bob hope
  5926. Jason, thanks for fixing Sean's microphone. Now Mike and Sean's volume is closer to being at the same level. It is appreciated. The microphone pickup pattern was compromised when it was pointed at his feet.
  5927.        
  5928. 18:56
  5929. bob hope
  5930. you are welcome. Sean is a n00b.
  5931.        
  5932. 18:56
  5933. bob hope
  5934. he hasnt been called that in awhile,
  5935.        
  5936. 18:58
  5937. bob hope
  5938. lol
  5939.        
  5940. 19:00
  5941. bob hope
  5942. 220, 221, whatever it takes
  5943.        
  5944. 19:01
  5945. bob hope
  5946. ports are like a switchboard
  5947.        
  5948. 19:02
  5949. bob hope
  5950. If you see something running on port 1337 or 31337, it's probably a backdoor...
  5951.        
  5952. 19:02
  5953. bob hope
  5954. Or Ip address is the house address and ports are the doors, windows and chimney
  5955.        
  5956. 19:02
  5957. bob hope
  5958. I need your book!!
  5959.        
  5960. 19:03
  5961. bob hope
  5962. What is Port 80?
  5963.        
  5964. 19:03
  5965. bob hope
  5966. /me smiles
  5967.        
  5968. 19:03
  5969. bob hope
  5970. HTTP
  5971.        
  5972. 19:03
  5973. bob hope
  5974. @Michala I might steal that for training.
  5975.        
  5976. 19:03
  5977. bob hope
  5978. Please do
  5979.        
  5980. 19:03
  5981. bob hope
  5982. Wait... I heard HTTP was malware
  5983.        
  5984. 19:03
  5985. bob hope
  5986. Port 80 is ping @Matthew
  5987.        
  5988. 19:04
  5989. bob hope
  5990. It usually is.
  5991.        
  5992. 19:04
  5993. bob hope
  5994.  JK
  5995.        
  5996. 19:04
  5997. bob hope
  5998. and porn
  5999.        
  6000. 19:04
  6001. bob hope
  6002. jk LOL
  6003.        
  6004. 19:05
  6005. bob hope
  6006. multiplex       171     tcp/udp Network Innovations Multiplex
  6007.        
  6008. 19:05
  6009. bob hope
  6010. but, there may be a new VUL tied to a port... and it may be a 0-Day - etc etc
  6011.        
  6012. 19:05
  6013. bob hope
  6014. If you are good with computers, and used to work as a level 2 support specialist and small business ms server supporter for 1-100 users. Taken a 7 year break officially from IT work, where would start on certs if you want to be a IT security person (i.e.pentester)
  6015.        
  6016. 19:05
  6017. bob hope
  6018. Fing on Android is great to map a network.
  6019.        
  6020. 19:05
  6021. bob hope
  6022. ^
  6023.        
  6024. 19:07
  6025. bob hope
  6026. Fing is really helpful @JAmes
  6027.        
  6028. 19:07
  6029. bob hope
  6030. Firewalls log these kinda utils
  6031.        
  6032. 19:08
  6033. bob hope
  6034. Not necessarily if you're already inside the network.
  6035.        
  6036. 19:08
  6037. bob hope
  6038. great. (unrelated to this topic) I am installing Itunes, so I can backup my phone before I wipe it. and Itunes needs authorization. I enter my credentials and get told "The iTunes store is temporarily unavailable." OY Vey.
  6039.        
  6040. 19:09
  6041. bob hope
  6042. AngryIP scanner is helpful in scanning an internal network for a quick list of active IPs.
  6043.        
  6044. 19:09
  6045. bob hope
  6046. nmap FTW
  6047.        
  6048. 19:09
  6049. bob hope
  6050. @Matthew , buy the annual itpro subscription and just start going though all the courses, A+ Security + Network + - I'm in the same boat, picking back up - getting CAUGHT up on TODAYS techno. CCENT, CCNA - CEH, Incident Response etc
  6051.        
  6052. 19:09
  6053. bob hope
  6054. haha, extra credit for me!
  6055.        
  6056. 19:09
  6057. bob hope
  6058. Get it in writing!
  6059.        
  6060. 19:10
  6061. bob hope
  6062. Already have the annual  been on it for a year or maybe two.
  6063.        
  6064. 19:10
  6065. bob hope
  6066. great port filtering with AngryIP as well.
  6067.        
  6068. 19:10
  6069. bob hope
  6070. Did Sean have ITpro.tv sign a waiver before he started?
  6071.        
  6072. 19:10
  6073. bob hope
  6074. http://angryip.org/
  6075.        
  6076. 19:11
  6077. bob hope
  6078. @Michael: I don't have the $$$ to pay for all those certs! Holy crap that's at least $4000-$5000 in tests
  6079.        
  6080. 19:11
  6081. bob hope
  6082. @Shawn thanks
  6083.        
  6084. 19:11
  6085. bob hope
  6086. Fing will be mentally noted for when my Nexus 6 arrives, my RAZR M is chock full of too many apps right now.
  6087.        
  6088. 19:11
  6089. bob hope
  6090. Advanced Port scanner was a quick useful tool too, but now a days it fails a lot on modern OSs.
  6091.        
  6092. 19:11
  6093. bob hope
  6094. My HP printer shows 10 wireless (available) nodes
  6095.        
  6096. 19:12
  6097. bob hope
  6098. Or don't respond to pings
  6099.        
  6100. 19:12
  6101. bob hope
  6102. Do either of those tools do OS discovery?
  6103.        
  6104. 19:12
  6105. bob hope
  6106. I see a mac!
  6107.        
  6108. 19:12
  6109. bob hope
  6110. Wish I could get the 64Gb Nexus 6 version (since it can't have micro-SD cards).
  6111.        
  6112. 19:12
  6113. bob hope
  6114. sometimes devices are there just not replying to pings...
  6115.        
  6116. 19:13
  6117. bob hope
  6118. NMAP can do those deep scans.
  6119.        
  6120. 19:13
  6121. bob hope
  6122. @David, you should put Kali Nethunter on your current Nexus...
  6123.        
  6124. 19:13
  6125. bob hope
  6126. QUESTION: Would you "Go INTO" someones iPhone connected to a "Closed" network - as part of your engagement... to potentially find "stuff"??
  6127.        
  6128. 19:13
  6129. bob hope
  6130. netcat
  6131.        
  6132. 19:13
  6133. bob hope
  6134. I forgot about netcat.
  6135.        
  6136. 19:13
  6137. bob hope
  6138. NMAP -sS -v 10.0.0.0/24
  6139.        
  6140. 19:14
  6141. bob hope
  6142. I don't have it yet Shawn, and as long as I don't have to root it (because it is employer-provided).
  6143.        
  6144. 19:14
  6145. bob hope
  6146. -sP for ping scan
  6147.        
  6148. 19:14
  6149. bob hope
  6150. -sS is SYN scan
  6151.        
  6152. 19:14
  6153. bob hope
  6154. Ah yeah @David, nevermind LOL
  6155.        
  6156. 19:14
  6157. bob hope
  6158. ICMP traffic
  6159.        
  6160. 19:15
  6161. bob hope
  6162. It's still being shipped, because even people on Neptune had it on their network before Verizon did.
  6163.        
  6164. 19:15
  6165. bob hope
  6166. http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
  6167.        
  6168. 19:16
  6169. bob hope
  6170. I wouldn't want the white color (only if my arm were twisted more with no other options), but Verizon only has it in midnight blue & 32Gb internal storage.
  6171.        
  6172. 19:17
  6173. bob hope
  6174. would you let Sean open your Cellphone
  6175.        
  6176. 19:17
  6177. bob hope
  6178. Bonjour protocol is on
  6179.        
  6180. 19:17
  6181. bob hope
  6182. Question: Are there ways to scan UDP ports? obviously not like TCP scans.
  6183.        
  6184. 19:17
  6185. bob hope
  6186. that nails it
  6187.        
  6188. 19:17
  6189. bob hope
  6190. If the AUP states that personal devices shouldn't be connected to the network then surely if people breach that it is fair cop?
  6191.        
  6192. 19:17
  6193. bob hope
  6194. Michael: Sort of, depends on the protocol. But it isn't guranteed to be reliable.
  6195.        
  6196. 19:18
  6197. bob hope
  6198. MNAP can scan UDP
  6199.        
  6200. 19:18
  6201. bob hope
  6202. @James makes since since there is no back and forth like TCP
  6203.        
  6204. 19:18
  6205. bob hope
  6206. There is no 'connection', so no handshake to see if a port is open. If the service responds to the packet, you might be able to get some info (e.g. a SIP VoIP server listening on 5060UDP
  6207.        
  6208. 19:18
  6209. bob hope
  6210. ^didnt mean "no" back and forth, but different
  6211.        
  6212. 19:19
  6213. bob hope
  6214. BRB.
  6215.        
  6216. 19:19
  6217. bob hope
  6218. thx @James
  6219.        
  6220. 19:19
  6221. bob hope
  6222. NP!
  6223.        
  6224. 19:19
  6225. bob hope
  6226. no expectation of privacy on a corp device... lots of folks take chances
  6227.        
  6228. 19:19
  6229. bob hope
  6230. @Michala you are using reason and logic. To a "civillian" end user what ever they need to do to make life easy is fair.
  6231.        
  6232. 19:20
  6233. bob hope
  6234. I is vulcan LLAP
  6235.        
  6236. 19:20
  6237. bob hope
  6238.  @Michala
  6239.        
  6240. 19:20
  6241. bob hope
  6242. Michala is really T'pol.
  6243.        
  6244. 19:20
  6245. bob hope
  6246. Seriously though, I guess it comes down to the agreements and education of those users up front
  6247.        
  6248. 19:21
  6249. bob hope
  6250. Would any type of user policy factor in if the employee signed it when they started?
  6251.        
  6252. 19:22
  6253. bob hope
  6254. syslog
  6255.        
  6256. 19:22
  6257. bob hope
  6258. is it ok to Scan, just scan for example at an airport
  6259.        
  6260. 19:22
  6261. bob hope
  6262. I think that regardless of policy signed, if there is no suspicion of criminal activity on the device, it would be tough to have legitimate grounds in the UK
  6263.        
  6264. 19:22
  6265. bob hope
  6266. airport wifi
  6267.        
  6268. 19:23
  6269. bob hope
  6270. AUP
  6271.        
  6272. 19:23
  6273. bob hope
  6274. @Michala uers expecting privacy on personal devices is the reason we have a :public" and a secure wi-fi network. Personal devices can not connect to the secure wi-fi
  6275.        
  6276. 19:23
  6277. bob hope
  6278. If the company even has a policy in place...
  6279.        
  6280. 19:23
  6281. bob hope
  6282. We usually implement a Private, Guest and BYOD Wireless network with different policies accordingly.
  6283.        
  6284. 19:23
  6285. bob hope
  6286. Private = company owned and managed devices only
  6287.        
  6288. 19:23
  6289. bob hope
  6290. or a splash page on the wifi
  6291.        
  6292. 19:24
  6293. bob hope
  6294. @David, that's how it was at my last contract. 2 networks.
  6295.        
  6296. 19:24
  6297. bob hope
  6298. @David Agreed completely. I know that some of our users woudl still plug in phones to charge off USB port aalthough storage unaccessible
  6299.        
  6300. 19:24
  6301. bob hope
  6302. Thanks guys!
  6303.        
  6304. 19:25
  6305. bob hope
  6306. I caught the end of Mike talking about work-provided phones, I agree but I'm always told the FCC won't give me legal recourse for my employer-provided phone being on the Do Not Call Registry.
  6307.        
  6308. 19:25
  6309. bob hope
  6310. thanks!!
  6311.        
  6312. 19:25
  6313. bob hope
  6314. l8r gang my day is done. Looking forward to tomorrow
  6315.        
  6316. 19:25
  6317. bob hope
  6318. what arcade machine is that? looks like donkey kong?
  6319.        
  6320. 19:26
  6321. bob hope
  6322. a custom built MAME system
  6323.        
  6324. 19:26
  6325. bob hope
  6326. @David Beem LOL!
  6327.        
  6328. 19:27
  6329. bob hope
  6330. @james thats sweet... I was playing with a Pi looking to do the same
  6331.        
  6332. 19:28
  6333. bob hope
  6334. @Caleb watch the PMI course. They use the arcade cabinet as the sample project
  6335.        
  6336. 19:28
  6337. bob hope
  6338. I've wondered why we put out a second wireless network presumably for guest devices (but still with a WPA2 passphrase) when it hits the same DHCP pool.
  6339.        
  6340. 19:28
  6341. bob hope
  6342. I still have to put on my mame games back on my machine.
  6343.        
  6344. 19:29
  6345. bob hope
  6346. the cabinet is MAME on the back end and Hyper Spin on the front end
  6347.        
  6348. 19:29
  6349. bob hope
  6350. @David: You can still implement ACLs to block traffic to LAN devices. Ideally it should be on it's own subnet, but something is better than nothing.
  6351.        
  6352. 19:29
  6353. bob hope
  6354. @Sean - Are we going to boot up Kali anytime during the show?
  6355.        
  6356. 19:29
  6357. bob hope
  6358. I thought about looking into the Pi arcade as well @Caleb
  6359.        
  6360. 19:30
  6361. bob hope
  6362. Im still using the original one, really really want the new Pi2
  6363.        
  6364. 19:30
  6365. bob hope
  6366. me 2, Ive got 2 PIs now. one is running a Zwave system I am testing out and the other I am going to setup for Echolink for my local Ham club
  6367.        
  6368. 19:30
  6369. bob hope
  6370. I have two Pi 1s and two Pi2s.
  6371.        
  6372. 19:31
  6373. bob hope
  6374. Still need to figure out what to do with them
  6375.        
  6376. 19:31
  6377. bob hope
  6378. I want to try a PI2 for a media center
  6379.        
  6380. 19:31
  6381. bob hope
  6382. XBMC
  6383.        
  6384. 19:31
  6385. bob hope
  6386. The Pi1 ran it, but didnt mount my DVD isos very well
  6387.        
  6388. 19:31
  6389. bob hope
  6390. o/ waves to Don as he walks by
  6391.        
  6392. 19:31
  6393. bob hope
  6394. no more XBMC, now is Kodi
  6395.        
  6396. 19:32
  6397. bob hope
  6398. Why did they change the name again?
  6399.        
  6400. 19:32
  6401. bob hope
  6402. I guess I havent played with it for a few months. I'll check it out
  6403.        
  6404. 19:32
  6405. bob hope
  6406. need a port of Kali on the Pi
  6407.        
  6408. 19:32
  6409. bob hope
  6410. I think someone said there is. Don't know if that's true or not.
  6411.        
  6412. 19:32
  6413. bob hope
  6414. Remeber guys, I am copying the chatlogs today and putting them on pastebin. Stick around and ill post the link after today's broadcast. I also have yesterday's, so if you need it, let me know
  6415.        
  6416. 19:33
  6417. bob hope
  6418. http://docs.kali.org/kali-on-arm/install-kali-linux-arm-raspberry-pi
  6419.        
  6420. 19:33
  6421. bob hope
  6422. I would like yeasterdays
  6423.        
  6424. 19:33
  6425. bob hope
  6426. I love the convo about using a robot to shoot an home invader?
  6427.        
  6428. 19:33
  6429. bob hope
  6430. o/ waves at Don again as he leaves.
  6431.        
  6432. 19:33
  6433. bob hope
  6434. *yesterdays
  6435.        
  6436. 19:34
  6437. bob hope
  6438. I can't wait to d/l this seriess
  6439.        
  6440. 19:34
  6441. bob hope
  6442. Are the previous episodes available on Roku?
  6443.        
  6444. 19:34
  6445. bob hope
  6446. series* (I am getting tired of my usb keyboard)
  6447.        
  6448. 19:35
  6449. bob hope
  6450. http://pastebin.com/yJuuvvvv - link to yesterday's chat @Matthew
  6451.        
  6452. 19:35
  6453. bob hope
  6454. they are on the Roku. Just got done with 'em
  6455.        
  6456. 19:35
  6457. bob hope
  6458. Awesome, thanks Nate!
  6459.        
  6460. 19:35
  6461. bob hope
  6462. OH kewl! ty Nathan.. I can go upstairs and watch from my easychair... (my officer still has a folding table and folding chair.)
  6463.        
  6464. 19:35
  6465. bob hope
  6466. Audio just got muted
  6467.        
  6468. 19:36
  6469. bob hope
  6470. They do that when they want to talk bad about the chatroom ...
  6471.        
  6472. 19:36
  6473. bob hope
  6474.  
  6475.        
  6476. 19:36
  6477. bob hope
  6478. We
  6479.        
  6480. 19:36
  6481. bob hope
  6482. Nate is hopping fast, but I did hear Tim mention that deadline on the air.
  6483.        
  6484. 19:36
  6485. bob hope
  6486. we're trying to hack a ISP in western New Mexico
  6487.        
  6488. 19:36
  6489. bob hope
  6490. Wow you have done 7 shows already?
  6491.        
  6492. 19:37
  6493. bob hope
  6494. in 2 days. bravo!
  6495.        
  6496. 19:37
  6497. bob hope
  6498. only the best for our subscribers
  6499.        
  6500. 19:37
  6501. bob hope
  6502. Hmm... instead of posting on Pastebin - could you post on the forum on ITpro instead? I'm not entirely keen about chat being posted on open internet.
  6503.        
  6504. 19:38
  6505. bob hope
  6506. Sure, I can do that today Michala. I did that yesterday due to requests
  6507.        
  6508. 19:38
  6509. bob hope
  6510. I like the idea of being able to refer back to the chat Shawn - just seems inconsistent with what we're learning here from a privacy perspective
  6511.        
  6512. 19:38
  6513. bob hope
  6514. Michala & I think alike.
  6515.        
  6516. 19:38
  6517. bob hope
  6518. Go to the northwest in New Mexico (Bug Bunny: "Right turn at Albuquerque"), in the southwest there is just a few of us.
  6519.        
  6520. 19:38
  6521. bob hope
  6522. Thanks Shawn - appreciate it
  6523.        
  6524. 19:38
  6525. bob hope
  6526. *Bugs*
  6527.        
  6528. 19:38
  6529. bob hope
  6530. Yeah, we need to be able to make snarky comments without risk of being exposed...  
  6531.        
  6532. 19:39
  6533. bob hope
  6534. I also offered to just password the paste next time
  6535.        
  6536. 19:39
  6537. bob hope
  6538. Yeah, like the stuff I posted yesterday.
  6539.        
  6540. 19:39
  6541. bob hope
  6542. I hear Bork
  6543.        
  6544. 19:40
  6545. bob hope
  6546. or Defender
  6547.        
  6548. 19:40
  6549. bob hope
  6550. brb time to take the ankle biters out.
  6551.        
  6552. 19:40
  6553. bob hope
  6554. that's it bezerk
  6555.        
  6556. 19:40
  6557. bob hope
  6558. I knew I had heard that sound.
  6559.        
  6560. 19:40
  6561. bob hope
  6562. Eh, my wife can see the live-stream on the Roku, but I don't think she has an account to see the chatroom.
  6563.        
  6564. 19:40
  6565. bob hope
  6566. Do I have permission from ITpro.TV to paste the chat logs into the forum?
  6567.        
  6568. 19:40
  6569. bob hope
  6570. Although - having said that I now see that the forums are all open to the internet
  6571.        
  6572. 19:41
  6573. bob hope
  6574. I jsut searched my name and itpro and it came up with my old forum posts
  6575.        
  6576. 19:41
  6577. bob hope
  6578. Yeah, the forum doesn't require an account to view and show up in google results
  6579.        
  6580. 19:41
  6581. bob hope
  6582. As long as mines is crocheting she don't care what I put on.
  6583.        
  6584. 19:41
  6585. bob hope
  6586. Nate should fix that
  6587.        
  6588. 19:41
  6589. bob hope
  6590. However I did show her that IT Pro TV had Office 365 training videos.
  6591.        
  6592. 19:41
  6593. bob hope
  6594. @James poke Nate some on that point!
  6595.        
  6596. 19:42
  6597. bob hope
  6598. I guess until then a password it is?
  6599.        
  6600. 19:42
  6601. bob hope
  6602. Yeah @Michala, I'll just do pastebin with a password of ITPro.tv
  6603.        
  6604. 19:42
  6605. bob hope
  6606. ok downloading the first 7 eps available
  6607.        
  6608. 19:43
  6609. bob hope
  6610. What? No 18 character password?
  6611.        
  6612. 19:43
  6613. bob hope
  6614. @Shawn I assume you are joking re password?
  6615.        
  6616. 19:43
  6617. bob hope
  6618. Just use ROT13 encryption
  6619.        
  6620. 19:43
  6621. bob hope
  6622. And Jason, the network stuff really isn't my baby now, so as long as you don't affected my Internet access I'm not too worried.
  6623.        
  6624. 19:43
  6625. bob hope
  6626. Talking smack about us again. Mics are off
  6627.        
  6628. 19:43
  6629. bob hope
  6630. Yes, lol...
  6631.        
  6632. 19:43
  6633. bob hope
  6634. Yup...
  6635.        
  6636. 19:43
  6637. bob hope
  6638. It's a "Stupid User" video LOL
  6639.        
  6640. 19:44
  6641. bob hope
  6642. Lowdown put that mic back on
  6643.        
  6644. 19:44
  6645. bob hope
  6646. They are just taunting us.
  6647.        
  6648. 19:44
  6649. bob hope
  6650. Give me that Nexus already, then I'll have a second path out anyway.
  6651.        
  6652. 19:45
  6653. bob hope
  6654. This is me.... https://www.youtube.com/watch?v=nL24aNugo_4 ... this is what I do
  6655.        
  6656. 19:45
  6657. bob hope
  6658. I could have sworn I had a VM of winxp... dang it
  6659.        
  6660. 19:46
  6661. bob hope
  6662. Now I have to create one
  6663.        
  6664. 19:46
  6665. bob hope
  6666. <-- needs to get better at storing and file management
  6667.        
  6668. 19:47
  6669. bob hope
  6670. Anyone have a good software package that doesn't cost an arm and a leg that will do advanced cataloging of hard drives and even do md5 hash's of files to show you where duplicates are?
  6671.        
  6672. 19:47
  6673. bob hope
  6674. I'd be interested in that too. Only ones I know cost an arm and a leg
  6675.        
  6676. 19:48
  6677. bob hope
  6678. Welcome back
  6679.        
  6680. 19:48
  6681. bob hope
  6682. Is this one of those "TV breaks"?
  6683.        
  6684. 19:49
  6685. bob hope
  6686. Man my downloading is making the video buffer badly.
  6687.        
  6688. 19:49
  6689. bob hope
  6690. I love Rural internet... (NOT)
  6691.        
  6692. 19:50
  6693. bob hope
  6694. The boss is flashing red!!!
  6695.        
  6696. 19:50
  6697. bob hope
  6698. When he hits it, I assume lol
  6699.        
  6700. 19:50
  6701. bob hope
  6702. How expensive are the EC-Council iClasses? Anyone look at them?
  6703.        
  6704. 19:51
  6705. bob hope
  6706. downloads throttled.
  6707.        
  6708. 19:51
  6709. bob hope
  6710. ROFL Epic rap battle between Hodor and Groot
  6711.        
  6712. 19:53
  6713. bob hope
  6714. ilearn = $1,899
  6715.        
  6716. 19:54
  6717. bob hope
  6718. Wardialing oh I remember those days!
  6719.        
  6720. 19:55
  6721. bob hope
  6722. Quick run for a candybar, I need some sugar.
  6723.        
  6724. 19:56
  6725. bob hope
  6726. wow
  6727.        
  6728. 19:58
  6729. bob hope
  6730. that's the self-paced version
  6731.        
  6732. 19:58
  6733. bob hope
  6734. Unreliable Delivery Protocol.
  6735.        
  6736. 19:58
  6737. bob hope
  6738. Ah, much better the chops are in the oven.
  6739.        
  6740. 20:03
  6741. bob hope
  6742. I cooked a bunch of pork chops on Saturday James, still eating them.
  6743.        
  6744. 20:03
  6745. bob hope
  6746. for the paste bin concerns here is the regex to anonymise the name with "fake name" (?<=\d\d:\d\d\r\n)\w+\s\w+
  6747.        
  6748. 20:03
  6749. bob hope
  6750. Nothing lasts here.
  6751.        
  6752. 20:04
  6753. bob hope
  6754. Wait... what @ Kevin?
  6755.        
  6756. 20:04
  6757. bob hope
  6758. even *anonymize
  6759.        
  6760. 20:05
  6761. bob hope
  6762. its regex to capture the names after the time and return, in notepad++ use regex find replace tool
  6763.        
  6764. 20:05
  6765. bob hope
  6766. Nice!
  6767.        
  6768. 20:06
  6769. bob hope
  6770. in replace with just stick in "bob hope" or whatever you fancy
  6771.        
  6772. 20:07
  6773. bob hope
  6774. My connection is poor. Not sure if anyone's already mentioned shields up on grc.com for checking your ports. Great tool by steve
  6775.        
  6776. 20:07
  6777. bob hope
  6778. @Kevin nice tip
  6779.        
  6780. 20:07
  6781. bob hope
  6782. Steve's got a lot of great tools.
  6783.        
  6784. 20:08
  6785. bob hope
  6786. He has also a upnp scanner too
  6787.        
  6788. 20:08
  6789. bob hope
  6790. And tools to look for HTTPS vulnerabilities
  6791.        
  6792. 20:09
  6793. bob hope
  6794. ssl labs is good for that too
  6795.        
  6796. 20:09
  6797. bob hope
  6798. Yup
  6799.        
  6800. 20:09
  6801. bob hope
  6802. I didnt catch all those
  6803.        
  6804. 20:10
  6805. bob hope
  6806. My Grandma always did that. when she was done, she was done.
  6807.        
  6808. 20:10
  6809. bob hope
  6810. Syn, Ack, Urg, Psh, Fin, Rst
  6811.        
  6812. 20:10
  6813. bob hope
  6814. @shawn ACK Acknowledgement ERG Process immediately upon receipt PUSH Send all data to me immediately SYN Synchronisation request RESET Reset Equivalent of hanging up the phone FIN
  6815.        
  6816. 20:10
  6817. bob hope
  6818. RST (Reset) is also used to respond to closed ports
  6819.        
  6820. 20:10
  6821. bob hope
  6822. Urg not erg oops
  6823.        
  6824. 20:10
  6825. bob hope
  6826. ty Michala!
  6827.        
  6828. 20:10
  6829. bob hope
  6830. and everyone elkse lol
  6831.        
  6832. 20:11
  6833. bob hope
  6834. Ignore mine go wtih Mike's!
  6835.        
  6836. 20:11
  6837. bob hope
  6838. thanks
  6839.        
  6840. 20:13
  6841. bob hope
  6842. http://packetlife.net/blog/2011/mar/2/tcp-flags-psh-and-urg/
  6843.        
  6844. 20:13
  6845. bob hope
  6846. http://www.hping.org/
  6847.        
  6848. 20:13
  6849. bob hope
  6850. packet captures are fun
  6851.        
  6852. 20:14
  6853. bob hope
  6854. Some nice cheat sheets there, thanks @Fabian
  6855.        
  6856. 20:14
  6857. bob hope
  6858. "scapy" good pkt manipulation program
  6859.        
  6860. 20:14
  6861. bob hope
  6862. http://secdev.org/projects/scapy/
  6863.        
  6864. 20:17
  6865. bob hope
  6866. cool stuff
  6867.        
  6868. 20:17
  6869. bob hope
  6870. what time will we restart?
  6871.        
  6872. 20:18
  6873. bob hope
  6874. FF gave me a invalid cert warning on paterva.com
  6875.        
  6876. 20:18
  6877. bob hope
  6878. @ Kevin - That didn't work for replacing names b
  6879.        
  6880. 20:18
  6881. bob hope
  6882. restart in 5 min, Sean has to save the world
  6883.        
  6884. 20:18
  6885. bob hope
  6886. Thanks
  6887.        
  6888. 20:19
  6889. bob hope
  6890. tested here in notepad++ worked for me
  6891.        
  6892. 20:19
  6893. bob hope
  6894. He can save the whole world twice in 5 mins..
  6895.        
  6896. 20:19
  6897. bob hope
  6898. Hmm, maybe I'm doing it worng then. I've been pasting everything into onenote, so that also might be an issue
  6899.        
  6900. 20:20
  6901. bob hope
  6902. while we take a commercial break, I am unthrottling the downloads
  6903.        
  6904. 20:20
  6905. bob hope
  6906. I wondered why my lights dimmed @Matthew
  6907.        
  6908. 20:20
  6909. bob hope
  6910. @Kevin you want to post todays since I did it yesterday?
  6911.        
  6912. 20:21
  6913. bob hope
  6914. @michael Robins: lol
  6915.        
  6916. 20:21
  6917. bob hope
  6918. notepad++ search then in replace tab put in regex mode / put regex in "find what" and bob hope in replace and click replace all
  6919.        
  6920. 20:21
  6921. bob hope
  6922. I missed what PSH and URG does
  6923.        
  6924. 20:21
  6925. bob hope
  6926. Yeah sure np
  6927.        
  6928. 20:22
  6929. bob hope
  6930. URG Process immediately upon receipt PSH Send all data to me immediately
  6931.        
  6932. 20:22
  6933. bob hope
  6934. Thanks
  6935.        
  6936. 20:22
  6937. bob hope
  6938. http://packetlife.net/blog/2011/mar/2/tcp-flags-psh-and-urg/
  6939.  
  6940. Shawn Prater
  6941. Yep, not working. Probably my formatting
  6942.        
  6943. 20:23
  6944. bob hope
  6945. the way I copy/pasted
  6946.        
  6947. 20:29
  6948. bob hope
  6949. LOL thanks
  6950.        
  6951. 20:31
  6952. bob hope
  6953. Woohoo!
  6954.        
  6955. 20:32
  6956. bob hope
  6957. This just came across my radar. http://www.extremetech.com/internet/201957-congress-considers-patriot-act-repeal-as-fcc-commissioner-moves-to-block-net-neutrality
  6958.        
  6959. 20:32
  6960. bob hope
  6961. Thx James
  6962.        
  6963. 20:33
  6964. bob hope
  6965.        
  6966. 20:33
  6967. bob hope
  6968. yw @Mike
  6969.        
  6970. 20:33
  6971. bob hope
  6972. not gold, but you get the idea @Michala
  6973.        
  6974. 20:33
  6975. bob hope
  6976. Aww, thanks @Brian
  6977.        
  6978. 20:33
  6979. bob hope
  6980. haha
  6981.        
  6982. 20:33
  6983. bob hope
  6984. haha
  6985.        
  6986. 20:34
  6987. bob hope
  6988. nmap has a MacOS port
  6989.        
  6990. 20:34
  6991. bob hope
  6992. @James - Thanks for the link.....
  6993.        
  6994. 20:34
  6995. bob hope
  6996. Linux users - the only REAL power users
  6997.        
  6998. 20:35
  6999. bob hope
  7000. probably already posted but good tool list here http://sectools.org/
  7001.        
  7002. 20:35
  7003. bob hope
  7004. what about MF (main frame)
  7005.        
  7006. 20:35
  7007. bob hope
  7008. it's open source, so feel free to compile it on a MF
  7009.        
  7010. 20:36
  7011. bob hope
  7012. scanme.nmap.org - not at all at once though
  7013.        
  7014. 20:36
  7015. bob hope
  7016. My old Ti-82 caluclator? Nmap?
  7017.        
  7018. 20:36
  7019. bob hope
  7020. whats the android one called? Is it in google play?
  7021.        
  7022. 20:36
  7023. bob hope
  7024. yw @Shawn
  7025.        
  7026. 20:37
  7027. bob hope
  7028. Fing.,... I've used that before
  7029.        
  7030. 20:37
  7031. bob hope
  7032. @Michael, I think that's it?
  7033.        
  7034. 20:38
  7035. bob hope
  7036. will NMAP detect if IDS or FW is doing the RST
  7037.        
  7038. 20:38
  7039. bob hope
  7040. https://secwiki.org/w/Nmap/Android
  7041.        
  7042. 20:38
  7043. bob hope
  7044. snort logs
  7045.        
  7046. 20:39
  7047. bob hope
  7048. nmap has some advanced functionality to help avoid IDS/IPS systems. Things like fragmentation, decoys, spoofing, etc.
  7049.        
  7050. 20:40
  7051. bob hope
  7052. for tools on android check out http://www.nethunter.com or https://www.pwnieexpress.com/
  7053.        
  7054. 20:40
  7055. bob hope
  7056. You can also create bad packets that would be dropped by a system but possibly responded to (RST) by a firewall.
  7057.        
  7058. 20:41
  7059. bob hope
  7060. kewl, thanks @Kevin
  7061.        
  7062. 20:42
  7063. bob hope
  7064. You should scan ITPro's internal network. Free pentest for them.
  7065.        
  7066. 20:44
  7067. bob hope
  7068. how much of the switches testable on nmap for CEH
  7069.        
  7070. 20:46
  7071. bob hope
  7072. Great thanks
  7073.        
  7074. 20:47
  7075. bob hope
  7076. will the exam allow the --help option during the test?
  7077.        
  7078. 20:47
  7079. bob hope
  7080. haha, it's the only switch you need to remember.
  7081.        
  7082. 20:47
  7083. bob hope
  7084. http://resources.infosecinstitute.com/nmap-cheat-sheet/
  7085.        
  7086. 20:48
  7087. bob hope
  7088. There ya go bud
  7089.        
  7090. 20:48
  7091. bob hope
  7092. was that the TARGET MAC Address being displayed?
  7093.        
  7094. 20:48
  7095. bob hope
  7096. By default, nmap only scans 1-1023 and the known services.
  7097.        
  7098. 20:48
  7099. bob hope
  7100. Thanks @Shawn
  7101.        
  7102. 20:48
  7103. bob hope
  7104. thanks Shawn
  7105.        
  7106. 20:49
  7107. bob hope
  7108. oh then that makes it easier!!!
  7109.        
  7110. 20:49
  7111. bob hope
  7112. nope was serious
  7113.        
  7114. 20:49
  7115. bob hope
  7116. This is the Sans one: https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.0.pdf
  7117.        
  7118. 20:50
  7119. bob hope
  7120. Thanks Michala
  7121.        
  7122. 20:50
  7123. bob hope
  7124. Thanks Michala
  7125.        
  7126. 20:50
  7127. bob hope
  7128. thanks!!
  7129.        
  7130. 20:50
  7131. bob hope
  7132. awesome @Michala
  7133.        
  7134. 20:51
  7135. bob hope
  7136. You really do know some awesome links!
  7137.        
  7138. 20:51
  7139. bob hope
  7140. I don't remember stuff - I just know where to find it when I need it
  7141.        
  7142. 20:52
  7143. bob hope
  7144. got your google fu on
  7145.        
  7146. 20:52
  7147. bob hope
  7148. I heard that a really famous intelligent person said, why memorize what you can look up. I save my brain for thinking about stuff I can't look up. (not sure if it's legit or not.)
  7149.        
  7150. 20:52
  7151. bob hope
  7152. google fu is strong in this one.
  7153.        
  7154. 20:53
  7155. bob hope
  7156. Half the battle is knowing WHAT to look for
  7157.        
  7158. 20:53
  7159. bob hope
  7160. yeah - I wish I had my "favorites" from old workstation!!!
  7161.        
  7162. 20:54
  7163. bob hope
  7164. knowing what to search for and how to search for it is key
  7165.        
  7166. 20:54
  7167. bob hope
  7168. @Brian Agreed
  7169.        
  7170. 20:55
  7171. bob hope
  7172. wow, never even considered that they wouldn't know what that was.
  7173.        
  7174. 20:55
  7175. bob hope
  7176. But it makes sense with call waiting and voicemail.
  7177.        
  7178. 20:55
  7179. bob hope
  7180. You should run that same check against a Chromebook.
  7181.        
  7182. 20:57
  7183. bob hope
  7184. Question: So, routers that have a "stealth" option, do they just ignore requests on blocked ports and let them timeout vs Sending a RST packet?
  7185.        
  7186. 20:57
  7187. bob hope
  7188. @Michael: Yes, that's basically the difference between stealth and closed
  7189.        
  7190. 20:57
  7191. bob hope
  7192. are TTL or hops counts affecting the full scan?
  7193.        
  7194. 20:57
  7195. bob hope
  7196. If it's in stealth mode, it just doesn't respond.
  7197.        
  7198. 20:58
  7199. bob hope
  7200. Man this brings back memories of Steve Gibson's ShieldsUp!
  7201.        
  7202. 20:58
  7203. bob hope
  7204. Should that be a general practice on public facing equipment?
  7205.        
  7206. 20:58
  7207. bob hope
  7208. Is there a downside to doing it?
  7209.        
  7210. 20:58
  7211. bob hope
  7212. In most cases, yes its much more secure.
  7213.        
  7214. 20:58
  7215. bob hope
  7216. More difficult to troubleshoot issues.
  7217.        
  7218. 20:58
  7219. bob hope
  7220. Only real downside.
  7221.        
  7222. 20:59
  7223. bob hope
  7224. Kind of like disabling ICMP responses.
  7225.        
  7226. 20:59
  7227. bob hope
  7228. gotcha, thx @James
  7229.        
  7230. 20:59
  7231. bob hope
  7232. exactly
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top