CEH Chat dialog for itpro.tv Day 6 Monday 30th March 2015

CEH Chat dialog for itpro.tv Day 6 Monday 30th March 2015

itpro.tv or itprotv or CEH or Certified Ethical Hacker:
(Pseudonymised version)

13:05
Mickey Mouse
Good afternoon everyone, ready fro some more CEH

13:12
Mickey Mouse
Good afternoon Aladdin and everyone else - looking forward to another session

13:23
Mickey Mouse
Hi Minnie, Looks like we are an hour early it's only 08:23 in florida

13:25
Mickey Mouse
Oh - daylight savings time!

13:25
Mickey Mouse
Of course... doh!

13:25
Mickey Mouse
Be back in an hour then

13:25
Mickey Mouse
Time to catch up on 2nd part of crypto I missed, or update links thread

13:30
Mickey Mouse
setup a custom url for thread: http://bit.ly/itpro-ceh-links

13:43
Mickey Mouse
Good morning everyone!

13:46
Mickey Mouse
Good morning

13:56
Mickey Mouse
Good afternoon Goofy and Chip

13:56
Mickey Mouse
Do you think this is the physical drop box that Donald showed us? http://www.minipwner.com/

13:56
Mickey Mouse
Good afternoon to you : )

13:58
Mickey Mouse
Good morning everyone

13:58
Mickey Mouse
and good afternoon to my Euro neighbors

13:58
Mickey Mouse
I must have missed that part.

13:59
Mickey Mouse
Good morning

13:59
Mickey Mouse
Hi Scott

13:59
Mickey Mouse
@Chip it was in the Maintaining access to the network part when he talked about physical options

13:59
Mickey Mouse
Thanks for the CEH useful links, Minnie. What a wealth of great information.

13:59
Mickey Mouse
All contributions from Donald and you guys in the chat room

14:02
Mickey Mouse
@Minnie I think it is, that is the website that I wrote down in my notes when he was talking about it, but I don't remember if he mentioned the link or if it was someone in the chat.

14:02
Mickey Mouse
Gr33tz & Howdy

14:02
Mickey Mouse
I don't think he mentioned it and I must have missed it in chat

14:03
Mickey Mouse
@Louie hi

14:05
Mickey Mouse
Does anyone have the chat logs for Friday and Thursday?

14:05
Mickey Mouse
Good Morning

14:08
Mickey Mouse
got my book in, unfortunately, they left it in the rain

14:08
Mickey Mouse
Good Morning All

14:09
Mickey Mouse
I wish I hadn't stayed up so late, working on something for a friend. I feel like I'm in a somnabulistic stupor. Caffeine time I guess, before we get started.

14:10
Mickey Mouse
@Chip sounds like a typical Monday to me

14:10
Mickey Mouse
@. Thursday here, not posted Friday's yet, needs anonymising - https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links

14:11
Mickey Mouse
ha ha Duey

14:11
Mickey Mouse
TY Minnie

14:12
Mickey Mouse
Morning everyone!!!

14:13
Mickey Mouse
Morning @.

14:13
Mickey Mouse
I've missed everything since Wednesday (work) GOt to get caught up.

14:15
Mickey Mouse
Oh I wish I was at home for this week, I have a feeling work is going to keep me busy

14:16
Mickey Mouse
Resumes at 1:30PM?

14:16
Mickey Mouse
Yes

14:16
Mickey Mouse
LOL whoops

14:17
Mickey Mouse


14:17
Mickey Mouse
Good morning everyone

14:17
Mickey Mouse
I'm in the middle of setting up the board. enjoy the show

14:17
Mickey Mouse
Good morning

14:17
Mickey Mouse
Morning @Chip

14:17
Mickey Mouse
I see whut you did thar @.

14:17
Mickey Mouse
@Donald So looks like Habs are in the play offs. Go Pens!!!!

14:17
Mickey Mouse
which starts at 930!

14:20
Mickey Mouse
Habs ot Lightning tonight??

14:21
Mickey Mouse
Yes they are.

14:22
Mickey Mouse
morning all!

14:29
Mickey Mouse
Good Morning, sometimes before I would be the first one on chat, now it goes back four pages before I am here.

14:30
Mickey Mouse
@. - updated the thread with link for Friday think I got rid of most names https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links

14:30
Mickey Mouse
@. and @Duey - hi guys

14:30
Mickey Mouse
Hi Minnie!

14:31
Mickey Mouse
Also, I've updated this page: http://bit.ly/itpro-ceh-links (resolves to https://forums.itpro.tv/topic/353/ceh-useful-links )

14:31
Mickey Mouse
Minnie, you deserve another gold star!

14:32
Mickey Mouse
Good morning everyone

14:33
Mickey Mouse
Just adding steganography links now

14:34
Mickey Mouse
Hi Duey

14:35
Mickey Mouse
Did I already say I got my study guide, but the delivery guy left it in the rain!

14:36
Mickey Mouse
booo delivery!

14:36
Mickey Mouse
That deserves a refund

14:36
Mickey Mouse
@. - oh no, that's bad of them!

14:38
Mickey Mouse
Good morning all!!!

14:38
Mickey Mouse
Hi .

14:38
Mickey Mouse
Morning .

14:38
Mickey Mouse


14:39
Mickey Mouse
Hi guys

14:39
Mickey Mouse
Good morning Mike and Donald

14:39
Mickey Mouse
Hello Aramis, Minnie

14:39
Mickey Mouse
Chara

14:40
Mickey Mouse
@Huey... yes, Minnie does deserve another gold star. I need her to organize my life. lol

14:40
Mickey Mouse
G-Day all!

14:40
Mickey Mouse
LOL @Chip

14:41
Mickey Mouse
@Minnie great notes section in forum; Could you add http://securityweekly.com/ to you list of podcast.

14:41
Mickey Mouse
And we're off !

14:41
Mickey Mouse
yeah

14:42
Mickey Mouse
Give away few more books

14:42
Mickey Mouse
Sure I could use a hardcopy.

14:43
Mickey Mouse
Anybody has a soft copy?

14:44
Mickey Mouse
90% of crap pre-loaded on most phones.

14:44
Mickey Mouse
amazon is the cheapest ebook at 28

14:44
Mickey Mouse
@. Even if they did you'd still be expected to purchase your own legal copy - ethics and all that

14:44
Mickey Mouse
but my friend bough the google play version and it works better on android tablets

14:44
Mickey Mouse
*bought

14:44
Mickey Mouse
I love my Monday morning spam, this time an "invoice" for $75 USD to submit our site to search engines, saying to go to their "secure payment" site (with an http://).

14:45
Mickey Mouse
Lol Minnie

14:45
Mickey Mouse
yeah sorry about that Duey... I sent you the wrong details... it's actually $150 and i need to get you new accoutn numbers

14:46
Mickey Mouse
I love Rootkits

14:47
Mickey Mouse
They're harvesting my ARIN data, even better is when I get spam on my abuse e-mail address.

14:48
Mickey Mouse
Here's Duey, on his Chromebox again, asking what a virus is.

14:49
Mickey Mouse
EXE

14:49
Mickey Mouse
it's something that written mainly for Microsoft products @Duey

14:49
Mickey Mouse
@Duey - It's called Google

14:49
Mickey Mouse
@Duey - Sorry I suppose that's more spyware

14:49
Mickey Mouse
Yeah, sometimes the Chrome OS builds cause problems.

14:50
Mickey Mouse
Althought... mac is coming up... and while there are a lot of viruses on linux... they are much more difficult to implement... especially with SELinux

14:50
Mickey Mouse
Question: Is there a virus taxonomy tree Donald recommends to look at?

14:50
Mickey Mouse
Good question

14:50
Mickey Mouse
^^

14:51
Mickey Mouse
Morning all!

14:51
Mickey Mouse
Hi Goofy

14:51
Mickey Mouse
Good morning Goofy

14:51
Mickey Mouse
Aha - http://ictvonline.org/virustaxonomy.asp

14:51
Mickey Mouse
Hi Goofy, Chip

14:51
Mickey Mouse
I saw somebody wearing gloves while using the system!!!

14:51
Mickey Mouse
IGNORE

14:51
Mickey Mouse
I forgot to specify computer viruses

14:52
Mickey Mouse
lol wrong type of virus

14:52
Mickey Mouse
Thanks Minnie!

14:52
Mickey Mouse
and yes thanks

14:52
Mickey Mouse
I recently dropped down to a single monitor... I'm really missing that second/third screen

14:52
Mickey Mouse
just got the SMS \o/

14:52
Mickey Mouse
This one: http://www.omnisecu.com/security/types-of-computer-viruses.php

14:52
Mickey Mouse
Hey Aramis : )

14:53
Mickey Mouse
Thanks Captain my captain

14:56
Mickey Mouse
Internet storm center

14:56
Mickey Mouse
https://isc.sans.edu/infocon.html

14:56
Mickey Mouse
Almost 15 years ago with Code Red.

14:58
Mickey Mouse
I remember battling CodeRed when I was an IT guy

14:58
Mickey Mouse
run amuck

14:58
Mickey Mouse
Yup, me too, was up all night on that one.

14:59
Mickey Mouse
indeed

14:59
Mickey Mouse
Does ransomeware fall under the rubric of malware

14:59
Mickey Mouse
Took our servers down for two days, we had to disconnect everything.

14:59
Mickey Mouse
http://www.caida.org/research/security/code-red/code-red-large.png

14:59
Mickey Mouse
Kind of relevant in case anyone doesn't already know this resource: http://map.ipviking.com/

14:59
Mickey Mouse
He mentioned map which reminded me

15:00
Mickey Mouse
@Mike P thanks , scary map

15:00
Mickey Mouse
That was the site I was looking for Mike!

15:00
Mickey Mouse
@Minnie , I love that map

15:01
Mickey Mouse
I think that I may have made my wife mad.

15:01
Mickey Mouse
Drop the bomb and rename setup.exe. Oh you want it so bad. Here you go!

15:02
Mickey Mouse
The art of Obfuscation

15:03
Mickey Mouse
Uh oh, Athos.

15:04
Mickey Mouse
@Athos hope it's short-lived

15:05
Mickey Mouse
Ut oh, warning the wife!

15:05
Mickey Mouse
LOL

15:05
Mickey Mouse
Or allow Ping packet outbound, get information out of an organisation by pinging an address you cotrol

15:05
Mickey Mouse
yeah.... i can't think of anything... and she is 7 months pregnant so... maybe it's jsut going to be a bad day

15:05
Mickey Mouse
Never good to vex a woman lol

15:05
Mickey Mouse
Especially a pregnant one!

15:05
Mickey Mouse
ha ha ha Minnie

15:06
Mickey Mouse
very true

15:06
Mickey Mouse
I would 2nd that

15:06
Mickey Mouse
or when she's ovulating. lol

15:06
Mickey Mouse
lol

15:07
Mickey Mouse
LMAO!

15:07
Mickey Mouse
ovulation virus.

15:07
Mickey Mouse
ha ha ha ha

15:08
Mickey Mouse
I wonder what things we could say in the chat to make either mike or Donald lose it

15:08
Mickey Mouse
@Will that would be awesome!

15:08
Mickey Mouse
@Athos, if this is her first baby, make sure you don't vex her while she's in labor, it won't be pretty.

15:08
Mickey Mouse
I don't think I want to get on Donald's badside

15:08
Mickey Mouse
LMAO!

15:09
Mickey Mouse
@Chip... it's the 4th... i'm a veteran at this point

15:09
Mickey Mouse
so pretty much just sit in the corner and don't say anything but yes dear

15:09
Mickey Mouse
i know everything is my fault

15:09
Mickey Mouse
ahhhhh good lol

15:09
Mickey Mouse
exactly

15:09
Mickey Mouse
Could run for the hills

15:10
Mickey Mouse
It is a UK company, that manages for what is listed as "Sony" for the IP of "Better Call Saul"?

15:11
Mickey Mouse
lol

15:11
Mickey Mouse
I received an abuse notice for one of our customers.

15:11
Mickey Mouse
lol @ Chip sit in corner comment

15:14
Mickey Mouse
: )

15:14
Mickey Mouse
38 mostly Chinese spams caught in the filter for my abuse desk reporting....

15:15
Mickey Mouse
Including one from "Microsoft Corporation" with an address of micro4@aol.com

15:15
Mickey Mouse
@Dave funny

15:16
Mickey Mouse
If anyone is interested in my presentation after it given, I can email you guys a copy.

15:16
Mickey Mouse
too funny, Duey

15:16
Mickey Mouse
Sure

15:16
Mickey Mouse
That would be great, Goofy

15:16
Mickey Mouse
It will be after 4/11.

15:17
Mickey Mouse
Macros disabled I assume Goofy

15:17
Mickey Mouse
Would be ironic if you infected everyone on the CEH chatroom

15:17
Mickey Mouse
this just broke guys : http://rt.com/usa/245273-nsa-headquarters-shots-fired/

15:18
Mickey Mouse
A crafted URL can do that.

15:18
Mickey Mouse
Good list worth subscribing to https://www.us-cert.gov/ncas/bulletins/SB15-089

15:18
Mickey Mouse
@thanks Goofy reading now

15:19
Mickey Mouse
@Goofy I missed what your presentation is on?

15:19
Mickey Mouse
Damn power glitch.

15:19
Mickey Mouse
Captain my captain - https://www.youtube.com/watch?v=v6GnX3ZhuAg

15:19
Mickey Mouse
@Aladdin The CV list can become bloated and overwhelmed. That is one of the reasons why I don't subscribe.

15:20
Mickey Mouse
@Minnie Global Surveillance.

15:20
Mickey Mouse
So someone is able to get a helicopter (or drone) close to the NSA for news footage?

15:20
Mickey Mouse
I agree , that list is just what been added in the last week

15:20
Mickey Mouse
@Goofy in which case I'd be interested too

15:20
Mickey Mouse
I remember Klez, ran rampant in my Dorm in college

15:21
Mickey Mouse
@Mike P - nice one

15:21
Mickey Mouse
I'll email it not posted in social media. Too crazy

15:21
Mickey Mouse
I think the presenters miss a lot of the links we are giving them

15:21
Mickey Mouse
Awesome stuff @Captain my captain

15:22
Mickey Mouse
@ Donald yes pretty cool!

15:22
Mickey Mouse
I love that link! I Shared that!

15:22
Mickey Mouse
@Mike P perhaps a slight time lag

15:22
Mickey Mouse
I ran one ip viking at work on a dedicated screen when I was there.

15:22
Mickey Mouse
ipviking

15:23
Mickey Mouse
I rememember a little about Klez too Scott, but Code Red was much worse for me.

15:23
Mickey Mouse
Call me crazy but I have a #NSA feed in my tweekdeck. That's how I know what is going down.

15:24
Mickey Mouse
His name is Giorgi or something like that.

15:24
Mickey Mouse
That dude looks like a Kazon!

15:25
Mickey Mouse
Hey @Donald: You'll love this! https://scontent-atl.xx.fbcdn.net/hphotos-prn2/v/t1.0-9/536214_10200974108464860_1459185104_n.jpg?oh=206f914830fef8ea910beac855546d9c&oe=5570D61B

15:25
Mickey Mouse
its a fb photo, sorry

15:25
Mickey Mouse
LOL

15:27
Mickey Mouse
Ancient alien dude that looks like a Kazon. http://www.imdb.com/name/nm2435429/?ref_=ttfc_fc_cl_t2

15:27
Mickey Mouse
How do you change you picture in the chat window?

15:28
Mickey Mouse
You have goto Gravatar and change it there. Refresh the chatroom here.

15:28
Mickey Mouse
Gravatar.com

15:29
Mickey Mouse
Thanks

15:29
Mickey Mouse
Your PC is stone

15:29
Mickey Mouse
The ones that would delete an MFM hard drive.

15:30
Mickey Mouse
fish virus plays ping-pong in your bios.

15:30
Mickey Mouse
For anyone who missed the link I'm updating with URLs: http://bit.ly/itpro-ceh-links resolves to https://forums.itpro.tv/topic/353/ceh-useful-links

15:31
Mickey Mouse
Viruses were even before Internet, and started with BBS and diskette trades.

15:32
Mickey Mouse
In my time there were couriers that sported warez including viruses for sale or trade.

15:32
Mickey Mouse
Lotus 123

15:32
Mickey Mouse
Thanks so much, Minnie

15:33
Mickey Mouse
VBA - YUK!

15:34
Mickey Mouse
Anti-virus software started coming out in 1987.

15:34
Mickey Mouse
vba is extremely helpful in the business work though Mike

15:34
Mickey Mouse
Goofy Ortega, didn't you take the CEH test this past weekend?

15:35
Mickey Mouse
I'm sure it is Athos. It's just yuk though

15:35
Mickey Mouse
sql website injections?

15:37
Mickey Mouse
@Fab. I wish...   I don't have $600 laying around.

15:37
Mickey Mouse
600 ouch

15:37
Mickey Mouse
ok, it was someone that did I don't remember.

15:37
Mickey Mouse
Porthos

15:37
Mickey Mouse
ok

15:38
Mickey Mouse
is Porthos today here?

15:38
Mickey Mouse
@Porthos? He was in this chatroom?

15:38
Mickey Mouse
It takes about 6 months for virus defs to be updated

15:38
Mickey Mouse
@Donald Is a shell virus the same as an armoured virus?

15:38
Mickey Mouse
I mena if you are prepared... considering how you easily it makes it for you to get a security job ... 600 is not thatm uch

15:39
Mickey Mouse
Anyone know of free testing online

15:39
Mickey Mouse
@Athos true short sighted of me

15:39
Mickey Mouse
QUESTION: Is a shell virus the same as an armoured virus? I'm unclear of difference ebtween stealth and these

15:40
Mickey Mouse
yes you can pay someone to write a good one for you.

15:40
Mickey Mouse
I got some from torrents lol

15:41
Mickey Mouse
^^ cant read that... looks obfuscated :d

15:41
Mickey Mouse


15:41
Mickey Mouse
Please check Minnie's Question above

15:41
Mickey Mouse
i got a copy of Windows ME. Does that count

15:42
Mickey Mouse
@Aramis yes that counts ME stands for mistake edition

15:42
Mickey Mouse
Stuxnet

15:44
Mickey Mouse
lol

15:44
Mickey Mouse
Thanks @Donald and @Athos

15:45
Mickey Mouse
Michelangelo had to wait centuries for a virus to be named after him.

15:45
Mickey Mouse
looks like we are down to the peoploe that really want to learn this stuff. I noticed there are less people in the chat

15:45
Mickey Mouse
Regin is another one.

15:46
Mickey Mouse
Winlove?

15:46
Mickey Mouse
I'm here, just at work, so much less involved in chat. Guess my chances at a book have gone down this week

15:46
Mickey Mouse
The best stuxnet book I've read: http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X/ref=sr_1_1?ie=UTF8&qid=1427726761&sr=8-1&keywords=stuxnet

15:46
Mickey Mouse
@Goofy SteveG was SO impressed with the elegance of regin wasn't he?

15:46
Mickey Mouse
I meant total users. The scroll bar is much larger indicating fewer participants

15:47
Mickey Mouse
@Minnie. He was and Regin was entire OS and packed with encryption.

15:47
Mickey Mouse
@Goofy *nods*

15:48
Mickey Mouse
Good overview of REgin: https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf

15:48
Mickey Mouse
It's so sophisticated, it's no joke.

15:48
Mickey Mouse
Virginia Tech says that 70% of the virus are created by governments

15:48
Mickey Mouse
@. thanks

15:48
Mickey Mouse
Mainly btw China, Russia, Israel and USA

15:49
Mickey Mouse
Awesome @..

15:50
Mickey Mouse
@. I wouldn't doubt it.

15:50
Mickey Mouse
No internet background noise.

15:50
Mickey Mouse
did i miss anything in the past minute. My router jsut reset itself

15:50
Mickey Mouse
@D'artagan I believe it

15:51
Mickey Mouse
wow

15:51
Mickey Mouse
This one is fun

15:51
Mickey Mouse
It's a run away train. Exponential growth.

15:51
Mickey Mouse
http://map.ipviking.com/#

15:51
Mickey Mouse
That's amazing

15:52
Mickey Mouse
wow

15:52
Mickey Mouse
@. could you post that link please

15:52
Mickey Mouse
http://www.caida.org/publications/papers/2003/sapphire/sapphire.html

15:52
Mickey Mouse
I want the penny

15:52
Mickey Mouse
wow, didn't know sqlslammer hit so fast

15:52
Mickey Mouse
I do though think back in the early days, people didn't realise the risks. Most connected their modem directly to the internet, no virus protection, or firewall.

15:52
Mickey Mouse
Thanks Minnie

15:54
Mickey Mouse
cripes nope

15:55
Mickey Mouse
although I think we're all off to become hermits anyway after some of the stuff you've shown us

15:57
Mickey Mouse
lol Donald... wow

15:57
Mickey Mouse
No matter how well you protect yourself. If a hacker wants you bad enough, they will get you.

15:57
Mickey Mouse
LOL

15:57
Mickey Mouse
LOL

15:57
Mickey Mouse
Yep@Goofy

15:57
Mickey Mouse
Thanks guys. Gotta shoot now, actually doing some MS SQL security checking and need to focus on that. Will catch the rerun tomorrow

15:58
Mickey Mouse
@. Chow dude... Enjoy

15:58
Mickey Mouse
@Donald what other subjects are you covering today?

15:58
Mickey Mouse
@Donald - Can you talk some time off time about being a forensic investigator vs Pen Tester

15:58
Mickey Mouse
@Donald - whats the Favorite AV ( best in your exp ) for home use and same question for Corp...

15:58
Mickey Mouse
Actually very quickly. Any news on the labs yet?

15:58
Mickey Mouse
Does having a trojan stop you getting a virus?

15:58
Mickey Mouse
@Captain my captain- Definitely!

15:59
Mickey Mouse
@R - Not at all. If anything might make it easier to get one

15:59
Mickey Mouse
@PT - good question

16:00
Mickey Mouse
Trojan tells his friends to come on over.

16:00
Mickey Mouse
I like GFI/Vipre

16:00
Mickey Mouse
That was a brand reference...

16:01
Mickey Mouse
https://www.skillset.com/certifications

16:01
Mickey Mouse
I'm using Vipre.. seems to block what it needs to. But a little difficult to manage

16:01
Mickey Mouse
That will give you a 2150 question practice test

16:01
Mickey Mouse
*250

16:01
Mickey Mouse
it also has a few others

16:02
Mickey Mouse
The only caveat is that https://www.skillset.com/certifications requires a free account

16:03
Mickey Mouse
:@R. I've been using it for years, at home. I don't have too many issues myself. But I put it on my mother's pc and to help her often

16:03
Mickey Mouse
great site, thanks Athos S.

16:04
Mickey Mouse
Thanks Athos

16:04
Mickey Mouse
Pentester = fun and Forensic = tedious?

16:04
Mickey Mouse
@Porthos Medina, did you take the CEH test?

16:05
Mickey Mouse
Pentester=before something bad happens. Forensic = after something bad happens. hehe

16:06
Mickey Mouse
@Louie I hate log checking hence my saying tedious

16:06
Mickey Mouse
agreed^

16:06
Mickey Mouse
@Minnie, yes tedious. I know someone who is a forensic investigator with the fbi

16:06
Mickey Mouse
I had a lawyer ask me to do forensics.

16:06
Mickey Mouse
@D'artagan, yes I did take the Exam, I will be retaking it.

16:07
Mickey Mouse
so, was it very difficult in your opinion?

16:07
Mickey Mouse
yeah logs = horrible

16:07
Mickey Mouse
can't stand it

16:08
Mickey Mouse
@D'artagan, yes it was difficult, but after taking it I feel like my study material did not prepare me enough for the Exam

16:08
Mickey Mouse
initersting..thank you.

16:09
Mickey Mouse
ha,... i jsut took a 10 question quickie exam... i got 3 of 10

16:10
Mickey Mouse
ouch

16:10
Mickey Mouse
<--- organised but still not sure about forensics, need to learn more to make a decision I guess

16:10
Mickey Mouse
@Porthos sorry it didn't go as hoped. What material did you use to prep beforehand?

16:11
Mickey Mouse
LOL @Donald @Captain my captain

16:11
Mickey Mouse
so, forensics is the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications and storage devices in a way that is admissible as evidence in a court of law.

16:12
Mickey Mouse
@Minnie, I used the AIO written by Matt Walker, and some random CEH Exam prep apps.

16:12
Mickey Mouse
I also took the EC-Council Course

16:12
Mickey Mouse
I know Captain my captain. I said that I need Minnie to organize my life.

16:12
Mickey Mouse
@Porthos thanks for sharing

16:13
Mickey Mouse
@Chip LOL

16:13
Mickey Mouse
: D

16:14
Mickey Mouse
@Minnie, I am now trying out the Boson Sim for CEH, and I can say I feel better about using this tool. All the questions so far are nearly identical to the Exam I took.

16:15
Mickey Mouse
@Porthos Boson makes some good stuff

16:15
Mickey Mouse
@Porthos thanks

16:16
Mickey Mouse
Anyone remember game.exe back in the day? Used to fullscreen and show you "Your Harddrive" being deleted, (but it was just a vid)

16:17
Mickey Mouse
Yes @Scott I remember that. I got my dad with that!

16:17
Mickey Mouse
<- really hope the links I've posted are the correct ones. Please can everyone use https://www.virustotal.com/ as well for anything I've linked to

16:18
Mickey Mouse
yeah i loved the one that said it was deleting c:\windows whether you clicked on yes or no

16:18
Mickey Mouse
It is a good verification

16:18
Mickey Mouse
@Captain my captain good tip

16:18
Mickey Mouse
mimikatz

16:18
Mickey Mouse
that was a bane of my antiviurs for awhile

16:19
Mickey Mouse
@Captain my captain - now we know where to put our viruses when someone gets in to your system

16:19
Mickey Mouse
finding security tools on a normal joe workstation might be a good redflag indicator of insider threat

16:19
Mickey Mouse
Cain & Able used to always gets killed on my systems

16:20
Mickey Mouse
Unless they are moonlighting.

16:20
Mickey Mouse
cool

16:20
Mickey Mouse
@LouieG yup

16:21
Mickey Mouse
@Louie yes and some users want to know why they can't install stuff.

16:22
Mickey Mouse
Shannon Morse does tutorials on netcat

16:27
Mickey Mouse
yeah... i know people are gonna hate me but I just run windows defender, malwarebytes, and spybot

16:28
Mickey Mouse
+1 for spybot

16:28
Mickey Mouse
AAAANDDD since I don't go to bad sites and whatnot... I haven't got anything

16:28
Mickey Mouse
I hate flash

16:28
Mickey Mouse
I use spybot and malware bytes, also

16:29
Mickey Mouse
javascript loads in ads and you get infected

16:29
Mickey Mouse
LMAO!!!!

16:29
Mickey Mouse
this one is getting edited

16:29
Mickey Mouse
+1 for spybot and malwarebytes

16:29
Mickey Mouse
lol Athos

16:29
Mickey Mouse
You can get infected going to yahoo

16:30
Mickey Mouse
wow... good point Donald I never thought of that.

16:30
Mickey Mouse
It's the ad networks that these sites carry

16:30
Mickey Mouse
lol

16:31
Mickey Mouse
did they speak about rootkit viruses? I came in 20 min late.

16:31
Mickey Mouse
there was a site that was out there - that showed all your available $VARS$ - or %VARS% being presented to a browser Can't remember it though...

16:32
Mickey Mouse
not yet D'artagan

16:32
Mickey Mouse
ok

16:32
Mickey Mouse
thanks @Chip

16:32
Mickey Mouse
they only referenced it as being under the rubric of malware

16:33
Mickey Mouse
http switchboard is what I use in chrome

16:33
Mickey Mouse
ok

16:34
Mickey Mouse
rootkit!

16:35
Mickey Mouse
Enjoy guys

16:35
Mickey Mouse
Righto - see you all later

16:35
Mickey Mouse
ESET

16:36
Mickey Mouse
webroot

16:36
Mickey Mouse
Thanks guys enjoy lunch

16:36
Mickey Mouse
ESet if you can pay if not then Defender

16:36
Mickey Mouse
Microsoft Security Essentials

16:36
Mickey Mouse
agreed @Goofy

16:36
Mickey Mouse
windows 7 I run defender

16:36
Mickey Mouse
what are you thoughts on whitelisting vs AV? seems like whitelisting is the way we are all going to have to go

16:37
Mickey Mouse
on windows 8+ though... you need a good antivirus

16:37
Mickey Mouse
how certain can we be that AV companies don't create viruses?

16:37
Mickey Mouse
it's their business after all

16:37
Mickey Mouse
@Donald... like Donald said... he got infrected at USA todya

16:38
Mickey Mouse
so i doubt whitelisting is a viable a option at this point

16:38
Mickey Mouse
Gotta go guys. Be back soon. chow everyone.

16:38
Mickey Mouse
Are you guys watching nextgen hacker?

16:39
Mickey Mouse
yep

16:39
Mickey Mouse
yes

16:40
Mickey Mouse
LOL

16:40
Mickey Mouse
i'm watching the video now

16:40
Mickey Mouse
HAHA thats funny..

16:40
Mickey Mouse
Off to eat AFK

16:41
Mickey Mouse
wow only 10 people visit Google at any particular time... thats good they dont need very many resources then.

16:46
Mickey Mouse
lol @nextgen no words. *groan*

16:59
Mickey Mouse
I'm curious if he is an epic troll... or really thinks that

17:05
Mickey Mouse
Hello everyone!

17:05
Mickey Mouse
welcome.

17:19
Mickey Mouse
I'm enjoying my Nexus 6 Nate, six months of Google Play Music and ad-free music videos on YouTube.

18:15
Mickey Mouse
nice Duey. i debated between that and my Note 4. I ended up with the Note, but that Nexus sure is sweet.

18:17
Mickey Mouse
Well, the Nexus 6 is big (model number being the size of the screen), but it has over 3.5 million pixels & two front-facing speakers.

18:18
Mickey Mouse
I still need to get a case to carry it on my person better.

18:18
Mickey Mouse
And I'm still getting used to Lollipop 5.1

18:19
Mickey Mouse
What is this I walk into. Yeah @Dave and his new phone. @Minnie thanks for the skillset site. Can't get off of it.

18:19
Mickey Mouse
I'm still waiting the release of Lillipop from Verizon for the Note 4

18:21
Mickey Mouse
They (Verizon) were certainly slow about releasing the Nexus 6, I wonder if it was related to having Lollipop 5.1 first.

18:27
Mickey Mouse
interesting article: Github still battling largest Denial of service http://www.pcmag.com/article2/0,2817,2479236,00.asp

18:28
Mickey Mouse
@Dave wifi charging on the 6?

18:28
Mickey Mouse
@Goofy thank Athos Saunders for that one

18:28
Mickey Mouse
Ah stand corrected. Thanks @Will

18:32
Mickey Mouse
@Goofy: Yes, of course I only have the connected chargers so far.

18:33
Mickey Mouse
That was the main problem of my RAZR M before I was upgraded, the battery started losing the charge quickly.

18:33
Mickey Mouse
Which one qi or powermat?

18:33
Mickey Mouse
I'd assume qi.

18:33
Mickey Mouse
Hi all

18:33
Mickey Mouse
ATT does powermat.

18:34
Mickey Mouse
I have a per-cup coffee machine on my desk

18:34
Mickey Mouse
I'd have to look it up.

18:34
Mickey Mouse
Looked at my edge plan. I'd need to up front $123 to get it today. Not gonna do it right now. I have medical bills to pay... sigh...

18:36
Mickey Mouse
Is it rootkits and APTs next?

18:36
Mickey Mouse
I believe so @Minnie

18:37
Mickey Mouse
Thanks everyone for the page hits & post reaches. It's much appreciated.

18:37
Mickey Mouse
yeeee haaawww

18:39
Mickey Mouse
Looks like it is Qi Goofy.

18:39
Mickey Mouse
Sweet. I have 2 qi chargers.

18:40
Mickey Mouse
I know that VZ uses qi but ATT uses powermat. To competing standards.

18:40
Mickey Mouse
I'm back. thanks for waiting on me guys

18:40
Mickey Mouse
@Captain my captain well some of us are

18:40
Mickey Mouse
Although there seems to be a number of posts that talk about wireless charging problems.

18:40
Mickey Mouse
We need to talk about Regin too.

18:40
Mickey Mouse
I use qi on nexus 7 works nicely

18:41
Mickey Mouse
Same here @Aramis.

18:41
Mickey Mouse
@Minnie: Hi, good weekend? feel like back in school, but did you take notes today? haha

18:41
Mickey Mouse
@Minnie: I was logged in but only got to see part of it. Seemed very good too

18:41
Mickey Mouse
Cool Goofy

18:41
Mickey Mouse
My wifey has a qi charger for S5.

18:42
Mickey Mouse
@Jiminy I always take notes

18:42
Mickey Mouse
I had to buy a special battery cover for her s5 to work. I also have a spare. Set me back $70 on Amazon.

18:43
Mickey Mouse
Gangsta Donald LOL

18:43
Mickey Mouse
@Minnie: Great! I was really annoyed all day because i was missing good stuff

18:44
Mickey Mouse
lol

18:44
Mickey Mouse
Neo, the Matrix

18:44
Mickey Mouse
hacker

18:45
Mickey Mouse
Thank goodness for Minnie. Now I can catch what I missed when I kept having power issues this morning.

18:45
Mickey Mouse
I'm getting the impression you guys want me to share my notes...

18:45
Mickey Mouse
She's awesome like that.

18:46
Mickey Mouse
@Minnie: nah, we'll shoulder surf ya

18:47
Mickey Mouse
ha ha ha Jiminy

18:47
Mickey Mouse
@Minnie: to be honest... I stopped trying to keep up in a digital format because your... is jsut so good so... kinda would like you to continue sharing. You're one of my favorites right now

18:47
Mickey Mouse
Thanks all, will do

18:48
Mickey Mouse
@Athos +1 yep

18:48
Mickey Mouse
She has everything organized and nicely laid out.

18:48
Mickey Mouse
Thanks Minnie!

18:48
Mickey Mouse
forget it reformat it.

18:49
Mickey Mouse
talking firmware then?

18:49
Mickey Mouse
Fist to heart, genuflects toward Mihala*

18:50
Mickey Mouse
If there is a rootkit in the firmware there is nothing you can do I believe

18:50
Mickey Mouse
@Chip I had to look up the word 'genuflect' - thanks for new word of the day

18:50
Mickey Mouse
you're welks

18:51
Mickey Mouse
Well like the hard drive exploits that the NSA does. they are firmware and can't be removed.

18:52
Mickey Mouse
They can't really be detected either

18:53
Mickey Mouse
Not even a secure erase can't get rid of it either.

18:53
Mickey Mouse
but a firmware flash can

18:53
Mickey Mouse
scan from a boot cd

18:54
Mickey Mouse
Can you ever really be sure its gone?

18:54
Mickey Mouse
Only way to get into a hardware at way... You have to jtag it .

18:54
Mickey Mouse
Provided that the jtag port is enabled.

18:55
Mickey Mouse
@Goofy: yes... it's called a burner laptop

18:55
Mickey Mouse
i restore from a clean image

18:55
Mickey Mouse
@Goofy: jtag?

18:55
Mickey Mouse
I believe with the hard drive firmware rootkits, they hide themselves from a firmware flash as well

18:55
Mickey Mouse
erm *@Jiminy

18:55
Mickey Mouse
@Minnie... JTAG is mor on the electronics side of things. reprogram it from above

18:55
Mickey Mouse
@Minnie. jtag is hardware level. Very complicated. You have to solder a serial port onto the controller board.

18:56
Mickey Mouse
@Athos and Goofy - thanks. Beyond me then

18:56
Mickey Mouse
look up JTAG xbox 36o or JTAG for android devices

18:57
Mickey Mouse
If my eyesight didn't suck. I'd so play with all of that stuff.

18:57
Mickey Mouse
We found Minnie's weak spot... it really does exist

18:57
Mickey Mouse
@Athos and cryptography

18:57
Mickey Mouse
@Willian: lol

18:57
Mickey Mouse
virtual environment could be a solution for that

18:58
Mickey Mouse
like VMWare View

18:58
Mickey Mouse
meh... cryptography is one of those things one a select few people are at that level

18:58
Mickey Mouse
virtual desktop machines

18:58
Mickey Mouse
FLOCON2015 is available now

18:59
Mickey Mouse
Wow. Hostgator got hacked by SEA. http://thehackernews.com/2015/03/website-hosting-services.html

19:00
Mickey Mouse
wow.... that is interesting

19:00
Mickey Mouse
interesting thanks Goofy

19:01
Mickey Mouse
Your welcome

19:01
Mickey Mouse
So was the general public first made aware of rootkits, because of Sony?

19:01
Mickey Mouse
Question: How many popular port numbers for trojans/virus are covered in the exam? Are they ??

19:03
Mickey Mouse
malware is like cancer.

19:03
Mickey Mouse
We had a raw, open Internet connection for R&D in college. Computer was hacked before you'd sit down!

19:04
Mickey Mouse
HA

19:04
Mickey Mouse
cripes

19:04
Mickey Mouse
@Chip Rootkits have been around before the Sony goof

19:04
Mickey Mouse
I know, I meant the general public's knowledge of them

19:04
Mickey Mouse
Also the general public still has no clue

19:05
Mickey Mouse
combofix has been my tool against rootkit

19:07
Mickey Mouse
Its hard to get companies to pay for decent equipment to run multi tools & programs on thier systems

19:07
Mickey Mouse
is done in medicine all the time

19:07
Mickey Mouse
I agree with Athos, the general public may not even be aware of them even now

19:07
Mickey Mouse
they grab a virus modify the dna code and release another one to attack the bad virus

19:08
Mickey Mouse
Not all the time, seen and heard too much to hope medicine is safe

19:08
Mickey Mouse
I didn't know about rootkits until I started looking into getting a CEH/ wroking with backtrack 5

19:08
Mickey Mouse
Thanks guys have a good night all!

19:09
Mickey Mouse
you leaving us Aramis?

19:09
Mickey Mouse
I agree Jiminy it is not important until something happens

19:09
Mickey Mouse
netstat -an > PORTS_ON.txt | egrep -iv KNOWN_PORTS.txt ( or something similar - I'm not a script nija ) Basic Idea is a quick review of running services that are NOT familiar.

19:09
Mickey Mouse
Night Aramis

19:09
Mickey Mouse
are we done for today??

19:09
Mickey Mouse
Yes unfortunately work is getting in the way how dare they! LOL

19:09
Mickey Mouse
black-ice ??

19:09
Mickey Mouse
whew.. .blac ice... that takes me back

19:09
Mickey Mouse
I think Sony got payback tho

19:09
Mickey Mouse
Night Minnie!

19:10
Mickey Mouse
LOL @Jiminy

19:11
Mickey Mouse
Yeah, early DSL modems were just bridged.

19:11
Mickey Mouse
my public IP is 192.168.1.1 Scan away people

19:11
Mickey Mouse


19:11
Mickey Mouse
where did SLAM.exe ever go? The Gui to SLAM a port close?

19:12
Mickey Mouse
or strikeback

19:12
Mickey Mouse
that's my ip

19:12
Mickey Mouse
My old memories are flooding back.....

19:13
Mickey Mouse
I think it is outlawed now to use it

19:14
Mickey Mouse
a lot of my friends don't know what a Desktop is, never mind a rootkit lol

19:16
Mickey Mouse
@Donald - will you be discussing BOGON_filtering at all? Do they - or can they play in CEH?

19:17
Mickey Mouse
@Louie: I just scanned your IP. Your system is riddled with infections...oh wait...thats mine!

19:18
Mickey Mouse
I see you are connected to me - Get Out Get Out --- ROFL

19:19
Mickey Mouse
.

19:21
Mickey Mouse
@Louie: I tried to BSOD you, now I need to reinstall

19:21
Mickey Mouse
Soon I'll be rejoining the work force - I hope they are secure or I foresee many hours of unpaid OT staring at me.... I hope I will have ONE focus verses the "multi-tasking" clause or doing 110 jobs at a time....

19:21
Mickey Mouse
So, does CEH also include recommendations that we can use to harden our networks?

19:23
Mickey Mouse
@Louie I didn't know there were jobs where you were not working on 110 tasks at the same time

19:23
Mickey Mouse
Honey due list. brb in a few.

19:23
Mickey Mouse
Just take everything we learn here and reverse it. How do you protect against what we are doing in a pen test.

19:24
Mickey Mouse
Good grief, Jiminy

19:26
Mickey Mouse
you guys should look into how to protect windows servers from IPv6 flodding

19:26
Mickey Mouse
Just updated for this chapter: https://bitly.com/itpro-ceh-links

19:26
Mickey Mouse
There is an interesting exploit that make the server bsod simply from 1 bad IPv6 packet

19:27
Mickey Mouse
Thanks Minnie

19:27
Mickey Mouse
Thanks Minnie

19:27
Mickey Mouse
Nice work Minnie!

19:29
Mickey Mouse
@Jeff - one can only have dreams.... @Minnie - Way to Go !

19:31
Mickey Mouse
hmmm fun fact... the AR9285 doesn't work out of the box with aircrack on lubuntu... .but it does with kali....

19:31
Mickey Mouse
troubleshooting complete, I'm back!

19:31
Mickey Mouse
for 30 minutes until i go home

19:32
Mickey Mouse
I feel like I'm going to be watching this whole week's show on tape

19:32
Mickey Mouse
A waitress told me the other day that I drink more water then a fish.

19:32
Mickey Mouse
I dont eat seafood..... everyday

19:33
Mickey Mouse
@Huey... just tell them it's a known issue and close their ticket

19:33
Mickey Mouse


19:33
Mickey Mouse
haha, I wish I could use that as an excuse

19:33
Mickey Mouse
Time for a Bambi Burger

19:34
Mickey Mouse
ROFL, Bambi...did you see the SNL spoof with the Rock as Bambi?

19:34
Mickey Mouse
I like Jim Gaffigan's bit about seafood. He said, I'd like fish, if it didn't taste like fish.

19:34
Mickey Mouse
Venison, yeah buddy!!

19:34
Mickey Mouse
LOL

19:34
Mickey Mouse
Only fine?

19:35
Mickey Mouse
My dogs wanna go sniffing.

19:35
Mickey Mouse
affects confidentiality

19:35
Mickey Mouse
I'm disappointed Huey. I really want to watch that Bambi movie

19:37
Mickey Mouse
Wireshark, NetWitness

19:37
Mickey Mouse
Not only the sniffing but it's down to packet analyzers.

19:37
Mickey Mouse
ntop

19:38
Mickey Mouse
I haven't played with Netwitness in a long time.

19:38
Mickey Mouse
wikipedia.org/Promiscuous_mode list quite a few

19:39
Mickey Mouse
gonna take a walk with the wife.... Minnie I'm trusing you

19:39
Mickey Mouse
Eek!

19:39
Mickey Mouse
Enjoy your walk

19:40
Mickey Mouse
Good Luck dude.

19:40
Mickey Mouse
LOL

19:41
Mickey Mouse
Monitor mode

19:41
Mickey Mouse
Or a switch able to do port mirroring?

19:42
Mickey Mouse
Need both @Duey

19:42
Mickey Mouse
If want to see much more than your own traffic and broadcasts

19:42
Mickey Mouse
Of course when I run Wireshark I am focused on specific equipment connected to the switch.

19:43
Mickey Mouse
A bunch of ARP traffic

19:43
Mickey Mouse
I can also mirror the port for what is going to my gateway.

19:43
Mickey Mouse
true

19:44
Mickey Mouse
hubs are getting harder to find to buy

19:46
Mickey Mouse
I had a stash of them at my old job

19:46
Mickey Mouse
>.> <.<

19:46
Mickey Mouse
I think I can mirror more than one port on my main switch, but I can't recall how many at once.

19:47
Mickey Mouse
You will also only see your network traffic if your wireless router is set to AP isolation

19:48
Mickey Mouse
You can send packet captures over ssh tunnel.

19:52
Mickey Mouse
SPAN Switch Port ANalyzer

19:52
Mickey Mouse
I used these at my previous job to send traffic to IDS/IPS

19:53
Mickey Mouse
OK I'm heading home, back on in an hour, hopefully there will be more

19:53
Mickey Mouse
See you Huey

19:53
Mickey Mouse
janitor

19:53
Mickey Mouse
@Huey: later

19:54
Mickey Mouse
10 immutable laws: https://technet.microsoft.com/en-us/library/hh278941.aspx

19:54
Mickey Mouse
fire marshall, need to check the sprinkler system

19:54
Mickey Mouse
nice

19:55
Mickey Mouse
Always escort visitors in secured areas

19:55
Mickey Mouse
Help desk guys always enjoy time away from phones

19:56
Mickey Mouse
An old company I worked for the server room was a closet behind the receptionist and the door to it was always open

19:56
Mickey Mouse
Call centers are hell.

19:56
Mickey Mouse
@jeff LOL been there

19:57
Mickey Mouse
@Philip: a small box like Donalds might get away with even when accompanied

19:58
Mickey Mouse
What was that "box" they were referring to? I must have missed that.

19:58
Mickey Mouse
Minipwner

19:58
Mickey Mouse
thx

19:58
Mickey Mouse
It's on the links page: https://bitly.com/itpro-ceh-links

19:59
Mickey Mouse
A place where I use to work left the server room permenantly open as the cooling system wasn't great haha

20:00
Mickey Mouse
One job my boss did not have access to the server room

20:01
Mickey Mouse
My Chromecast just froze, rebooting it.

20:01
Mickey Mouse
Access cards are wonderful things

20:02
Mickey Mouse
latest big attack http://thenextweb.com/insider/2015/03/30/github-may-have-been-targeted-by-chinese-hackers-in-ddos-attack/

20:02
Mickey Mouse
Same here. Server was boiling. They had to jury rig an enclosure and then drape it with some kinda plastic to vent off the heat.

20:02
Mickey Mouse
lol Goofy wow

20:02
Mickey Mouse
There normally shouldn't be fire-suppression sprinklers in an equipment room anyway.

20:03
Mickey Mouse
@Goofy: haha

20:03
Mickey Mouse
Maybe halon nozzles, but is halon allowed now?

20:04
Mickey Mouse
@Duey: Nope, can't make it any more

20:04
Mickey Mouse
They had to cut through the ceiling and install a portable A/C unit in there. Still it was 80 in there. On a cold day it was like 70.

20:04
Mickey Mouse
I just turned on the A/C in my equipment room at the house yesterday, I was venting it outside when the old cooler failed.

20:05
Mickey Mouse
I keep mine at 70 degrees F.

20:05
Mickey Mouse
@Goofy: mine was East facing with windows so was only getting as the day went on lol

20:05
Mickey Mouse
Me and my Dad will need to mount the replacement unit probably next weekend.

20:05
Mickey Mouse
getting hotter *

20:06
Mickey Mouse
Tested a fob that required you to swipe your finger prior to sending the unlock code to a door sensor. Wish it had worked better than 80% of the time

20:06
Mickey Mouse
We had to empty the water drip garbage can every morning.

20:07
Mickey Mouse
It was a non profit and didn't have much money or at least wanting to spend on their equipment.

20:07
Mickey Mouse
Condensation?

20:07
Mickey Mouse
Yep. It's a funky setup.

20:07
Mickey Mouse
Years ago, I was allowed to visit one of the server rooms, they had at Camp LeJeune, Marine Base... it was really cool. Literally and figuratively.

20:07
Mickey Mouse
@Goofy: mine was a BIG money making company

20:08
Mickey Mouse
LOL @Jiminy

20:08
Mickey Mouse
I run a "swamp cooler" in the main house (New Mexico), but refrigerated air for the equipment room.

20:08
Mickey Mouse
The old cooler died from dust.

20:10
Mickey Mouse
I need to seal the room better, dust is always an issue.

20:10
Mickey Mouse
When I did network printer support at the airport they set a temp office for me in one of the server rooms. & nobody questioned me with my I.D. & shirt & tie, except going onto runway. crasy

20:11
Mickey Mouse
QUESTION: @Donald what was the name of that ether... graphical tool you mentioned? doesn't show packets

20:11
Mickey Mouse
In New Mexico water evaporates quickly enough.

20:11
Mickey Mouse
Etherape

20:11
Mickey Mouse
Thanks @Captain my captain

20:12
Mickey Mouse
Selfie sticks are banned from football grounds here in Ireland now

20:12
Mickey Mouse
It's better to use a selfie stick then using the mirror in your bathroom!

20:13
Mickey Mouse
Good morning, afternoon and evening everyone!!!!~~~~

20:13
Mickey Mouse
@Donald Exactly!!!!

20:13
Mickey Mouse
Good evening Wes

20:13
Mickey Mouse
Good afternoon, Wes

20:13
Mickey Mouse
Hey Wes!

20:13
Mickey Mouse
@Wes: haha

20:13
Mickey Mouse
I may need to reboot my Chromebox at an opportune time, I'm trying to set the Smart Lock feature.

20:14
Mickey Mouse
https://www.wireshark.org/docs/

20:16
Mickey Mouse
I use it infrequently (there isn't many issues thankfully), maybe I need to watch "normal" operation more.

20:17
Mickey Mouse
Hello Minnie, Chip, Goofy and Jiminy

20:18
Mickey Mouse
And Hello Duey!

20:18
Mickey Mouse
hello Wes! Welcome to the Matrix

20:19
Mickey Mouse
Hello to you as well D'artagan!!! and thank you sir!

20:20
Mickey Mouse
The sonicwall can detect this.

20:20
Mickey Mouse
Make sure you have permission or you will get a cold boot yourself

20:20
Mickey Mouse


20:21
Mickey Mouse
but the sniffer only capture packets that go throught the NIC installed in the computer or the entire network?

20:21
Mickey Mouse
my old admin guy used to yell at me because I found ftp passwords. Took allot of convincing that ftp passed plaintext passwords..... Oh man.....

20:21
Mickey Mouse
@D'artagan You still may be held liable

20:21
Mickey Mouse
LOL

20:22
Mickey Mouse
depends where you port out to ...

20:23
Mickey Mouse
thank you

20:25
Mickey Mouse
what if they are in a different VLAN

20:25
Mickey Mouse
port scan

20:25
Mickey Mouse
syn flood?

20:25
Mickey Mouse
is that the -sS one?

20:25
Mickey Mouse
refusing ack back to establish connection

20:26
Mickey Mouse
wwwwoooooooooooo!

20:26
Mickey Mouse
Half open scan

20:26
Mickey Mouse
xmas

20:26
Mickey Mouse
 I have been paying attention, honest

20:27
Mickey Mouse
Nice Minnie!!

20:27
Mickey Mouse
@Minnie: expect nothing less now lol

20:27
Mickey Mouse
I lost connection for a few minutes

20:28
Mickey Mouse
give us cool filters!

20:29
Mickey Mouse
https://wiki.wireshark.org/SampleCaptures

20:30
Mickey Mouse
Having a demostration or someone that knows how to use it is helpful.

20:30
Mickey Mouse
Add it to the link list! hah

20:30
Mickey Mouse
Don's videos are also very good, as has been mentioned.

20:31
Mickey Mouse
You can capture and replay voip too

20:31
Mickey Mouse
VoIP phone tapping!

20:31
Mickey Mouse
Win utils you need WPCAP.

20:34
Mickey Mouse
@Louie: Unfortunately, not g729 which is a very common codec. I think it only does g711. But definitely a cool feature.

20:34
Mickey Mouse
Monitor mode.

20:34
Mickey Mouse
You can see the beacons

20:34
Mickey Mouse
what about local hosts file?? can you feed wireshark a host file to use? maybe the zone transfer you captured??

20:34
Mickey Mouse
www.riverbed.com

20:34
Mickey Mouse
AirPcap

20:35
Mickey Mouse
brb

20:36
Mickey Mouse
@Chip: is that part of the aircrack suite?

20:36
Mickey Mouse
HOA

20:36
Mickey Mouse
Didnt think it worked for all situations, but I did it once and my boss thought that was pretty kewl.

20:37
Mickey Mouse
looks like I only missed one session?

20:37
Mickey Mouse
I'm doing a Chrome reboot, BRB.

20:38
Mickey Mouse
@Athos: just went through wireshark

20:38
Mickey Mouse
ah. cool. I didn't miss too much for me then. I have used that a lot.

20:39
Mickey Mouse
@Louie Robbins Sniffing section in links page now updated

20:39
Mickey Mouse
AFK

20:39
Mickey Mouse
@Jiminy... no

20:40
Mickey Mouse
@Chip: thanks, was just looking it up lol

20:41
Mickey Mouse
Riverbed AirPcap - Capture 802.11 WLAN packets for rapid, comprehensive analysis with your favorite packet-analysis software. This is the only Microsoft Windows-based wireless packet capture device fully integrated with Wireshark and Riverbed® SteelCentral™ Packet Analyzer. Choose among three affordable, easy-to-deploy versions: AirPcap Classic, AirPcap Tx, and AirPcap Nx.

20:41
Mickey Mouse
nice

20:42
Mickey Mouse
Captain my captain is right, it's not cheap

20:43
Mickey Mouse
I hope my new boss has a budget for tools

20:44
Mickey Mouse
or... utilize a free kali VM and $30 AWUS036NEH

20:45
Mickey Mouse
Either a good budget, or you have no way of detecting some things...

20:46
Mickey Mouse
Raspberry Pi + Wireless Dongle + USB Battery Pack

20:46
Mickey Mouse
But most of these tools are free.

20:46
Mickey Mouse
@Saunder - Awesome!

20:47
Mickey Mouse
@Duey... what kind of things can't you detect without a budget?

20:48
Mickey Mouse
@. If you need to do bluetooth sniffing, the Ubertooth One is the way to go. It's $120 and doesn't come with an enclosure but it's really fun

20:48
Mickey Mouse
Did anyone get their books yet?

20:48
Mickey Mouse
@Goofy I got mine from Amazon. 28 for a book isn't a bad deal

20:49
Mickey Mouse
ebook

20:49
Mickey Mouse
Its not signed though!

20:49
Mickey Mouse
@Goofy B. Yes, I've noticed.

20:49
Mickey Mouse
oh... @GoofyO are you a winner?

20:49
Mickey Mouse
Yep

20:50
Mickey Mouse
@Athos: As said, most of the software tools are free, but bosses/beancounters need to understand you need a "security budget", which means protection devices like firewalls, and keeping servers up-to-date...

20:52
Mickey Mouse
There are some helpful tools that do cost money, if a workplace is too cheap to spend money on protection, prepare to get hacked.

20:52
Mickey Mouse
true Duey

20:54
Mickey Mouse
boy they have come along way on forensic "all-in-one" devices/boxes.

20:54
Mickey Mouse
@Duey that is one of the hardest things to make them see.

20:54
Mickey Mouse
Ah gotcha Duey

20:54
Mickey Mouse
sorry it took so long i was going over the missed chat

20:54
Mickey Mouse
@Beem +1 that!!

20:55
Mickey Mouse
The person at the TD desk may want to keep their phone out of the camera's field of view.

20:55
Mickey Mouse
After they are hacked the first time, they see it very well.

20:55
Mickey Mouse
Especially if it caused them to lose money.

20:56
Mickey Mouse
Unfortunately it takes something to happen before they want to spend the money

20:56
Mickey Mouse
I have a Euro

20:56
Mickey Mouse
I will bet Home Depot and Target do not fight over a security budget

20:56
Mickey Mouse
back

20:56
Mickey Mouse
LOL @Goofy

20:56
Mickey Mouse
That is a big aspect to CEH, to get the company to proactively check for security flaws, before it is an issue.

20:57
Mickey Mouse
Which requires manpower

20:57
Mickey Mouse
That is what happen where I work now, we got hit with the cryptowall and now they don't mind spending the money

20:57
Mickey Mouse
The time to hit them is when the C levels at the same industry start talking about their getting hacked. The last thing most of them want is that type of scrutiny .

20:59
Mickey Mouse
Donald: is C,I,A, now extended to include: confidentiality, integrity, availability, privacy, authenticity & trustworthiness, non-repudiation, accountability and auditability?

20:59
Mickey Mouse
I saw it years ago with a budget that could have gone to 1.) better equipment or 2.) more people. We spent the money on better equipment, and that made it so we didn't need more people.

21:00
Mickey Mouse
@Jiminy Those are things that you need to be aware of for ISACA CISM

21:01
Mickey Mouse
@Minnie; thanks, I should've known to ask you first haha

21:03
Mickey Mouse
telnet

21:03
Mickey Mouse
@Jiminy it's a bit old now but lookup references to the McCumber Cube: https://en.wikipedia.org/wiki/McCumber_cube

21:06
Mickey Mouse
and home

21:07
Mickey Mouse
Yep

21:07
Mickey Mouse
Get rid of the e-mail client, and go to a secure webmail interface.

21:08
Mickey Mouse
@Minnie: thanks. captain,AA is how i remember it. lol

21:09
Mickey Mouse
@Jiminy, nice acronym!

21:11
Mickey Mouse
@Duey Drawback to web mail is it requires a live Internet connection .. Road warrior may not have it.

21:13
Mickey Mouse
Understood Chip, but that is getting better; Most people only run a mail client when they do have Internet access.

21:14
Mickey Mouse
@Chip... a true road warrior always has internet in todays age

21:15
Mickey Mouse
We get n to client sites where we cannot access outside resources and cell phones not allowed. Plus the interfaces on webmail are still very limited.

21:16
Mickey Mouse
gtocha... when you work in the government and pharma that does tend to happen

21:16
Mickey Mouse
Good tactic Donald.

21:18
Mickey Mouse
master key - key escrow -

21:25
Mickey Mouse
Is that it for the day??

21:25
Mickey Mouse
Thanks Donald and Mike

21:25
Mickey Mouse
when is fridays episoide going to be posted

21:25
Mickey Mouse
very soon

21:25
Mickey Mouse
like in an hour

21:25
Mickey Mouse
Thanks Donald and Mike

21:26
Mickey Mouse
Theyve been going up pretty quick

21:26
Mickey Mouse
Thanks Nathan

21:26
Mickey Mouse
Another great show

21:26
Mickey Mouse
crossing fingers

21:26
Mickey Mouse
cant wait

21:27
Mickey Mouse
its beer time again. I mean book

21:27
Mickey Mouse
lol Jiminy

21:27
Mickey Mouse
Again Thanks Mike & Donald.

21:27
Mickey Mouse
Hate to add to my nations steroetype, but I'm off for beers again tonight lol

21:27
Mickey Mouse
Id rather have a margarita

21:27
Mickey Mouse
Both sounds like a good idea - beer and book

21:27
Mickey Mouse
LOL@Jiminy

21:28
Mickey Mouse
Hazaa - nice show today! thanks everybody

21:28
Mickey Mouse
Congrats Duey!

21:28
Mickey Mouse
Cool.

21:28
Mickey Mouse
I'm an avid bottle collector! sounds way better than alcaholic lol

21:29
Mickey Mouse
Congrats Duey

21:29
Mickey Mouse
Congrats Duey!

21:29
Mickey Mouse
Gratz Beem!!!

21:29
Mickey Mouse
Woo, grats Duey!

21:29
Mickey Mouse
congrat @Duey

21:29
Mickey Mouse
Yes, @Dave ! Congrats.

21:29
Mickey Mouse
WTG Duey

21:29
Mickey Mouse
Congrats Duey

21:29
Mickey Mouse
Congrats Duey

21:29
Mickey Mouse
Thanks for another great show, see you tomorrow!