Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CEH Chat dialog for itpro.tv Day 6 Monday 30th March 2015
- itpro.tv or itprotv or CEH or Certified Ethical Hacker:
- (Pseudonymised version)
- 13:05
- Mickey Mouse
- Good afternoon everyone, ready fro some more CEH
- 13:12
- Mickey Mouse
- Good afternoon Aladdin and everyone else - looking forward to another session
- 13:23
- Mickey Mouse
- Hi Minnie, Looks like we are an hour early it's only 08:23 in florida
- 13:25
- Mickey Mouse
- Oh - daylight savings time!
- 13:25
- Mickey Mouse
- Of course... doh!
- 13:25
- Mickey Mouse
- Be back in an hour then
- 13:25
- Mickey Mouse
- Time to catch up on 2nd part of crypto I missed, or update links thread
- 13:30
- Mickey Mouse
- setup a custom url for thread: http://bit.ly/itpro-ceh-links
- 13:43
- Mickey Mouse
- Good morning everyone!
- 13:46
- Mickey Mouse
- Good morning
- 13:56
- Mickey Mouse
- Good afternoon Goofy and Chip
- 13:56
- Mickey Mouse
- Do you think this is the physical drop box that Donald showed us? http://www.minipwner.com/
- 13:56
- Mickey Mouse
- Good afternoon to you : )
- 13:58
- Mickey Mouse
- Good morning everyone
- 13:58
- Mickey Mouse
- and good afternoon to my Euro neighbors
- 13:58
- Mickey Mouse
- I must have missed that part.
- 13:59
- Mickey Mouse
- Good morning
- 13:59
- Mickey Mouse
- Hi Scott
- 13:59
- Mickey Mouse
- @Chip it was in the Maintaining access to the network part when he talked about physical options
- 13:59
- Mickey Mouse
- Thanks for the CEH useful links, Minnie. What a wealth of great information.
- 13:59
- Mickey Mouse
- All contributions from Donald and you guys in the chat room
- 14:02
- Mickey Mouse
- @Minnie I think it is, that is the website that I wrote down in my notes when he was talking about it, but I don't remember if he mentioned the link or if it was someone in the chat.
- 14:02
- Mickey Mouse
- Gr33tz & Howdy
- 14:02
- Mickey Mouse
- I don't think he mentioned it and I must have missed it in chat
- 14:03
- Mickey Mouse
- @Louie hi
- 14:05
- Mickey Mouse
- Does anyone have the chat logs for Friday and Thursday?
- 14:05
- Mickey Mouse
- Good Morning
- 14:08
- Mickey Mouse
- got my book in, unfortunately, they left it in the rain
- 14:08
- Mickey Mouse
- Good Morning All
- 14:09
- Mickey Mouse
- I wish I hadn't stayed up so late, working on something for a friend. I feel like I'm in a somnabulistic stupor. Caffeine time I guess, before we get started.
- 14:10
- Mickey Mouse
- @Chip sounds like a typical Monday to me
- 14:10
- Mickey Mouse
- @. Thursday here, not posted Friday's yet, needs anonymising - https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links
- 14:11
- Mickey Mouse
- ha ha Duey
- 14:11
- Mickey Mouse
- TY Minnie
- 14:12
- Mickey Mouse
- Morning everyone!!!
- 14:13
- Mickey Mouse
- Morning @.
- 14:13
- Mickey Mouse
- I've missed everything since Wednesday (work) GOt to get caught up.
- 14:15
- Mickey Mouse
- Oh I wish I was at home for this week, I have a feeling work is going to keep me busy
- 14:16
- Mickey Mouse
- Resumes at 1:30PM?
- 14:16
- Mickey Mouse
- Yes
- 14:16
- Mickey Mouse
- LOL whoops
- 14:17
- Mickey Mouse
- 14:17
- Mickey Mouse
- Good morning everyone
- 14:17
- Mickey Mouse
- I'm in the middle of setting up the board. enjoy the show
- 14:17
- Mickey Mouse
- Good morning
- 14:17
- Mickey Mouse
- Morning @Chip
- 14:17
- Mickey Mouse
- I see whut you did thar @.
- 14:17
- Mickey Mouse
- @Donald So looks like Habs are in the play offs. Go Pens!!!!
- 14:17
- Mickey Mouse
- which starts at 930!
- 14:20
- Mickey Mouse
- Habs ot Lightning tonight??
- 14:21
- Mickey Mouse
- Yes they are.
- 14:22
- Mickey Mouse
- morning all!
- 14:29
- Mickey Mouse
- Good Morning, sometimes before I would be the first one on chat, now it goes back four pages before I am here.
- 14:30
- Mickey Mouse
- @. - updated the thread with link for Friday think I got rid of most names https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links
- 14:30
- Mickey Mouse
- @. and @Duey - hi guys
- 14:30
- Mickey Mouse
- Hi Minnie!
- 14:31
- Mickey Mouse
- Also, I've updated this page: http://bit.ly/itpro-ceh-links (resolves to https://forums.itpro.tv/topic/353/ceh-useful-links )
- 14:31
- Mickey Mouse
- Minnie, you deserve another gold star!
- 14:32
- Mickey Mouse
- Good morning everyone
- 14:33
- Mickey Mouse
- Just adding steganography links now
- 14:34
- Mickey Mouse
- Hi Duey
- 14:35
- Mickey Mouse
- Did I already say I got my study guide, but the delivery guy left it in the rain!
- 14:36
- Mickey Mouse
- booo delivery!
- 14:36
- Mickey Mouse
- That deserves a refund
- 14:36
- Mickey Mouse
- @. - oh no, that's bad of them!
- 14:38
- Mickey Mouse
- Good morning all!!!
- 14:38
- Mickey Mouse
- Hi .
- 14:38
- Mickey Mouse
- Morning .
- 14:38
- Mickey Mouse
- 14:39
- Mickey Mouse
- Hi guys
- 14:39
- Mickey Mouse
- Good morning Mike and Donald
- 14:39
- Mickey Mouse
- Hello Aramis, Minnie
- 14:39
- Mickey Mouse
- Chara
- 14:40
- Mickey Mouse
- @Huey... yes, Minnie does deserve another gold star. I need her to organize my life. lol
- 14:40
- Mickey Mouse
- G-Day all!
- 14:40
- Mickey Mouse
- LOL @Chip
- 14:41
- Mickey Mouse
- @Minnie great notes section in forum; Could you add http://securityweekly.com/ to you list of podcast.
- 14:41
- Mickey Mouse
- And we're off !
- 14:41
- Mickey Mouse
- yeah
- 14:42
- Mickey Mouse
- Give away few more books
- 14:42
- Mickey Mouse
- Sure I could use a hardcopy.
- 14:43
- Mickey Mouse
- Anybody has a soft copy?
- 14:44
- Mickey Mouse
- 90% of crap pre-loaded on most phones.
- 14:44
- Mickey Mouse
- amazon is the cheapest ebook at 28
- 14:44
- Mickey Mouse
- @. Even if they did you'd still be expected to purchase your own legal copy - ethics and all that
- 14:44
- Mickey Mouse
- but my friend bough the google play version and it works better on android tablets
- 14:44
- Mickey Mouse
- *bought
- 14:44
- Mickey Mouse
- I love my Monday morning spam, this time an "invoice" for $75 USD to submit our site to search engines, saying to go to their "secure payment" site (with an http://).
- 14:45
- Mickey Mouse
- Lol Minnie
- 14:45
- Mickey Mouse
- yeah sorry about that Duey... I sent you the wrong details... it's actually $150 and i need to get you new accoutn numbers
- 14:46
- Mickey Mouse
- I love Rootkits
- 14:47
- Mickey Mouse
- They're harvesting my ARIN data, even better is when I get spam on my abuse e-mail address.
- 14:48
- Mickey Mouse
- Here's Duey, on his Chromebox again, asking what a virus is.
- 14:49
- Mickey Mouse
- EXE
- 14:49
- Mickey Mouse
- it's something that written mainly for Microsoft products @Duey
- 14:49
- Mickey Mouse
- @Duey - It's called Google
- 14:49
- Mickey Mouse
- @Duey - Sorry I suppose that's more spyware
- 14:49
- Mickey Mouse
- Yeah, sometimes the Chrome OS builds cause problems.
- 14:50
- Mickey Mouse
- Althought... mac is coming up... and while there are a lot of viruses on linux... they are much more difficult to implement... especially with SELinux
- 14:50
- Mickey Mouse
- Question: Is there a virus taxonomy tree Donald recommends to look at?
- 14:50
- Mickey Mouse
- Good question
- 14:50
- Mickey Mouse
- ^^
- 14:51
- Mickey Mouse
- Morning all!
- 14:51
- Mickey Mouse
- Hi Goofy
- 14:51
- Mickey Mouse
- Good morning Goofy
- 14:51
- Mickey Mouse
- Aha - http://ictvonline.org/virustaxonomy.asp
- 14:51
- Mickey Mouse
- Hi Goofy, Chip
- 14:51
- Mickey Mouse
- I saw somebody wearing gloves while using the system!!!
- 14:51
- Mickey Mouse
- IGNORE
- 14:51
- Mickey Mouse
- I forgot to specify computer viruses
- 14:52
- Mickey Mouse
- lol wrong type of virus
- 14:52
- Mickey Mouse
- Thanks Minnie!
- 14:52
- Mickey Mouse
- and yes thanks
- 14:52
- Mickey Mouse
- I recently dropped down to a single monitor... I'm really missing that second/third screen
- 14:52
- Mickey Mouse
- just got the SMS \o/
- 14:52
- Mickey Mouse
- This one: http://www.omnisecu.com/security/types-of-computer-viruses.php
- 14:52
- Mickey Mouse
- Hey Aramis : )
- 14:53
- Mickey Mouse
- Thanks Captain my captain
- 14:56
- Mickey Mouse
- Internet storm center
- 14:56
- Mickey Mouse
- https://isc.sans.edu/infocon.html
- 14:56
- Mickey Mouse
- Almost 15 years ago with Code Red.
- 14:58
- Mickey Mouse
- I remember battling CodeRed when I was an IT guy
- 14:58
- Mickey Mouse
- run amuck
- 14:58
- Mickey Mouse
- Yup, me too, was up all night on that one.
- 14:59
- Mickey Mouse
- indeed
- 14:59
- Mickey Mouse
- Does ransomeware fall under the rubric of malware
- 14:59
- Mickey Mouse
- Took our servers down for two days, we had to disconnect everything.
- 14:59
- Mickey Mouse
- http://www.caida.org/research/security/code-red/code-red-large.png
- 14:59
- Mickey Mouse
- Kind of relevant in case anyone doesn't already know this resource: http://map.ipviking.com/
- 14:59
- Mickey Mouse
- He mentioned map which reminded me
- 15:00
- Mickey Mouse
- @Mike P thanks , scary map
- 15:00
- Mickey Mouse
- That was the site I was looking for Mike!
- 15:00
- Mickey Mouse
- @Minnie , I love that map
- 15:01
- Mickey Mouse
- I think that I may have made my wife mad.
- 15:01
- Mickey Mouse
- Drop the bomb and rename setup.exe. Oh you want it so bad. Here you go!
- 15:02
- Mickey Mouse
- The art of Obfuscation
- 15:03
- Mickey Mouse
- Uh oh, Athos.
- 15:04
- Mickey Mouse
- @Athos hope it's short-lived
- 15:05
- Mickey Mouse
- Ut oh, warning the wife!
- 15:05
- Mickey Mouse
- LOL
- 15:05
- Mickey Mouse
- Or allow Ping packet outbound, get information out of an organisation by pinging an address you cotrol
- 15:05
- Mickey Mouse
- yeah.... i can't think of anything... and she is 7 months pregnant so... maybe it's jsut going to be a bad day
- 15:05
- Mickey Mouse
- Never good to vex a woman lol
- 15:05
- Mickey Mouse
- Especially a pregnant one!
- 15:05
- Mickey Mouse
- ha ha ha Minnie
- 15:06
- Mickey Mouse
- very true
- 15:06
- Mickey Mouse
- I would 2nd that
- 15:06
- Mickey Mouse
- or when she's ovulating. lol
- 15:06
- Mickey Mouse
- lol
- 15:07
- Mickey Mouse
- LMAO!
- 15:07
- Mickey Mouse
- ovulation virus.
- 15:07
- Mickey Mouse
- ha ha ha ha
- 15:08
- Mickey Mouse
- I wonder what things we could say in the chat to make either mike or Donald lose it
- 15:08
- Mickey Mouse
- @Will that would be awesome!
- 15:08
- Mickey Mouse
- @Athos, if this is her first baby, make sure you don't vex her while she's in labor, it won't be pretty.
- 15:08
- Mickey Mouse
- I don't think I want to get on Donald's badside
- 15:08
- Mickey Mouse
- LMAO!
- 15:09
- Mickey Mouse
- @Chip... it's the 4th... i'm a veteran at this point
- 15:09
- Mickey Mouse
- so pretty much just sit in the corner and don't say anything but yes dear
- 15:09
- Mickey Mouse
- i know everything is my fault
- 15:09
- Mickey Mouse
- ahhhhh good lol
- 15:09
- Mickey Mouse
- exactly
- 15:09
- Mickey Mouse
- Could run for the hills
- 15:10
- Mickey Mouse
- It is a UK company, that manages for what is listed as "Sony" for the IP of "Better Call Saul"?
- 15:11
- Mickey Mouse
- lol
- 15:11
- Mickey Mouse
- I received an abuse notice for one of our customers.
- 15:11
- Mickey Mouse
- lol @ Chip sit in corner comment
- 15:14
- Mickey Mouse
- : )
- 15:14
- Mickey Mouse
- 38 mostly Chinese spams caught in the filter for my abuse desk reporting....
- 15:15
- Mickey Mouse
- Including one from "Microsoft Corporation" with an address of micro4@aol.com
- 15:15
- Mickey Mouse
- @Dave funny
- 15:16
- Mickey Mouse
- If anyone is interested in my presentation after it given, I can email you guys a copy.
- 15:16
- Mickey Mouse
- too funny, Duey
- 15:16
- Mickey Mouse
- Sure
- 15:16
- Mickey Mouse
- That would be great, Goofy
- 15:16
- Mickey Mouse
- It will be after 4/11.
- 15:17
- Mickey Mouse
- Macros disabled I assume Goofy
- 15:17
- Mickey Mouse
- Would be ironic if you infected everyone on the CEH chatroom
- 15:17
- Mickey Mouse
- this just broke guys : http://rt.com/usa/245273-nsa-headquarters-shots-fired/
- 15:18
- Mickey Mouse
- A crafted URL can do that.
- 15:18
- Mickey Mouse
- Good list worth subscribing to https://www.us-cert.gov/ncas/bulletins/SB15-089
- 15:18
- Mickey Mouse
- @thanks Goofy reading now
- 15:19
- Mickey Mouse
- @Goofy I missed what your presentation is on?
- 15:19
- Mickey Mouse
- Damn power glitch.
- 15:19
- Mickey Mouse
- Captain my captain - https://www.youtube.com/watch?v=v6GnX3ZhuAg
- 15:19
- Mickey Mouse
- @Aladdin The CV list can become bloated and overwhelmed. That is one of the reasons why I don't subscribe.
- 15:20
- Mickey Mouse
- @Minnie Global Surveillance.
- 15:20
- Mickey Mouse
- So someone is able to get a helicopter (or drone) close to the NSA for news footage?
- 15:20
- Mickey Mouse
- I agree , that list is just what been added in the last week
- 15:20
- Mickey Mouse
- @Goofy in which case I'd be interested too
- 15:20
- Mickey Mouse
- I remember Klez, ran rampant in my Dorm in college
- 15:21
- Mickey Mouse
- @Mike P - nice one
- 15:21
- Mickey Mouse
- I'll email it not posted in social media. Too crazy
- 15:21
- Mickey Mouse
- I think the presenters miss a lot of the links we are giving them
- 15:21
- Mickey Mouse
- Awesome stuff @Captain my captain
- 15:22
- Mickey Mouse
- @ Donald yes pretty cool!
- 15:22
- Mickey Mouse
- I love that link! I Shared that!
- 15:22
- Mickey Mouse
- @Mike P perhaps a slight time lag
- 15:22
- Mickey Mouse
- I ran one ip viking at work on a dedicated screen when I was there.
- 15:22
- Mickey Mouse
- ipviking
- 15:23
- Mickey Mouse
- I rememember a little about Klez too Scott, but Code Red was much worse for me.
- 15:23
- Mickey Mouse
- Call me crazy but I have a #NSA feed in my tweekdeck. That's how I know what is going down.
- 15:24
- Mickey Mouse
- His name is Giorgi or something like that.
- 15:24
- Mickey Mouse
- That dude looks like a Kazon!
- 15:25
- Mickey Mouse
- Hey @Donald: You'll love this! https://scontent-atl.xx.fbcdn.net/hphotos-prn2/v/t1.0-9/536214_10200974108464860_1459185104_n.jpg?oh=206f914830fef8ea910beac855546d9c&oe=5570D61B
- 15:25
- Mickey Mouse
- its a fb photo, sorry
- 15:25
- Mickey Mouse
- LOL
- 15:27
- Mickey Mouse
- Ancient alien dude that looks like a Kazon. http://www.imdb.com/name/nm2435429/?ref_=ttfc_fc_cl_t2
- 15:27
- Mickey Mouse
- How do you change you picture in the chat window?
- 15:28
- Mickey Mouse
- You have goto Gravatar and change it there. Refresh the chatroom here.
- 15:28
- Mickey Mouse
- Gravatar.com
- 15:29
- Mickey Mouse
- Thanks
- 15:29
- Mickey Mouse
- Your PC is stone
- 15:29
- Mickey Mouse
- The ones that would delete an MFM hard drive.
- 15:30
- Mickey Mouse
- fish virus plays ping-pong in your bios.
- 15:30
- Mickey Mouse
- For anyone who missed the link I'm updating with URLs: http://bit.ly/itpro-ceh-links resolves to https://forums.itpro.tv/topic/353/ceh-useful-links
- 15:31
- Mickey Mouse
- Viruses were even before Internet, and started with BBS and diskette trades.
- 15:32
- Mickey Mouse
- In my time there were couriers that sported warez including viruses for sale or trade.
- 15:32
- Mickey Mouse
- Lotus 123
- 15:32
- Mickey Mouse
- Thanks so much, Minnie
- 15:33
- Mickey Mouse
- VBA - YUK!
- 15:34
- Mickey Mouse
- Anti-virus software started coming out in 1987.
- 15:34
- Mickey Mouse
- vba is extremely helpful in the business work though Mike
- 15:34
- Mickey Mouse
- Goofy Ortega, didn't you take the CEH test this past weekend?
- 15:35
- Mickey Mouse
- I'm sure it is Athos. It's just yuk though
- 15:35
- Mickey Mouse
- sql website injections?
- 15:37
- Mickey Mouse
- @Fab. I wish... I don't have $600 laying around.
- 15:37
- Mickey Mouse
- 600 ouch
- 15:37
- Mickey Mouse
- ok, it was someone that did I don't remember.
- 15:37
- Mickey Mouse
- Porthos
- 15:37
- Mickey Mouse
- ok
- 15:38
- Mickey Mouse
- is Porthos today here?
- 15:38
- Mickey Mouse
- @Porthos? He was in this chatroom?
- 15:38
- Mickey Mouse
- It takes about 6 months for virus defs to be updated
- 15:38
- Mickey Mouse
- @Donald Is a shell virus the same as an armoured virus?
- 15:38
- Mickey Mouse
- I mena if you are prepared... considering how you easily it makes it for you to get a security job ... 600 is not thatm uch
- 15:39
- Mickey Mouse
- Anyone know of free testing online
- 15:39
- Mickey Mouse
- @Athos true short sighted of me
- 15:39
- Mickey Mouse
- QUESTION: Is a shell virus the same as an armoured virus? I'm unclear of difference ebtween stealth and these
- 15:40
- Mickey Mouse
- yes you can pay someone to write a good one for you.
- 15:40
- Mickey Mouse
- I got some from torrents lol
- 15:41
- Mickey Mouse
- ^^ cant read that... looks obfuscated :d
- 15:41
- Mickey Mouse
- 15:41
- Mickey Mouse
- Please check Minnie's Question above
- 15:41
- Mickey Mouse
- i got a copy of Windows ME. Does that count
- 15:42
- Mickey Mouse
- @Aramis yes that counts ME stands for mistake edition
- 15:42
- Mickey Mouse
- Stuxnet
- 15:44
- Mickey Mouse
- lol
- 15:44
- Mickey Mouse
- Thanks @Donald and @Athos
- 15:45
- Mickey Mouse
- Michelangelo had to wait centuries for a virus to be named after him.
- 15:45
- Mickey Mouse
- looks like we are down to the peoploe that really want to learn this stuff. I noticed there are less people in the chat
- 15:45
- Mickey Mouse
- Regin is another one.
- 15:46
- Mickey Mouse
- Winlove?
- 15:46
- Mickey Mouse
- I'm here, just at work, so much less involved in chat. Guess my chances at a book have gone down this week
- 15:46
- Mickey Mouse
- The best stuxnet book I've read: http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X/ref=sr_1_1?ie=UTF8&qid=1427726761&sr=8-1&keywords=stuxnet
- 15:46
- Mickey Mouse
- @Goofy SteveG was SO impressed with the elegance of regin wasn't he?
- 15:46
- Mickey Mouse
- I meant total users. The scroll bar is much larger indicating fewer participants
- 15:47
- Mickey Mouse
- @Minnie. He was and Regin was entire OS and packed with encryption.
- 15:47
- Mickey Mouse
- @Goofy *nods*
- 15:48
- Mickey Mouse
- Good overview of REgin: https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
- 15:48
- Mickey Mouse
- It's so sophisticated, it's no joke.
- 15:48
- Mickey Mouse
- Virginia Tech says that 70% of the virus are created by governments
- 15:48
- Mickey Mouse
- @. thanks
- 15:48
- Mickey Mouse
- Mainly btw China, Russia, Israel and USA
- 15:49
- Mickey Mouse
- Awesome @..
- 15:50
- Mickey Mouse
- @. I wouldn't doubt it.
- 15:50
- Mickey Mouse
- No internet background noise.
- 15:50
- Mickey Mouse
- did i miss anything in the past minute. My router jsut reset itself
- 15:50
- Mickey Mouse
- @D'artagan I believe it
- 15:51
- Mickey Mouse
- wow
- 15:51
- Mickey Mouse
- This one is fun
- 15:51
- Mickey Mouse
- It's a run away train. Exponential growth.
- 15:51
- Mickey Mouse
- http://map.ipviking.com/#
- 15:51
- Mickey Mouse
- That's amazing
- 15:52
- Mickey Mouse
- wow
- 15:52
- Mickey Mouse
- @. could you post that link please
- 15:52
- Mickey Mouse
- http://www.caida.org/publications/papers/2003/sapphire/sapphire.html
- 15:52
- Mickey Mouse
- I want the penny
- 15:52
- Mickey Mouse
- wow, didn't know sqlslammer hit so fast
- 15:52
- Mickey Mouse
- I do though think back in the early days, people didn't realise the risks. Most connected their modem directly to the internet, no virus protection, or firewall.
- 15:52
- Mickey Mouse
- Thanks Minnie
- 15:54
- Mickey Mouse
- cripes nope
- 15:55
- Mickey Mouse
- although I think we're all off to become hermits anyway after some of the stuff you've shown us
- 15:57
- Mickey Mouse
- lol Donald... wow
- 15:57
- Mickey Mouse
- No matter how well you protect yourself. If a hacker wants you bad enough, they will get you.
- 15:57
- Mickey Mouse
- LOL
- 15:57
- Mickey Mouse
- LOL
- 15:57
- Mickey Mouse
- Yep@Goofy
- 15:57
- Mickey Mouse
- Thanks guys. Gotta shoot now, actually doing some MS SQL security checking and need to focus on that. Will catch the rerun tomorrow
- 15:58
- Mickey Mouse
- @. Chow dude... Enjoy
- 15:58
- Mickey Mouse
- @Donald what other subjects are you covering today?
- 15:58
- Mickey Mouse
- @Donald - Can you talk some time off time about being a forensic investigator vs Pen Tester
- 15:58
- Mickey Mouse
- @Donald - whats the Favorite AV ( best in your exp ) for home use and same question for Corp...
- 15:58
- Mickey Mouse
- Actually very quickly. Any news on the labs yet?
- 15:58
- Mickey Mouse
- Does having a trojan stop you getting a virus?
- 15:58
- Mickey Mouse
- @Captain my captain- Definitely!
- 15:59
- Mickey Mouse
- @R - Not at all. If anything might make it easier to get one
- 15:59
- Mickey Mouse
- @PT - good question
- 16:00
- Mickey Mouse
- Trojan tells his friends to come on over.
- 16:00
- Mickey Mouse
- I like GFI/Vipre
- 16:00
- Mickey Mouse
- That was a brand reference...
- 16:01
- Mickey Mouse
- https://www.skillset.com/certifications
- 16:01
- Mickey Mouse
- I'm using Vipre.. seems to block what it needs to. But a little difficult to manage
- 16:01
- Mickey Mouse
- That will give you a 2150 question practice test
- 16:01
- Mickey Mouse
- *250
- 16:01
- Mickey Mouse
- it also has a few others
- 16:02
- Mickey Mouse
- The only caveat is that https://www.skillset.com/certifications requires a free account
- 16:03
- Mickey Mouse
- :@R. I've been using it for years, at home. I don't have too many issues myself. But I put it on my mother's pc and to help her often
- 16:03
- Mickey Mouse
- great site, thanks Athos S.
- 16:04
- Mickey Mouse
- Thanks Athos
- 16:04
- Mickey Mouse
- Pentester = fun and Forensic = tedious?
- 16:04
- Mickey Mouse
- @Porthos Medina, did you take the CEH test?
- 16:05
- Mickey Mouse
- Pentester=before something bad happens. Forensic = after something bad happens. hehe
- 16:06
- Mickey Mouse
- @Louie I hate log checking hence my saying tedious
- 16:06
- Mickey Mouse
- agreed^
- 16:06
- Mickey Mouse
- @Minnie, yes tedious. I know someone who is a forensic investigator with the fbi
- 16:06
- Mickey Mouse
- I had a lawyer ask me to do forensics.
- 16:06
- Mickey Mouse
- @D'artagan, yes I did take the Exam, I will be retaking it.
- 16:07
- Mickey Mouse
- so, was it very difficult in your opinion?
- 16:07
- Mickey Mouse
- yeah logs = horrible
- 16:07
- Mickey Mouse
- can't stand it
- 16:08
- Mickey Mouse
- @D'artagan, yes it was difficult, but after taking it I feel like my study material did not prepare me enough for the Exam
- 16:08
- Mickey Mouse
- initersting..thank you.
- 16:09
- Mickey Mouse
- ha,... i jsut took a 10 question quickie exam... i got 3 of 10
- 16:10
- Mickey Mouse
- ouch
- 16:10
- Mickey Mouse
- <--- organised but still not sure about forensics, need to learn more to make a decision I guess
- 16:10
- Mickey Mouse
- @Porthos sorry it didn't go as hoped. What material did you use to prep beforehand?
- 16:11
- Mickey Mouse
- LOL @Donald @Captain my captain
- 16:11
- Mickey Mouse
- so, forensics is the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications and storage devices in a way that is admissible as evidence in a court of law.
- 16:12
- Mickey Mouse
- @Minnie, I used the AIO written by Matt Walker, and some random CEH Exam prep apps.
- 16:12
- Mickey Mouse
- I also took the EC-Council Course
- 16:12
- Mickey Mouse
- I know Captain my captain. I said that I need Minnie to organize my life.
- 16:12
- Mickey Mouse
- @Porthos thanks for sharing
- 16:13
- Mickey Mouse
- @Chip LOL
- 16:13
- Mickey Mouse
- : D
- 16:14
- Mickey Mouse
- @Minnie, I am now trying out the Boson Sim for CEH, and I can say I feel better about using this tool. All the questions so far are nearly identical to the Exam I took.
- 16:15
- Mickey Mouse
- @Porthos Boson makes some good stuff
- 16:15
- Mickey Mouse
- @Porthos thanks
- 16:16
- Mickey Mouse
- Anyone remember game.exe back in the day? Used to fullscreen and show you "Your Harddrive" being deleted, (but it was just a vid)
- 16:17
- Mickey Mouse
- Yes @Scott I remember that. I got my dad with that!
- 16:17
- Mickey Mouse
- <- really hope the links I've posted are the correct ones. Please can everyone use https://www.virustotal.com/ as well for anything I've linked to
- 16:18
- Mickey Mouse
- yeah i loved the one that said it was deleting c:\windows whether you clicked on yes or no
- 16:18
- Mickey Mouse
- It is a good verification
- 16:18
- Mickey Mouse
- @Captain my captain good tip
- 16:18
- Mickey Mouse
- mimikatz
- 16:18
- Mickey Mouse
- that was a bane of my antiviurs for awhile
- 16:19
- Mickey Mouse
- @Captain my captain - now we know where to put our viruses when someone gets in to your system
- 16:19
- Mickey Mouse
- finding security tools on a normal joe workstation might be a good redflag indicator of insider threat
- 16:19
- Mickey Mouse
- Cain & Able used to always gets killed on my systems
- 16:20
- Mickey Mouse
- Unless they are moonlighting.
- 16:20
- Mickey Mouse
- cool
- 16:20
- Mickey Mouse
- @LouieG yup
- 16:21
- Mickey Mouse
- @Louie yes and some users want to know why they can't install stuff.
- 16:22
- Mickey Mouse
- Shannon Morse does tutorials on netcat
- 16:27
- Mickey Mouse
- yeah... i know people are gonna hate me but I just run windows defender, malwarebytes, and spybot
- 16:28
- Mickey Mouse
- +1 for spybot
- 16:28
- Mickey Mouse
- AAAANDDD since I don't go to bad sites and whatnot... I haven't got anything
- 16:28
- Mickey Mouse
- I hate flash
- 16:28
- Mickey Mouse
- I use spybot and malware bytes, also
- 16:29
- Mickey Mouse
- javascript loads in ads and you get infected
- 16:29
- Mickey Mouse
- LMAO!!!!
- 16:29
- Mickey Mouse
- this one is getting edited
- 16:29
- Mickey Mouse
- +1 for spybot and malwarebytes
- 16:29
- Mickey Mouse
- lol Athos
- 16:29
- Mickey Mouse
- You can get infected going to yahoo
- 16:30
- Mickey Mouse
- wow... good point Donald I never thought of that.
- 16:30
- Mickey Mouse
- It's the ad networks that these sites carry
- 16:30
- Mickey Mouse
- lol
- 16:31
- Mickey Mouse
- did they speak about rootkit viruses? I came in 20 min late.
- 16:31
- Mickey Mouse
- there was a site that was out there - that showed all your available $VARS$ - or %VARS% being presented to a browser Can't remember it though...
- 16:32
- Mickey Mouse
- not yet D'artagan
- 16:32
- Mickey Mouse
- ok
- 16:32
- Mickey Mouse
- thanks @Chip
- 16:32
- Mickey Mouse
- they only referenced it as being under the rubric of malware
- 16:33
- Mickey Mouse
- http switchboard is what I use in chrome
- 16:33
- Mickey Mouse
- ok
- 16:34
- Mickey Mouse
- rootkit!
- 16:35
- Mickey Mouse
- Enjoy guys
- 16:35
- Mickey Mouse
- Righto - see you all later
- 16:35
- Mickey Mouse
- ESET
- 16:36
- Mickey Mouse
- webroot
- 16:36
- Mickey Mouse
- Thanks guys enjoy lunch
- 16:36
- Mickey Mouse
- ESet if you can pay if not then Defender
- 16:36
- Mickey Mouse
- Microsoft Security Essentials
- 16:36
- Mickey Mouse
- agreed @Goofy
- 16:36
- Mickey Mouse
- windows 7 I run defender
- 16:36
- Mickey Mouse
- what are you thoughts on whitelisting vs AV? seems like whitelisting is the way we are all going to have to go
- 16:37
- Mickey Mouse
- on windows 8+ though... you need a good antivirus
- 16:37
- Mickey Mouse
- how certain can we be that AV companies don't create viruses?
- 16:37
- Mickey Mouse
- it's their business after all
- 16:37
- Mickey Mouse
- @Donald... like Donald said... he got infrected at USA todya
- 16:38
- Mickey Mouse
- so i doubt whitelisting is a viable a option at this point
- 16:38
- Mickey Mouse
- Gotta go guys. Be back soon. chow everyone.
- 16:38
- Mickey Mouse
- Are you guys watching nextgen hacker?
- 16:39
- Mickey Mouse
- yep
- 16:39
- Mickey Mouse
- yes
- 16:40
- Mickey Mouse
- LOL
- 16:40
- Mickey Mouse
- i'm watching the video now
- 16:40
- Mickey Mouse
- HAHA thats funny..
- 16:40
- Mickey Mouse
- Off to eat AFK
- 16:41
- Mickey Mouse
- wow only 10 people visit Google at any particular time... thats good they dont need very many resources then.
- 16:46
- Mickey Mouse
- lol @nextgen no words. *groan*
- 16:59
- Mickey Mouse
- I'm curious if he is an epic troll... or really thinks that
- 17:05
- Mickey Mouse
- Hello everyone!
- 17:05
- Mickey Mouse
- welcome.
- 17:19
- Mickey Mouse
- I'm enjoying my Nexus 6 Nate, six months of Google Play Music and ad-free music videos on YouTube.
- 18:15
- Mickey Mouse
- nice Duey. i debated between that and my Note 4. I ended up with the Note, but that Nexus sure is sweet.
- 18:17
- Mickey Mouse
- Well, the Nexus 6 is big (model number being the size of the screen), but it has over 3.5 million pixels & two front-facing speakers.
- 18:18
- Mickey Mouse
- I still need to get a case to carry it on my person better.
- 18:18
- Mickey Mouse
- And I'm still getting used to Lollipop 5.1
- 18:19
- Mickey Mouse
- What is this I walk into. Yeah @Dave and his new phone. @Minnie thanks for the skillset site. Can't get off of it.
- 18:19
- Mickey Mouse
- I'm still waiting the release of Lillipop from Verizon for the Note 4
- 18:21
- Mickey Mouse
- They (Verizon) were certainly slow about releasing the Nexus 6, I wonder if it was related to having Lollipop 5.1 first.
- 18:27
- Mickey Mouse
- interesting article: Github still battling largest Denial of service http://www.pcmag.com/article2/0,2817,2479236,00.asp
- 18:28
- Mickey Mouse
- @Dave wifi charging on the 6?
- 18:28
- Mickey Mouse
- @Goofy thank Athos Saunders for that one
- 18:28
- Mickey Mouse
- Ah stand corrected. Thanks @Will
- 18:32
- Mickey Mouse
- @Goofy: Yes, of course I only have the connected chargers so far.
- 18:33
- Mickey Mouse
- That was the main problem of my RAZR M before I was upgraded, the battery started losing the charge quickly.
- 18:33
- Mickey Mouse
- Which one qi or powermat?
- 18:33
- Mickey Mouse
- I'd assume qi.
- 18:33
- Mickey Mouse
- Hi all
- 18:33
- Mickey Mouse
- ATT does powermat.
- 18:34
- Mickey Mouse
- I have a per-cup coffee machine on my desk
- 18:34
- Mickey Mouse
- I'd have to look it up.
- 18:34
- Mickey Mouse
- Looked at my edge plan. I'd need to up front $123 to get it today. Not gonna do it right now. I have medical bills to pay... sigh...
- 18:36
- Mickey Mouse
- Is it rootkits and APTs next?
- 18:36
- Mickey Mouse
- I believe so @Minnie
- 18:37
- Mickey Mouse
- Thanks everyone for the page hits & post reaches. It's much appreciated.
- 18:37
- Mickey Mouse
- yeeee haaawww
- 18:39
- Mickey Mouse
- Looks like it is Qi Goofy.
- 18:39
- Mickey Mouse
- Sweet. I have 2 qi chargers.
- 18:40
- Mickey Mouse
- I know that VZ uses qi but ATT uses powermat. To competing standards.
- 18:40
- Mickey Mouse
- I'm back. thanks for waiting on me guys
- 18:40
- Mickey Mouse
- @Captain my captain well some of us are
- 18:40
- Mickey Mouse
- Although there seems to be a number of posts that talk about wireless charging problems.
- 18:40
- Mickey Mouse
- We need to talk about Regin too.
- 18:40
- Mickey Mouse
- I use qi on nexus 7 works nicely
- 18:41
- Mickey Mouse
- Same here @Aramis.
- 18:41
- Mickey Mouse
- @Minnie: Hi, good weekend? feel like back in school, but did you take notes today? haha
- 18:41
- Mickey Mouse
- @Minnie: I was logged in but only got to see part of it. Seemed very good too
- 18:41
- Mickey Mouse
- Cool Goofy
- 18:41
- Mickey Mouse
- My wifey has a qi charger for S5.
- 18:42
- Mickey Mouse
- @Jiminy I always take notes
- 18:42
- Mickey Mouse
- I had to buy a special battery cover for her s5 to work. I also have a spare. Set me back $70 on Amazon.
- 18:43
- Mickey Mouse
- Gangsta Donald LOL
- 18:43
- Mickey Mouse
- @Minnie: Great! I was really annoyed all day because i was missing good stuff
- 18:44
- Mickey Mouse
- lol
- 18:44
- Mickey Mouse
- Neo, the Matrix
- 18:44
- Mickey Mouse
- hacker
- 18:45
- Mickey Mouse
- Thank goodness for Minnie. Now I can catch what I missed when I kept having power issues this morning.
- 18:45
- Mickey Mouse
- I'm getting the impression you guys want me to share my notes...
- 18:45
- Mickey Mouse
- She's awesome like that.
- 18:46
- Mickey Mouse
- @Minnie: nah, we'll shoulder surf ya
- 18:47
- Mickey Mouse
- ha ha ha Jiminy
- 18:47
- Mickey Mouse
- @Minnie: to be honest... I stopped trying to keep up in a digital format because your... is jsut so good so... kinda would like you to continue sharing. You're one of my favorites right now
- 18:47
- Mickey Mouse
- Thanks all, will do
- 18:48
- Mickey Mouse
- @Athos +1 yep
- 18:48
- Mickey Mouse
- She has everything organized and nicely laid out.
- 18:48
- Mickey Mouse
- Thanks Minnie!
- 18:48
- Mickey Mouse
- forget it reformat it.
- 18:49
- Mickey Mouse
- talking firmware then?
- 18:49
- Mickey Mouse
- Fist to heart, genuflects toward Mihala*
- 18:50
- Mickey Mouse
- If there is a rootkit in the firmware there is nothing you can do I believe
- 18:50
- Mickey Mouse
- @Chip I had to look up the word 'genuflect' - thanks for new word of the day
- 18:50
- Mickey Mouse
- you're welks
- 18:51
- Mickey Mouse
- Well like the hard drive exploits that the NSA does. they are firmware and can't be removed.
- 18:52
- Mickey Mouse
- They can't really be detected either
- 18:53
- Mickey Mouse
- Not even a secure erase can't get rid of it either.
- 18:53
- Mickey Mouse
- but a firmware flash can
- 18:53
- Mickey Mouse
- scan from a boot cd
- 18:54
- Mickey Mouse
- Can you ever really be sure its gone?
- 18:54
- Mickey Mouse
- Only way to get into a hardware at way... You have to jtag it .
- 18:54
- Mickey Mouse
- Provided that the jtag port is enabled.
- 18:55
- Mickey Mouse
- @Goofy: yes... it's called a burner laptop
- 18:55
- Mickey Mouse
- i restore from a clean image
- 18:55
- Mickey Mouse
- @Goofy: jtag?
- 18:55
- Mickey Mouse
- I believe with the hard drive firmware rootkits, they hide themselves from a firmware flash as well
- 18:55
- Mickey Mouse
- erm *@Jiminy
- 18:55
- Mickey Mouse
- @Minnie... JTAG is mor on the electronics side of things. reprogram it from above
- 18:55
- Mickey Mouse
- @Minnie. jtag is hardware level. Very complicated. You have to solder a serial port onto the controller board.
- 18:56
- Mickey Mouse
- @Athos and Goofy - thanks. Beyond me then
- 18:56
- Mickey Mouse
- look up JTAG xbox 36o or JTAG for android devices
- 18:57
- Mickey Mouse
- If my eyesight didn't suck. I'd so play with all of that stuff.
- 18:57
- Mickey Mouse
- We found Minnie's weak spot... it really does exist
- 18:57
- Mickey Mouse
- @Athos and cryptography
- 18:57
- Mickey Mouse
- @Willian: lol
- 18:57
- Mickey Mouse
- virtual environment could be a solution for that
- 18:58
- Mickey Mouse
- like VMWare View
- 18:58
- Mickey Mouse
- meh... cryptography is one of those things one a select few people are at that level
- 18:58
- Mickey Mouse
- virtual desktop machines
- 18:58
- Mickey Mouse
- FLOCON2015 is available now
- 18:59
- Mickey Mouse
- Wow. Hostgator got hacked by SEA. http://thehackernews.com/2015/03/website-hosting-services.html
- 19:00
- Mickey Mouse
- wow.... that is interesting
- 19:00
- Mickey Mouse
- interesting thanks Goofy
- 19:01
- Mickey Mouse
- Your welcome
- 19:01
- Mickey Mouse
- So was the general public first made aware of rootkits, because of Sony?
- 19:01
- Mickey Mouse
- Question: How many popular port numbers for trojans/virus are covered in the exam? Are they ??
- 19:03
- Mickey Mouse
- malware is like cancer.
- 19:03
- Mickey Mouse
- We had a raw, open Internet connection for R&D in college. Computer was hacked before you'd sit down!
- 19:04
- Mickey Mouse
- HA
- 19:04
- Mickey Mouse
- cripes
- 19:04
- Mickey Mouse
- @Chip Rootkits have been around before the Sony goof
- 19:04
- Mickey Mouse
- I know, I meant the general public's knowledge of them
- 19:04
- Mickey Mouse
- Also the general public still has no clue
- 19:05
- Mickey Mouse
- combofix has been my tool against rootkit
- 19:07
- Mickey Mouse
- Its hard to get companies to pay for decent equipment to run multi tools & programs on thier systems
- 19:07
- Mickey Mouse
- is done in medicine all the time
- 19:07
- Mickey Mouse
- I agree with Athos, the general public may not even be aware of them even now
- 19:07
- Mickey Mouse
- they grab a virus modify the dna code and release another one to attack the bad virus
- 19:08
- Mickey Mouse
- Not all the time, seen and heard too much to hope medicine is safe
- 19:08
- Mickey Mouse
- I didn't know about rootkits until I started looking into getting a CEH/ wroking with backtrack 5
- 19:08
- Mickey Mouse
- Thanks guys have a good night all!
- 19:09
- Mickey Mouse
- you leaving us Aramis?
- 19:09
- Mickey Mouse
- I agree Jiminy it is not important until something happens
- 19:09
- Mickey Mouse
- netstat -an > PORTS_ON.txt | egrep -iv KNOWN_PORTS.txt ( or something similar - I'm not a script nija ) Basic Idea is a quick review of running services that are NOT familiar.
- 19:09
- Mickey Mouse
- Night Aramis
- 19:09
- Mickey Mouse
- are we done for today??
- 19:09
- Mickey Mouse
- Yes unfortunately work is getting in the way how dare they! LOL
- 19:09
- Mickey Mouse
- black-ice ??
- 19:09
- Mickey Mouse
- whew.. .blac ice... that takes me back
- 19:09
- Mickey Mouse
- I think Sony got payback tho
- 19:09
- Mickey Mouse
- Night Minnie!
- 19:10
- Mickey Mouse
- LOL @Jiminy
- 19:11
- Mickey Mouse
- Yeah, early DSL modems were just bridged.
- 19:11
- Mickey Mouse
- my public IP is 192.168.1.1 Scan away people
- 19:11
- Mickey Mouse
- 19:11
- Mickey Mouse
- where did SLAM.exe ever go? The Gui to SLAM a port close?
- 19:12
- Mickey Mouse
- or strikeback
- 19:12
- Mickey Mouse
- that's my ip
- 19:12
- Mickey Mouse
- My old memories are flooding back.....
- 19:13
- Mickey Mouse
- I think it is outlawed now to use it
- 19:14
- Mickey Mouse
- a lot of my friends don't know what a Desktop is, never mind a rootkit lol
- 19:16
- Mickey Mouse
- @Donald - will you be discussing BOGON_filtering at all? Do they - or can they play in CEH?
- 19:17
- Mickey Mouse
- @Louie: I just scanned your IP. Your system is riddled with infections...oh wait...thats mine!
- 19:18
- Mickey Mouse
- I see you are connected to me - Get Out Get Out --- ROFL
- 19:19
- Mickey Mouse
- .
- 19:21
- Mickey Mouse
- @Louie: I tried to BSOD you, now I need to reinstall
- 19:21
- Mickey Mouse
- Soon I'll be rejoining the work force - I hope they are secure or I foresee many hours of unpaid OT staring at me.... I hope I will have ONE focus verses the "multi-tasking" clause or doing 110 jobs at a time....
- 19:21
- Mickey Mouse
- So, does CEH also include recommendations that we can use to harden our networks?
- 19:23
- Mickey Mouse
- @Louie I didn't know there were jobs where you were not working on 110 tasks at the same time
- 19:23
- Mickey Mouse
- Honey due list. brb in a few.
- 19:23
- Mickey Mouse
- Just take everything we learn here and reverse it. How do you protect against what we are doing in a pen test.
- 19:24
- Mickey Mouse
- Good grief, Jiminy
- 19:26
- Mickey Mouse
- you guys should look into how to protect windows servers from IPv6 flodding
- 19:26
- Mickey Mouse
- Just updated for this chapter: https://bitly.com/itpro-ceh-links
- 19:26
- Mickey Mouse
- There is an interesting exploit that make the server bsod simply from 1 bad IPv6 packet
- 19:27
- Mickey Mouse
- Thanks Minnie
- 19:27
- Mickey Mouse
- Thanks Minnie
- 19:27
- Mickey Mouse
- Nice work Minnie!
- 19:29
- Mickey Mouse
- @Jeff - one can only have dreams.... @Minnie - Way to Go !
- 19:31
- Mickey Mouse
- hmmm fun fact... the AR9285 doesn't work out of the box with aircrack on lubuntu... .but it does with kali....
- 19:31
- Mickey Mouse
- troubleshooting complete, I'm back!
- 19:31
- Mickey Mouse
- for 30 minutes until i go home
- 19:32
- Mickey Mouse
- I feel like I'm going to be watching this whole week's show on tape
- 19:32
- Mickey Mouse
- A waitress told me the other day that I drink more water then a fish.
- 19:32
- Mickey Mouse
- I dont eat seafood..... everyday
- 19:33
- Mickey Mouse
- @Huey... just tell them it's a known issue and close their ticket
- 19:33
- Mickey Mouse
- 19:33
- Mickey Mouse
- haha, I wish I could use that as an excuse
- 19:33
- Mickey Mouse
- Time for a Bambi Burger
- 19:34
- Mickey Mouse
- ROFL, Bambi...did you see the SNL spoof with the Rock as Bambi?
- 19:34
- Mickey Mouse
- I like Jim Gaffigan's bit about seafood. He said, I'd like fish, if it didn't taste like fish.
- 19:34
- Mickey Mouse
- Venison, yeah buddy!!
- 19:34
- Mickey Mouse
- LOL
- 19:34
- Mickey Mouse
- Only fine?
- 19:35
- Mickey Mouse
- My dogs wanna go sniffing.
- 19:35
- Mickey Mouse
- affects confidentiality
- 19:35
- Mickey Mouse
- I'm disappointed Huey. I really want to watch that Bambi movie
- 19:37
- Mickey Mouse
- Wireshark, NetWitness
- 19:37
- Mickey Mouse
- Not only the sniffing but it's down to packet analyzers.
- 19:37
- Mickey Mouse
- ntop
- 19:38
- Mickey Mouse
- I haven't played with Netwitness in a long time.
- 19:38
- Mickey Mouse
- wikipedia.org/Promiscuous_mode list quite a few
- 19:39
- Mickey Mouse
- gonna take a walk with the wife.... Minnie I'm trusing you
- 19:39
- Mickey Mouse
- Eek!
- 19:39
- Mickey Mouse
- Enjoy your walk
- 19:40
- Mickey Mouse
- Good Luck dude.
- 19:40
- Mickey Mouse
- LOL
- 19:41
- Mickey Mouse
- Monitor mode
- 19:41
- Mickey Mouse
- Or a switch able to do port mirroring?
- 19:42
- Mickey Mouse
- Need both @Duey
- 19:42
- Mickey Mouse
- If want to see much more than your own traffic and broadcasts
- 19:42
- Mickey Mouse
- Of course when I run Wireshark I am focused on specific equipment connected to the switch.
- 19:43
- Mickey Mouse
- A bunch of ARP traffic
- 19:43
- Mickey Mouse
- I can also mirror the port for what is going to my gateway.
- 19:43
- Mickey Mouse
- true
- 19:44
- Mickey Mouse
- hubs are getting harder to find to buy
- 19:46
- Mickey Mouse
- I had a stash of them at my old job
- 19:46
- Mickey Mouse
- >.> <.<
- 19:46
- Mickey Mouse
- I think I can mirror more than one port on my main switch, but I can't recall how many at once.
- 19:47
- Mickey Mouse
- You will also only see your network traffic if your wireless router is set to AP isolation
- 19:48
- Mickey Mouse
- You can send packet captures over ssh tunnel.
- 19:52
- Mickey Mouse
- SPAN Switch Port ANalyzer
- 19:52
- Mickey Mouse
- I used these at my previous job to send traffic to IDS/IPS
- 19:53
- Mickey Mouse
- OK I'm heading home, back on in an hour, hopefully there will be more
- 19:53
- Mickey Mouse
- See you Huey
- 19:53
- Mickey Mouse
- janitor
- 19:53
- Mickey Mouse
- @Huey: later
- 19:54
- Mickey Mouse
- 10 immutable laws: https://technet.microsoft.com/en-us/library/hh278941.aspx
- 19:54
- Mickey Mouse
- fire marshall, need to check the sprinkler system
- 19:54
- Mickey Mouse
- nice
- 19:55
- Mickey Mouse
- Always escort visitors in secured areas
- 19:55
- Mickey Mouse
- Help desk guys always enjoy time away from phones
- 19:56
- Mickey Mouse
- An old company I worked for the server room was a closet behind the receptionist and the door to it was always open
- 19:56
- Mickey Mouse
- Call centers are hell.
- 19:56
- Mickey Mouse
- @jeff LOL been there
- 19:57
- Mickey Mouse
- @Philip: a small box like Donalds might get away with even when accompanied
- 19:58
- Mickey Mouse
- What was that "box" they were referring to? I must have missed that.
- 19:58
- Mickey Mouse
- Minipwner
- 19:58
- Mickey Mouse
- thx
- 19:58
- Mickey Mouse
- It's on the links page: https://bitly.com/itpro-ceh-links
- 19:59
- Mickey Mouse
- A place where I use to work left the server room permenantly open as the cooling system wasn't great haha
- 20:00
- Mickey Mouse
- One job my boss did not have access to the server room
- 20:01
- Mickey Mouse
- My Chromecast just froze, rebooting it.
- 20:01
- Mickey Mouse
- Access cards are wonderful things
- 20:02
- Mickey Mouse
- latest big attack http://thenextweb.com/insider/2015/03/30/github-may-have-been-targeted-by-chinese-hackers-in-ddos-attack/
- 20:02
- Mickey Mouse
- Same here. Server was boiling. They had to jury rig an enclosure and then drape it with some kinda plastic to vent off the heat.
- 20:02
- Mickey Mouse
- lol Goofy wow
- 20:02
- Mickey Mouse
- There normally shouldn't be fire-suppression sprinklers in an equipment room anyway.
- 20:03
- Mickey Mouse
- @Goofy: haha
- 20:03
- Mickey Mouse
- Maybe halon nozzles, but is halon allowed now?
- 20:04
- Mickey Mouse
- @Duey: Nope, can't make it any more
- 20:04
- Mickey Mouse
- They had to cut through the ceiling and install a portable A/C unit in there. Still it was 80 in there. On a cold day it was like 70.
- 20:04
- Mickey Mouse
- I just turned on the A/C in my equipment room at the house yesterday, I was venting it outside when the old cooler failed.
- 20:05
- Mickey Mouse
- I keep mine at 70 degrees F.
- 20:05
- Mickey Mouse
- @Goofy: mine was East facing with windows so was only getting as the day went on lol
- 20:05
- Mickey Mouse
- Me and my Dad will need to mount the replacement unit probably next weekend.
- 20:05
- Mickey Mouse
- getting hotter *
- 20:06
- Mickey Mouse
- Tested a fob that required you to swipe your finger prior to sending the unlock code to a door sensor. Wish it had worked better than 80% of the time
- 20:06
- Mickey Mouse
- We had to empty the water drip garbage can every morning.
- 20:07
- Mickey Mouse
- It was a non profit and didn't have much money or at least wanting to spend on their equipment.
- 20:07
- Mickey Mouse
- Condensation?
- 20:07
- Mickey Mouse
- Yep. It's a funky setup.
- 20:07
- Mickey Mouse
- Years ago, I was allowed to visit one of the server rooms, they had at Camp LeJeune, Marine Base... it was really cool. Literally and figuratively.
- 20:07
- Mickey Mouse
- @Goofy: mine was a BIG money making company
- 20:08
- Mickey Mouse
- LOL @Jiminy
- 20:08
- Mickey Mouse
- I run a "swamp cooler" in the main house (New Mexico), but refrigerated air for the equipment room.
- 20:08
- Mickey Mouse
- The old cooler died from dust.
- 20:10
- Mickey Mouse
- I need to seal the room better, dust is always an issue.
- 20:10
- Mickey Mouse
- When I did network printer support at the airport they set a temp office for me in one of the server rooms. & nobody questioned me with my I.D. & shirt & tie, except going onto runway. crasy
- 20:11
- Mickey Mouse
- QUESTION: @Donald what was the name of that ether... graphical tool you mentioned? doesn't show packets
- 20:11
- Mickey Mouse
- In New Mexico water evaporates quickly enough.
- 20:11
- Mickey Mouse
- Etherape
- 20:11
- Mickey Mouse
- Thanks @Captain my captain
- 20:12
- Mickey Mouse
- Selfie sticks are banned from football grounds here in Ireland now
- 20:12
- Mickey Mouse
- It's better to use a selfie stick then using the mirror in your bathroom!
- 20:13
- Mickey Mouse
- Good morning, afternoon and evening everyone!!!!~~~~
- 20:13
- Mickey Mouse
- @Donald Exactly!!!!
- 20:13
- Mickey Mouse
- Good evening Wes
- 20:13
- Mickey Mouse
- Good afternoon, Wes
- 20:13
- Mickey Mouse
- Hey Wes!
- 20:13
- Mickey Mouse
- @Wes: haha
- 20:13
- Mickey Mouse
- I may need to reboot my Chromebox at an opportune time, I'm trying to set the Smart Lock feature.
- 20:14
- Mickey Mouse
- https://www.wireshark.org/docs/
- 20:16
- Mickey Mouse
- I use it infrequently (there isn't many issues thankfully), maybe I need to watch "normal" operation more.
- 20:17
- Mickey Mouse
- Hello Minnie, Chip, Goofy and Jiminy
- 20:18
- Mickey Mouse
- And Hello Duey!
- 20:18
- Mickey Mouse
- hello Wes! Welcome to the Matrix
- 20:19
- Mickey Mouse
- Hello to you as well D'artagan!!! and thank you sir!
- 20:20
- Mickey Mouse
- The sonicwall can detect this.
- 20:20
- Mickey Mouse
- Make sure you have permission or you will get a cold boot yourself
- 20:20
- Mickey Mouse
- 20:21
- Mickey Mouse
- but the sniffer only capture packets that go throught the NIC installed in the computer or the entire network?
- 20:21
- Mickey Mouse
- my old admin guy used to yell at me because I found ftp passwords. Took allot of convincing that ftp passed plaintext passwords..... Oh man.....
- 20:21
- Mickey Mouse
- @D'artagan You still may be held liable
- 20:21
- Mickey Mouse
- LOL
- 20:22
- Mickey Mouse
- depends where you port out to ...
- 20:23
- Mickey Mouse
- thank you
- 20:25
- Mickey Mouse
- what if they are in a different VLAN
- 20:25
- Mickey Mouse
- port scan
- 20:25
- Mickey Mouse
- syn flood?
- 20:25
- Mickey Mouse
- is that the -sS one?
- 20:25
- Mickey Mouse
- refusing ack back to establish connection
- 20:26
- Mickey Mouse
- wwwwoooooooooooo!
- 20:26
- Mickey Mouse
- Half open scan
- 20:26
- Mickey Mouse
- xmas
- 20:26
- Mickey Mouse
- I have been paying attention, honest
- 20:27
- Mickey Mouse
- Nice Minnie!!
- 20:27
- Mickey Mouse
- @Minnie: expect nothing less now lol
- 20:27
- Mickey Mouse
- I lost connection for a few minutes
- 20:28
- Mickey Mouse
- give us cool filters!
- 20:29
- Mickey Mouse
- https://wiki.wireshark.org/SampleCaptures
- 20:30
- Mickey Mouse
- Having a demostration or someone that knows how to use it is helpful.
- 20:30
- Mickey Mouse
- Add it to the link list! hah
- 20:30
- Mickey Mouse
- Don's videos are also very good, as has been mentioned.
- 20:31
- Mickey Mouse
- You can capture and replay voip too
- 20:31
- Mickey Mouse
- VoIP phone tapping!
- 20:31
- Mickey Mouse
- Win utils you need WPCAP.
- 20:34
- Mickey Mouse
- @Louie: Unfortunately, not g729 which is a very common codec. I think it only does g711. But definitely a cool feature.
- 20:34
- Mickey Mouse
- Monitor mode.
- 20:34
- Mickey Mouse
- You can see the beacons
- 20:34
- Mickey Mouse
- what about local hosts file?? can you feed wireshark a host file to use? maybe the zone transfer you captured??
- 20:34
- Mickey Mouse
- www.riverbed.com
- 20:34
- Mickey Mouse
- AirPcap
- 20:35
- Mickey Mouse
- brb
- 20:36
- Mickey Mouse
- @Chip: is that part of the aircrack suite?
- 20:36
- Mickey Mouse
- HOA
- 20:36
- Mickey Mouse
- Didnt think it worked for all situations, but I did it once and my boss thought that was pretty kewl.
- 20:37
- Mickey Mouse
- looks like I only missed one session?
- 20:37
- Mickey Mouse
- I'm doing a Chrome reboot, BRB.
- 20:38
- Mickey Mouse
- @Athos: just went through wireshark
- 20:38
- Mickey Mouse
- ah. cool. I didn't miss too much for me then. I have used that a lot.
- 20:39
- Mickey Mouse
- @Louie Robbins Sniffing section in links page now updated
- 20:39
- Mickey Mouse
- AFK
- 20:39
- Mickey Mouse
- @Jiminy... no
- 20:40
- Mickey Mouse
- @Chip: thanks, was just looking it up lol
- 20:41
- Mickey Mouse
- Riverbed AirPcap - Capture 802.11 WLAN packets for rapid, comprehensive analysis with your favorite packet-analysis software. This is the only Microsoft Windows-based wireless packet capture device fully integrated with Wireshark and Riverbed® SteelCentral™ Packet Analyzer. Choose among three affordable, easy-to-deploy versions: AirPcap Classic, AirPcap Tx, and AirPcap Nx.
- 20:41
- Mickey Mouse
- nice
- 20:42
- Mickey Mouse
- Captain my captain is right, it's not cheap
- 20:43
- Mickey Mouse
- I hope my new boss has a budget for tools
- 20:44
- Mickey Mouse
- or... utilize a free kali VM and $30 AWUS036NEH
- 20:45
- Mickey Mouse
- Either a good budget, or you have no way of detecting some things...
- 20:46
- Mickey Mouse
- Raspberry Pi + Wireless Dongle + USB Battery Pack
- 20:46
- Mickey Mouse
- But most of these tools are free.
- 20:46
- Mickey Mouse
- @Saunder - Awesome!
- 20:47
- Mickey Mouse
- @Duey... what kind of things can't you detect without a budget?
- 20:48
- Mickey Mouse
- @. If you need to do bluetooth sniffing, the Ubertooth One is the way to go. It's $120 and doesn't come with an enclosure but it's really fun
- 20:48
- Mickey Mouse
- Did anyone get their books yet?
- 20:48
- Mickey Mouse
- @Goofy I got mine from Amazon. 28 for a book isn't a bad deal
- 20:49
- Mickey Mouse
- ebook
- 20:49
- Mickey Mouse
- Its not signed though!
- 20:49
- Mickey Mouse
- @Goofy B. Yes, I've noticed.
- 20:49
- Mickey Mouse
- oh... @GoofyO are you a winner?
- 20:49
- Mickey Mouse
- Yep
- 20:50
- Mickey Mouse
- @Athos: As said, most of the software tools are free, but bosses/beancounters need to understand you need a "security budget", which means protection devices like firewalls, and keeping servers up-to-date...
- 20:52
- Mickey Mouse
- There are some helpful tools that do cost money, if a workplace is too cheap to spend money on protection, prepare to get hacked.
- 20:52
- Mickey Mouse
- true Duey
- 20:54
- Mickey Mouse
- boy they have come along way on forensic "all-in-one" devices/boxes.
- 20:54
- Mickey Mouse
- @Duey that is one of the hardest things to make them see.
- 20:54
- Mickey Mouse
- Ah gotcha Duey
- 20:54
- Mickey Mouse
- sorry it took so long i was going over the missed chat
- 20:54
- Mickey Mouse
- @Beem +1 that!!
- 20:55
- Mickey Mouse
- The person at the TD desk may want to keep their phone out of the camera's field of view.
- 20:55
- Mickey Mouse
- After they are hacked the first time, they see it very well.
- 20:55
- Mickey Mouse
- Especially if it caused them to lose money.
- 20:56
- Mickey Mouse
- Unfortunately it takes something to happen before they want to spend the money
- 20:56
- Mickey Mouse
- I have a Euro
- 20:56
- Mickey Mouse
- I will bet Home Depot and Target do not fight over a security budget
- 20:56
- Mickey Mouse
- back
- 20:56
- Mickey Mouse
- LOL @Goofy
- 20:56
- Mickey Mouse
- That is a big aspect to CEH, to get the company to proactively check for security flaws, before it is an issue.
- 20:57
- Mickey Mouse
- Which requires manpower
- 20:57
- Mickey Mouse
- That is what happen where I work now, we got hit with the cryptowall and now they don't mind spending the money
- 20:57
- Mickey Mouse
- The time to hit them is when the C levels at the same industry start talking about their getting hacked. The last thing most of them want is that type of scrutiny .
- 20:59
- Mickey Mouse
- Donald: is C,I,A, now extended to include: confidentiality, integrity, availability, privacy, authenticity & trustworthiness, non-repudiation, accountability and auditability?
- 20:59
- Mickey Mouse
- I saw it years ago with a budget that could have gone to 1.) better equipment or 2.) more people. We spent the money on better equipment, and that made it so we didn't need more people.
- 21:00
- Mickey Mouse
- @Jiminy Those are things that you need to be aware of for ISACA CISM
- 21:01
- Mickey Mouse
- @Minnie; thanks, I should've known to ask you first haha
- 21:03
- Mickey Mouse
- telnet
- 21:03
- Mickey Mouse
- @Jiminy it's a bit old now but lookup references to the McCumber Cube: https://en.wikipedia.org/wiki/McCumber_cube
- 21:06
- Mickey Mouse
- and home
- 21:07
- Mickey Mouse
- Yep
- 21:07
- Mickey Mouse
- Get rid of the e-mail client, and go to a secure webmail interface.
- 21:08
- Mickey Mouse
- @Minnie: thanks. captain,AA is how i remember it. lol
- 21:09
- Mickey Mouse
- @Jiminy, nice acronym!
- 21:11
- Mickey Mouse
- @Duey Drawback to web mail is it requires a live Internet connection .. Road warrior may not have it.
- 21:13
- Mickey Mouse
- Understood Chip, but that is getting better; Most people only run a mail client when they do have Internet access.
- 21:14
- Mickey Mouse
- @Chip... a true road warrior always has internet in todays age
- 21:15
- Mickey Mouse
- We get n to client sites where we cannot access outside resources and cell phones not allowed. Plus the interfaces on webmail are still very limited.
- 21:16
- Mickey Mouse
- gtocha... when you work in the government and pharma that does tend to happen
- 21:16
- Mickey Mouse
- Good tactic Donald.
- 21:18
- Mickey Mouse
- master key - key escrow -
- 21:25
- Mickey Mouse
- Is that it for the day??
- 21:25
- Mickey Mouse
- Thanks Donald and Mike
- 21:25
- Mickey Mouse
- when is fridays episoide going to be posted
- 21:25
- Mickey Mouse
- very soon
- 21:25
- Mickey Mouse
- like in an hour
- 21:25
- Mickey Mouse
- Thanks Donald and Mike
- 21:26
- Mickey Mouse
- Theyve been going up pretty quick
- 21:26
- Mickey Mouse
- Thanks Nathan
- 21:26
- Mickey Mouse
- Another great show
- 21:26
- Mickey Mouse
- crossing fingers
- 21:26
- Mickey Mouse
- cant wait
- 21:27
- Mickey Mouse
- its beer time again. I mean book
- 21:27
- Mickey Mouse
- lol Jiminy
- 21:27
- Mickey Mouse
- Again Thanks Mike & Donald.
- 21:27
- Mickey Mouse
- Hate to add to my nations steroetype, but I'm off for beers again tonight lol
- 21:27
- Mickey Mouse
- Id rather have a margarita
- 21:27
- Mickey Mouse
- Both sounds like a good idea - beer and book
- 21:27
- Mickey Mouse
- LOL@Jiminy
- 21:28
- Mickey Mouse
- Hazaa - nice show today! thanks everybody
- 21:28
- Mickey Mouse
- Congrats Duey!
- 21:28
- Mickey Mouse
- Cool.
- 21:28
- Mickey Mouse
- I'm an avid bottle collector! sounds way better than alcaholic lol
- 21:29
- Mickey Mouse
- Congrats Duey
- 21:29
- Mickey Mouse
- Congrats Duey!
- 21:29
- Mickey Mouse
- Gratz Beem!!!
- 21:29
- Mickey Mouse
- Woo, grats Duey!
- 21:29
- Mickey Mouse
- congrat @Duey
- 21:29
- Mickey Mouse
- Yes, @Dave ! Congrats.
- 21:29
- Mickey Mouse
- WTG Duey
- 21:29
- Mickey Mouse
- Congrats Duey
- 21:29
- Mickey Mouse
- Congrats Duey
- 21:29
- Mickey Mouse
- Thanks for another great show, see you tomorrow!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement