Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CEH Chat dialog for itpro.tv Day 9 Thursday 2 April 2015
- itpro.tv or itprotv or CEH or Certified Ethical Hacker:
- (Pseudonymised version - if I have missed something please let me know so I can remove it)
- 14:35
- Mickey Mouse
- good day to everyone regardless of time zones
- 14:35
- Mickey Mouse
- @Iago my connection is good
- 14:35
- Mickey Mouse
- try cleaning out your temp files... that seemed to help me the last time
- 14:35
- Mickey Mouse
- Good morning Geptto, O
- 14:36
- Mickey Mouse
- apparently streaming all day clunks up your system
- 14:36
- Mickey Mouse
- Hey @Daisy.
- 14:36
- Mickey Mouse
- I think it was my Pc. .memory leaks.. I am on my tablet and all is good..rebooting :?
- 14:36
- Mickey Mouse
- Hi Pinocchio, good day to you too
- 14:36
- Mickey Mouse
- HAPPY BIRTHDAY to ya...
- 14:36
- Mickey Mouse
- @Iago you muswt have a Windows box
- 14:36
- Mickey Mouse
- Happy WE (womb emancipation) Day
- 14:37
- Mickey Mouse
- must*
- 14:37
- Mickey Mouse
- nice
- 14:38
- Mickey Mouse
- @Daisy: missed a lot the last few days. will have to catch up the weekend
- 14:38
- Mickey Mouse
- @Daisy we say Happy Birthday because it will fit on a cake better
- 14:38
- Mickey Mouse
- I was just just going to comment that my live-stream did well yesterday and today, then my Chromecast dropped it.
- 14:38
- Mickey Mouse
- Yes @Geptto P.. I should switch to my Linux box
- 14:39
- Mickey Mouse
- Hi everyone, looks like I got home just in time!
- 14:39
- Mickey Mouse
- I missed the day before yesterday, because three cable guys had to fix my cable and internet... I went thrugh chat and missed a bunch. I'll have to catch up a bit too
- 14:39
- Mickey Mouse
- Welcomw Minnie
- 14:39
- Mickey Mouse
- Hiiii Minnie. Good afternoon to you
- 14:39
- Mickey Mouse
- BRB.
- 14:39
- Mickey Mouse
- Hey Minnie! We were already missing you
- 14:39
- Mickey Mouse
- Hi Minnie
- 14:39
- Mickey Mouse
- Good to see you this morn-noon
- 14:39
- Mickey Mouse
- Hi @Minnie. everyone was worried lol
- 14:39
- Mickey Mouse
- ha hah Geptto P... just saw your comment about the bday cake
- 14:40
- Mickey Mouse
- Nothing has started yet, just everyone wishing Donald a Happy Birthday.
- 14:40
- Mickey Mouse
- Hi Minnie
- 14:40
- Mickey Mouse
- I've got to go see about breakfast.
- 14:40
- Mickey Mouse
- Minnie=white hat hacker queen
- 14:40
- Mickey Mouse
- @Huey... doing that too, but for my dogs. lol
- 14:41
- Mickey Mouse
- Hi, all. Any idea what the application requirements for the CEH are? They say: Have at least two years of information security related experience. Educational Background that reflects specialization in information security. Does that mean 2 years as a sys admin and a bit of computer science course? Or does that mean being a junior pen tester with security related college coursework?
- 14:41
- Mickey Mouse
- would that make queen kat the black hat's queen?
- 14:41
- Mickey Mouse
- Hi Duey, welcome
- 14:41
- Mickey Mouse
- LOL@Iago - one day
- 14:42
- Mickey Mouse
- OH... i just realized that we are finally in the month that Game of Thrones comes back
- 14:42
- Mickey Mouse
- this should be a good season
- 14:42
- Mickey Mouse
- IF you already read the books
- 14:42
- Mickey Mouse
- yeah cant wait for GOT
- 14:43
- Mickey Mouse
- Hi Minnie
- 14:43
- Mickey Mouse
- I've read the books and am up on the gossip... apparently this year everything changes... don't know if I'll like it
- 14:43
- Mickey Mouse
- annnnnnnd waiting on Donald.... these kids and their video games
- 14:43
- Mickey Mouse
- +1 goT will be awesome
- 14:43
- Mickey Mouse
- @Louie!!! love GoT!
- 14:44
- Mickey Mouse
- @Duey: it will differ from person to person. But 2-4 yrs on job experience
- 14:44
- Mickey Mouse
- Good morning Bambi H.... I've read some of them too
- 14:44
- Mickey Mouse
- Good afternoon @Minnie
- 14:44
- Mickey Mouse
- @Minnie - are you sharing the notes that are stored on Mindjet? I tried to access them but can't see them
- 14:44
- Mickey Mouse
- Morning Daisy O!
- 14:44
- Mickey Mouse
- I have all the books, but stopped reading so I wouldn't ruin the show for myself
- 14:45
- Mickey Mouse
- Hello Everyone
- 14:45
- Mickey Mouse
- Morning Daisy
- 14:45
- Mickey Mouse
- @Pinocchio - is it often people get denied?
- 14:45
- Mickey Mouse
- Ok, what is Donald playing with?
- 14:45
- Mickey Mouse
- Hi D'artagnan
- 14:46
- Mickey Mouse
- @Athos: http://www.metageek.com/products/wi-spy/?utm_expid=190328-107.NZ75ac_XRmymDmGyLaY1Qw.0
- 14:46
- Mickey Mouse
- @Duey D: I don't have the answer to that one, sorry
- 14:46
- Mickey Mouse
- Good Morning Porthos
- 14:47
- Mickey Mouse
- @Aramis W I was only posting the links shared by course and people in chat room
- 14:47
- Mickey Mouse
- @Donald the rule is to get your free lunch you can only have 1 birthday a year sorry
- 14:48
- Mickey Mouse
- @Aramis W: https://forums.itpro.tv/topic/353/ceh-useful-links
- 14:48
- Mickey Mouse
- It means three years in the IT trenches.
- 14:48
- Mickey Mouse
- @Aramis W however - if you want I could share my mindmaps as well, no reason why not if I sanitise first
- 14:48
- Mickey Mouse
- 14:48
- Mickey Mouse
- FYI - https://bitly.com/itpro-ceh-links which resolves to https://forums.itpro.tv/topic/353/ceh-useful-links
- 14:48
- Mickey Mouse
- @Minnie... I'm all for that as well
- 14:49
- Mickey Mouse
- Thanks Minnie!
- 14:49
- Mickey Mouse
- Hey Minnie.... do we have the rest of the chat logs for this week anywhere? Tuesday and Wednesday?
- 14:49
- Mickey Mouse
- Thanks for the info! And happy bday Donald.
- 14:49
- Mickey Mouse
- Thanks Minnie, I didn't bookmark the bit.ly
- 14:49
- Mickey Mouse
- I'm back. Had to catch up on some tickets that came in overnight.
- 14:49
- Mickey Mouse
- Minnie - considering how organized you are on your links, I'd love to have your notes too - I've just been using notepad.
- 14:49
- Mickey Mouse
- Greetings. Live long and prosper
- 14:49
- Mickey Mouse
- I've been using a physical notepad
- 14:49
- Mickey Mouse
- @D'artagnan I have them but I haven't sanitised them to post yet - been out and about will do though
- 14:50
- Mickey Mouse
- @Aladdin, sure
- 14:50
- Mickey Mouse
- @Minnie - I don't want you to go to any trouble Minnie - I saw the links that apparently were to your notes so I was interested. Thanks
- 14:51
- Mickey Mouse
- @Minnie: Where & when can we pick up your book? haha
- 14:51
- Mickey Mouse
- @Pinocchio lol
- 14:52
- Mickey Mouse
- Are there any better options than SQL?
- 14:54
- Mickey Mouse
- @Aramis @Donald Thanks
- 14:55
- Mickey Mouse
- is a lot just Checking for regular expressions?
- 14:55
- Mickey Mouse
- Who keeps entering their name as Tommy Droppable on my website
- 14:56
- Mickey Mouse
- @Minnie Your notes are wonderful. Thanks for sharing
- 14:56
- Mickey Mouse
- I just got mindjet... it's very MS Office looking
- 14:57
- Mickey Mouse
- @GepttoP yw @LouieS it is nowadays, but I live by it for all my study notes, work project planning, etc.
- 14:58
- Mickey Mouse
- This is a good SQL Injection resource I found: http://resources.infosecinstitute.com/tutorial-on-sqli-labs/
- 14:59
- Mickey Mouse
- Thanks @Louie
- 14:59
- Mickey Mouse
- yw
- 15:00
- Mickey Mouse
- @Minnie... i don't mind that it's MS office looking. makes it less intimidating to learn a new pice of software
- 15:00
- Mickey Mouse
- sqlmap is a great tool
- 15:00
- Mickey Mouse
- Thanks Louie
- 15:00
- Mickey Mouse
- http://sqlmap.org/
- 15:01
- Mickey Mouse
- Thanks @Porthos
- 15:01
- Mickey Mouse
- @Porthos thanks
- 15:01
- Mickey Mouse
- thanks Porthos
- 15:01
- Mickey Mouse
- Thanks Porthos
- 15:01
- Mickey Mouse
- It's already in Kali
- 15:02
- Mickey Mouse
- And who isn't running some form of SQL in their business environment these days?
- 15:02
- Mickey Mouse
- My wife doesn't use SQL for her Photography
- 15:02
- Mickey Mouse
- Sorry Huey had to play devils advocate
- 15:03
- Mickey Mouse
- I use sql alot at work
- 15:03
- Mickey Mouse
- We use SQL alot here too.
- 15:03
- Mickey Mouse
- lost my feed
- 15:04
- Mickey Mouse
- drop database website;
- 15:04
- Mickey Mouse
- Only you Porthos f5
- 15:04
- Mickey Mouse
- a must have book http://www.amazon.co.uk/gp/product/1494295504?psc=1&redirect=true&ref_=oh_aui_detailpage_o09_s00 RTFM: red Team Field Manual
- 15:05
- Mickey Mouse
- @Porthos: I lost mine for a bit too
- 15:05
- Mickey Mouse
- @Porthos I have that - it might actually make sense after this course now
- 15:05
- Mickey Mouse
- and another good book is The Hacker Playbook: Practical Guide To Penetration Testing . http://www.amazon.co.uk/gp/product/1494932636?psc=1&redirect=true&ref_=oh_aui_detailpage_o09_s00
- 15:06
- Mickey Mouse
- @ Porthos, I would grab that.... but i think I should stop spending money after mindjet
- 15:06
- Mickey Mouse
- The RTFM Book is always in my rucksack
- 15:07
- Mickey Mouse
- still no feed
- 15:07
- Mickey Mouse
- Make sure to wash all user input before enter it to database
- 15:07
- Mickey Mouse
- Wow, I'm gonna be distracted today. Members are needy today.
- 15:08
- Mickey Mouse
- http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470
- 15:08
- Mickey Mouse
- Porthos alternative device to try?
- 15:10
- Mickey Mouse
- Thanks @Pinocchio
- 15:11
- Mickey Mouse
- Thanks Pinocchio
- 15:12
- Mickey Mouse
- I'm not all the way through it. but great feedback about it!
- 15:12
- Mickey Mouse
- Is Jumbo in chat?
- 15:12
- Mickey Mouse
- He was earlier
- 15:12
- Mickey Mouse
- he is in... the question is he afk
- 15:12
- Mickey Mouse
- yup
- 15:13
- Mickey Mouse
- Yup
- 15:13
- Mickey Mouse
- but he only said good morning
- 15:13
- Mickey Mouse
- @Aramis... you should ask Don for a toys....erm... tools budget
- 15:14
- Mickey Mouse
- I wanted to thank him for reminding me to play with Armitage. Had a play last night which was fun although I think I want to learn the tools nuts and bolts before using a nice interface like that
- 15:14
- Mickey Mouse
- me too
- 15:14
- Mickey Mouse
- Yeah , I'm back
- 15:14
- Mickey Mouse
- phew! I just tested my private cloud and it's all good
- 15:15
- Mickey Mouse
- I think we can all agree this is the hardest point to grasp
- 15:15
- Mickey Mouse
- Ah Jumbo - that thank you was for you
- 15:15
- Mickey Mouse
- are you kidding. Database and sql is life.
- 15:15
- Mickey Mouse
- I find this exiting @Aramis R
- 15:15
- Mickey Mouse
- Depends if you a DB Admin
- 15:15
- Mickey Mouse
- like Lazlo from Real Genius.
- 15:15
- Mickey Mouse
- Correct @. DBs are everywhere and hold our data.
- 15:15
- Mickey Mouse
- Database? I use Excel to organize data.
- 15:16
- Mickey Mouse
- your welcom
- 15:17
- Mickey Mouse
- LOL @Captain my captain
- 15:17
- Mickey Mouse
- yeah and access is really clunky
- 15:17
- Mickey Mouse
- "Axcel". nice.
- 15:17
- Mickey Mouse
- excel is pretty elegant at this point
- 15:18
- Mickey Mouse
- hate on it all you want... it's a beast
- 15:18
- Mickey Mouse
- A few years ago someone did a survey, and found out a high percentage of people were using it to organize data.
- 15:18
- Mickey Mouse
- you can even use SQL on PCAP's now https://code.google.com/p/pcap2sql/
- 15:18
- Mickey Mouse
- darn row limits... heh
- 15:18
- Mickey Mouse
- Main Reason most accountants will fight you tooth and nail to change to something else
- 15:18
- Mickey Mouse
- I hate web dev
- 15:18
- Mickey Mouse
- @ Aladdin Wasn't he in Beverly Hills Cop?
- 15:18
- Mickey Mouse
- +1 for Excel, I love it
- 15:18
- Mickey Mouse
- wasn't that just "Axel"" heh
- 15:19
- Mickey Mouse
- calc and excel
- 15:19
- Mickey Mouse
- Re accountants - at an unnamed organisation they wanted to go full Google apps for work instead of Office365
- 15:19
- Mickey Mouse
- They have ended up doign both as accountants want their excel
- 15:19
- Mickey Mouse
- For most users Apple Numbers, Google Sheets or open source will do
- 15:19
- Mickey Mouse
- I haven't figured out how to Fill in any direction for Google Sheets.
- 15:20
- Mickey Mouse
- @Huey... google sheets can't handle the same stuff
- 15:20
- Mickey Mouse
- I love that [selection] Ctrl-D.
- 15:21
- Mickey Mouse
- once you go over ... i think it was a 40 meg file.... it just crashes
- 15:21
- Mickey Mouse
- what if Donald is really using this as S.E. to pentest itpro with all his gadgets
- 15:21
- Mickey Mouse
- It seems Excel is a good alternative to those who only have it as a resource or just don't know any better right?
- 15:22
- Mickey Mouse
- I am not a database guy myself
- 15:23
- Mickey Mouse
- libre office calc has worked well for me but I don't write big sheets
- 15:23
- Mickey Mouse
- @Jumbo... i would say for ALMOST everyone... excel alternatives would be fine
- 15:23
- Mickey Mouse
- @Aramis Thanks
- 15:24
- Mickey Mouse
- Accountants, data analysts, data miners, etc
- 15:24
- Mickey Mouse
- they need it
- 15:24
- Mickey Mouse
- yeah - simple stuff, no need to pay for msoffice. just use freebies.
- 15:24
- Mickey Mouse
- Hopefully, there is a mark5 PineApple.
- 15:24
- Mickey Mouse
- @Louie: I generally compile information in Excel, then convert to Sheets when finished.
- 15:25
- Mickey Mouse
- @Aladdin for most users I agree.
- 15:25
- Mickey Mouse
- @Geptto... there is
- 15:25
- Mickey Mouse
- Are mobile phones covered in the CEH Cert?
- 15:25
- Mickey Mouse
- Sweet
- 15:25
- Mickey Mouse
- I overheard them talking about it
- 15:26
- Mickey Mouse
- I wouldn't laugh since I switched to a wallet that blocks rfid this year
- 15:26
- Mickey Mouse
- Those things are so awesome.
- 15:26
- Mickey Mouse
- @Captain my captain is this the link you meant? http://www.cometohack.com/2014/05/5000-fresh-google-dorks-list-for-sql_7713.html
- 15:26
- Mickey Mouse
- weird: my chrome session will not display all the chat messages. but my tablet did. I just logged with IE and the chat is fine...hmmm
- 15:26
- Mickey Mouse
- @ Aramis Thanks again
- 15:27
- Mickey Mouse
- Have you ever used devices to read rfid chips as part of testing?
- 15:27
- Mickey Mouse
- U.S. Passports of the last few years have RFID in the back cover.
- 15:27
- Mickey Mouse
- @Scrooge, are you in the UK?
- 15:27
- Mickey Mouse
- Yes for Abutmas
- 15:27
- Mickey Mouse
- block it pocket is another one
- 15:27
- Mickey Mouse
- East Coast US
- 15:27
- Mickey Mouse
- i seen them give out them wallets on defcon
- 15:27
- Mickey Mouse
- i played with device controler rfids and tags for fun
- 15:28
- Mickey Mouse
- in the US it's almost unnecessary. Most people dont that the RFID chips and any of their cards
- 15:28
- Mickey Mouse
- I did virustotal it firt
- 15:28
- Mickey Mouse
- Will be required by end of this year
- 15:28
- Mickey Mouse
- For MC and Visa
- 15:28
- Mickey Mouse
- overseas.. .almost all of their card have a PKI chip in them
- 15:28
- Mickey Mouse
- Already have two with chips
- 15:29
- Mickey Mouse
- @Minnie thanks but it did ask me to install a plug-in so I stopped
- 15:29
- Mickey Mouse
- uBLOCK
- 15:29
- Mickey Mouse
- @Scrooge... I think that IPv6 was mandatory as well lol
- 15:29
- Mickey Mouse
- https://blog.udemy.com/sql-injection-tutorial/
- 15:29
- Mickey Mouse
- Thanks Aramis
- 15:30
- Mickey Mouse
- Oh no , I have to reboot Grrrrr,
- 15:30
- Mickey Mouse
- I post this from time to time very important since faraday cages are mentioned. http://www.futurescience.com/emp/emp-protection.html
- 15:30
- Mickey Mouse
- CC companies will be more likely to do it if it is costing them money
- 15:30
- Mickey Mouse
- I expect if they don't the govt will force it
- 15:31
- Mickey Mouse
- @Scrooge are you in US?
- 15:31
- Mickey Mouse
- just got first cc with rfid from bank... i don't think they've enabled all the features though.
- 15:31
- Mickey Mouse
- all European CC have Chip and Pin, works well to majorly reduce fruad
- 15:32
- Mickey Mouse
- @Geptto Thanks for the link
- 15:32
- Mickey Mouse
- Yw
- 15:32
- Mickey Mouse
- converted to pdf is 41 pages. I did that in case the site disappears.
- 15:33
- Mickey Mouse
- Thanks Geptto
- 15:33
- Mickey Mouse
- yw Abu
- 15:34
- Mickey Mouse
- @GepttoP I've extracted the text from the site and saved as plain text file
- 15:35
- Mickey Mouse
- I use Evernote to grab this web pages and catalog them for later. Gets all the text on the page.
- 15:35
- Mickey Mouse
- I use evernote too but wasn't sure if it would capture any other code from the page. can you do a plain text cap with Evernote?
- 15:36
- Mickey Mouse
- OWASP had test sites sql injection. not sure they are still up. https://www.owasp.org/
- 15:36
- Mickey Mouse
- Evernote is awesome. Minnie is a smart cookie.
- 15:36
- Mickey Mouse
- @Minnie Did you post the text?
- 15:37
- Mickey Mouse
- thats cool
- 15:37
- Mickey Mouse
- pastebin or forum?
- 15:37
- Mickey Mouse
- You can do plain text capture with Evernote. Use it all the time.
- 15:38
- Mickey Mouse
- @Athos how? I know I can strip out stuff with ctrl+space once captured - but how do you capture text only with no html code from webpage?
- 15:39
- Mickey Mouse
- Use the web clipper app in your browser and then just select Simplified text from the capture menu.
- 15:40
- Mickey Mouse
- It does not *always* work depending on the page but at least 90+
- 15:41
- Mickey Mouse
- That would be the Evernote web clipper app in the toolbar.
- 15:41
- Mickey Mouse
- Hmm, firefox add in doesn;t appear to have that simplified text option - will play around later
- 15:41
- Mickey Mouse
- I use Safari, may be different.
- 15:42
- Mickey Mouse
- That is the most powerful user is schema admin
- 15:42
- Mickey Mouse
- Can sql be stopped by just checking for "regular expressions" (RegEx) ?
- 15:42
- Mickey Mouse
- ^^
- 15:43
- Mickey Mouse
- @Minnie and Athos Thanks for the info
- 15:44
- Mickey Mouse
- Afternoon all
- 15:44
- Mickey Mouse
- Hi Jafar
- 15:45
- Mickey Mouse
- @Porthos - you got your stream back?
- 15:45
- Mickey Mouse
- Hello Jafar
- 15:45
- Mickey Mouse
- Hi Jafar
- 15:45
- Mickey Mouse
- Hi Jafar
- 15:46
- Mickey Mouse
- Chrome supports the simplified text capture as well, at least on OS X...
- 15:47
- Mickey Mouse
- If I remember correctly evernote started it's plugins on chrome then expanded out
- 15:47
- Mickey Mouse
- SO in theory, Chrome will have the most up to date features
- 15:47
- Mickey Mouse
- Using Parameter checking on object types helps mitigate it. Or using Object Relational Mappers like Entity Framework and Hibernate to name a few
- 15:47
- Mickey Mouse
- Hey Everyone!!!
- 15:47
- Mickey Mouse
- @Donald - What programming language would you consider a good start for this industry. Currently, I've been working on Python (because you can do some amazing things with python + powershell), however, my boss wants me to focus on security now. I hear you on SQL.... which I hate with a passion lol.... but how would you rate the usefulness in Python in what you do?
- 15:48
- Mickey Mouse
- i settled on learning python
- 15:48
- Mickey Mouse
- Python is a good jump start and a LOT of hacking tools are born from it
- 15:48
- Mickey Mouse
- Was evernote the one steve gibson moaned about and then leo got paranoid about and stopped using? lol
- 15:49
- Mickey Mouse
- @Jafar if so I missed that episode!
- 15:49
- Mickey Mouse
- I mean evernote is all in the cloud.... so... wouldn't be surprised... but if it is something you plan to be sharing it's obviously the way to go
- 15:50
- Mickey Mouse
- There was a flaw. What they moaned about was keeping CC Numbers, Social Security Numbers and Tax returns in it
- 15:51
- Mickey Mouse
- .... why would anyone do that... tsk tsk
- 15:51
- Mickey Mouse
- @Scrooge that seems like it is not a good idea in whatever app you use
- 15:51
- Mickey Mouse
- Thanks guys for the input for my question
- 15:52
- Mickey Mouse
- @Minnie https://discussion.evernote.com/topic/36106-steve-gibson-trashes-evernotes-security/
- 15:52
- Mickey Mouse
- This is a good baseline if you want to maximise on time: http://www.amazon.com/SQL-Learn-DataBase-Programming-hours-ebook/dp/B00OICN7UG/ref=sr_1_5?ie=UTF8&qid=1427986312&sr=8-5&keywords=database+development
- 15:53
- Mickey Mouse
- Thanks guys enjoy lunch
- 15:53
- Mickey Mouse
- 64bit encryption.... WHAT?!
- 15:53
- Mickey Mouse
- Make them get you a steak for your birthday lunch
- 15:53
- Mickey Mouse
- Let the games begin!
- 15:54
- Mickey Mouse
- My bread and butter for 16 years
- 15:55
- Mickey Mouse
- Boomers are are gonna be rollling in.
- 15:55
- Mickey Mouse
- @Jafar reading now...
- 15:56
- Mickey Mouse
- Anyone know if that has changed in the past 2 years? I'd hope so!
- 15:58
- Mickey Mouse
- AES 128
- 15:58
- Mickey Mouse
- https://evernote.com/contact/support/kb/#!/article/23480996
- 15:59
- Mickey Mouse
- Gibson knows his stuff!
- 16:00
- Mickey Mouse
- Evernote has 2FA now. It's been implemented for some time now.
- 16:00
- Mickey Mouse
- Yes, I turned that on as soon as they launched it
- 16:01
- Mickey Mouse
- I really enjoy listening to Steve Gibson, he gets really excited about some of the topics he talks about
- 16:01
- Mickey Mouse
- @Aladdin Agreed. SOme is really too techie for me but his enthusiasm for his subject makes it interesting
- 16:01
- Mickey Mouse
- I'm back, long reboot
- 16:01
- Mickey Mouse
- @Louie thanks for link
- 16:01
- Mickey Mouse
- @Aladdin: Its a great show
- 16:01
- Mickey Mouse
- Evernote updated the security model shortly after Steve ranted on SN about it, justified rant. That made them take notice.
- 16:01
- Mickey Mouse
- Welcome back Porthos, hope stream sticks for you this time
- 16:02
- Mickey Mouse
- They disappeared
- 16:02
- Mickey Mouse
- I just love it when Steve roast ppl alive!
- 16:02
- Mickey Mouse
- ah... it's getting serious mode now. Aramis's got a dew
- 16:03
- Mickey Mouse
- 2FA is obviously good, but in my experience people in their day to day workings just wont want it cause they have to do something *extra* and they dont want to.
- 16:04
- Mickey Mouse
- i use it on everything I can... Most @FA implementation work with the google authenticator app on my phone as well
- 16:04
- Mickey Mouse
- The people at TWiT have some really great hosts on their shows.
- 16:04
- Mickey Mouse
- Manged to Crash VMWorkstaion taking out my PC so full reboot
- 16:04
- Mickey Mouse
- the amount of places i go and people are running their day to day machine as admin, and when i take them out of that group and turn UAC on, within a week they are moaning
- 16:04
- Mickey Mouse
- https://blog.evernote.com/blog/2013/05/30/evernotes-three-new-security-features/
- 16:04
- Mickey Mouse
- @Minnie, @Porthos: that read like you wanted his stream to stop working hehe
- 16:04
- Mickey Mouse
- Amazingly I didn't start the coffee this morning.
- 16:04
- Mickey Mouse
- @Aramis have to broken for lunch now?
- 16:04
- Mickey Mouse
- hmm. they didn't take me out for my birthday this week. heh
- 16:04
- Mickey Mouse
- I'm drinking less and less of it.
- 16:04
- Mickey Mouse
- Ha ha Donald
- 16:05
- Mickey Mouse
- Airplane mode only turns off OS but not the baseband.
- 16:06
- Mickey Mouse
- @Pinocchio I didn't mean it that way. British thing? stick as in stay
- 16:06
- Mickey Mouse
- Is it a Holiday in US tomorrow
- 16:06
- Mickey Mouse
- Porthos here to
- 16:06
- Mickey Mouse
- Put your phone in a faraday cage.
- 16:06
- Mickey Mouse
- and monday!! woohoo
- 16:07
- Mickey Mouse
- I know @Minnie
- 16:07
- Mickey Mouse
- Depends Porthos, typically not.
- 16:07
- Mickey Mouse
- Sorry read that is IT IS a
- 16:07
- Mickey Mouse
- 16:07
- Mickey Mouse
- sound?
- 16:07
- Mickey Mouse
- Where did the audio go?
- 16:07
- Mickey Mouse
- OH oh sound
- 16:08
- Mickey Mouse
- It just dropped out.
- 16:08
- Mickey Mouse
- Jason... stop messing with our minds
- 16:08
- Mickey Mouse
- That was fast
- 16:08
- Mickey Mouse
- My workplace will be closed tomorrow, but I'll probable come in to watch the last day of CEH.
- 16:08
- Mickey Mouse
- Porthos where in UK are you?
- 16:08
- Mickey Mouse
- ITPRO.tv must have been using wireless and was hacked??
- 16:08
- Mickey Mouse
- Near London
- 16:09
- Mickey Mouse
- lol
- 16:09
- Mickey Mouse
- Did you hear about the big fire yesteray?
- 16:09
- Mickey Mouse
- @Jafar You?
- 16:09
- Mickey Mouse
- Underground power and other cables caught fire and half of london lost power!!
- 16:10
- Mickey Mouse
- No thanks, they can keep it including their rental fees.
- 16:10
- Mickey Mouse
- I have a client in holborn way, and they are not even allowed into their office
- 16:11
- Mickey Mouse
- not good, It's still burning
- 16:11
- Mickey Mouse
- they are just pumping water underground in the hopes they can put it out!!
- 16:11
- Mickey Mouse
- Hi everyone, I've missed a fair bit of today. Have their been any practicals or is mainly just covering the concepts again?
- 16:11
- Mickey Mouse
- @AramisP you're here for the good stuff. They did soem SQL injection
- 16:11
- Mickey Mouse
- MickeyDs backbones off of ATT.
- 16:11
- Mickey Mouse
- I hope our friends in London are ok.
- 16:12
- Mickey Mouse
- Thought it was early for lunch lol
- 16:12
- Mickey Mouse
- AC3200, I have a router that supports that.
- 16:12
- Mickey Mouse
- Yeah thanks, they got evacuated quick;y
- 16:12
- Mickey Mouse
- Turn on isolation mode
- 16:12
- Mickey Mouse
- I was about 100 yards from there on tueday
- 16:12
- Mickey Mouse
- Are they going to cover some examples/practicals though?
- 16:12
- Mickey Mouse
- @AramisP Donald's got his kit behind him so I think so
- 16:13
- Mickey Mouse
- OK thanks. I'm hoping we get into some detail.
- 16:13
- Mickey Mouse
- LOL
- 16:14
- Mickey Mouse
- an old nokia is all the tech I bring on holiday
- 16:15
- Mickey Mouse
- @AramisP if you want detail I can strongly recommend VIvek's megaprimer: http://www.securitytube.net/groups?operation=view&groupId=9
- 16:15
- Mickey Mouse
- Cars are being hacked nowadays
- 16:15
- Mickey Mouse
- Superb thanks Minnie.
- 16:16
- Mickey Mouse
- thanks Minnie
- 16:17
- Mickey Mouse
- Municipal Wifi
- 16:17
- Mickey Mouse
- Yeah all my devices are wired, only have wifi for phonnes
- 16:17
- Mickey Mouse
- Wired and wireless here too. I still think wired best for online gaming
- 16:17
- Mickey Mouse
- @Minnie How come you have all this info at your finger tips
- 16:17
- Mickey Mouse
- some good stuff at http://www.elithecomputerguy.com/
- 16:17
- Mickey Mouse
- I have both here.
- 16:17
- Mickey Mouse
- I also have both wired and wireless
- 16:17
- Mickey Mouse
- @. My mindmaps
- 16:18
- Mickey Mouse
- I'm mostly wireless... the only thing wired are my servers
- 16:18
- Mickey Mouse
- 16:18
- Mickey Mouse
- @Pinocchio thanks
- 16:18
- Mickey Mouse
- The biggest joke is that if you have BT internet the router then send you has a public wifi enabled by default, and the worst part is that you cannot disable it on the device! you hvae to phone BT!!
- 16:18
- Mickey Mouse
- Comcast does the same crap.
- 16:18
- Mickey Mouse
- @Louie My network is a hybrid as well
- 16:19
- Mickey Mouse
- Geptto, it should be ilegal!!
- 16:19
- Mickey Mouse
- So basically anyone with a BT openzone account can sit outside my house and use my wifi!!
- 16:19
- Mickey Mouse
- I would think so. That is why I don't have any of their equipment. I have my own.
- 16:20
- Mickey Mouse
- @Geptto forgive me but who is BT?
- 16:20
- Mickey Mouse
- You can tell them to disable the wireless - I did
- 16:20
- Mickey Mouse
- Britiah telecom
- 16:20
- Mickey Mouse
- @GepttoP British Telecom is our major infrastructure provider of connectivity in the UK
- 16:20
- Mickey Mouse
- Thanks
- 16:20
- Mickey Mouse
- Just like Rogers in Canada.
- 16:21
- Mickey Mouse
- Yeah i dont use their router either, but 90% of users do
- 16:21
- Mickey Mouse
- 802.AD 60Ghz spectrium
- 16:21
- Mickey Mouse
- Well i dont use it for routing, its just a wifi point
- 16:22
- Mickey Mouse
- @Donald what about wi-fi cities? is that a big thing in the US? increasingly so here
- 16:22
- Mickey Mouse
- ... i'm a moron... trying to pint.. .think I have a hung document... try to kill it... doesn't wrok.. .restart print spooler service... try again... no joy... chekc printer... out of paper
- 16:22
- Mickey Mouse
- @Minnie: cant do mind maps. acronyms all the way
- 16:22
- Mickey Mouse
- so saying that, it wont work on openzone, but still you get the point lol
- 16:22
- Mickey Mouse
- @Minnie yes increasing here too
- 16:22
- Mickey Mouse
- Subnet/vlan will help to secure them.
- 16:23
- Mickey Mouse
- 802.11AD
- 16:23
- Mickey Mouse
- Cable companies here are selling wifi phones to compete with telcoms
- 16:23
- Mickey Mouse
- is the next gen
- 16:23
- Mickey Mouse
- Minnie you mean 4G in london?
- 16:24
- Mickey Mouse
- Does 802.11AD have any advantages over AC?
- 16:24
- Mickey Mouse
- @Jafar No. I mean local councils making deals with providers to provide public wi-fi in their town centres
- 16:24
- Mickey Mouse
- The broaden the speed and channel bonding to cover 60ghz.
- 16:24
- Mickey Mouse
- ahh
- 16:25
- Mickey Mouse
- those are lab control conditions
- 16:25
- Mickey Mouse
- Radio is a black art
- 16:25
- Mickey Mouse
- I noticed that the encryption was the same for 802.11n with 802.11ac but direct beaming might be a bit helpful
- 16:26
- Mickey Mouse
- There is also paint that you can use to block signals leaving your location.
- 16:27
- Mickey Mouse
- @Geptto O I didn't know about that stuff
- 16:27
- Mickey Mouse
- need that paint.
- 16:27
- Mickey Mouse
- Also keeps signals from coming in. Good luck with your cell phone
- 16:27
- Mickey Mouse
- just don't use it on internal walls.
- 16:27
- Mickey Mouse
- Oh, yeah. There is crazy stuff.
- 16:27
- Mickey Mouse
- I used to work at a design studio in london, and used a paint with iron filingsin it so they could use magnets and put drawings on the wall, that killed signals pretty dam good! lol
- 16:28
- Mickey Mouse
- @Geptto what material does the paint use for shielding?
- 16:28
- Mickey Mouse
- Do you paint the windows too???
- 16:28
- Mickey Mouse
- I don't remember the particulars right now. It's expensive though.
- 16:28
- Mickey Mouse
- Oh this wasnt on purpose at all,
- 16:28
- Mickey Mouse
- Lots of those paints plus the window film are illegal to use in the US without a federal permit usually for national security reasons
- 16:29
- Mickey Mouse
- lol figures.
- 16:29
- Mickey Mouse
- "land of the free"
- 16:29
- Mickey Mouse
- wow
- 16:29
- Mickey Mouse
- Thats like a SCIF room.
- 16:29
- Mickey Mouse
- Main reason is it blocks cell phones which is a 911 issue here
- 16:30
- Mickey Mouse
- now what did the world do before cell phones i wonder.......
- 16:30
- Mickey Mouse
- Calls to Emergency Medical/Police for those outside the US
- 16:30
- Mickey Mouse
- Thanks Scrooge I never thought of the cell phone issue
- 16:30
- Mickey Mouse
- There is a land line installed for thos problems.
- 16:31
- Mickey Mouse
- Question: Did we discuss when seeing a device MAC address, determining the vendor of that equipment for possible exploits?
- 16:31
- Mickey Mouse
- not yet Huey
- 16:31
- Mickey Mouse
- The higher the frequencies the more its can affect the weather.
- 16:31
- Mickey Mouse
- A movie theater put in suppressor for cell to keep phones from ringing during movies. He had a big fine for that one
- 16:32
- Mickey Mouse
- lol
- 16:32
- Mickey Mouse
- hmmm. i thought they all did that. heh
- 16:32
- Mickey Mouse
- Reduces your power output
- 16:32
- Mickey Mouse
- Anyone know of a good AC band AP ? I need one asap
- 16:32
- Mickey Mouse
- Older construction methods are effective RF blockers and are legal.. Aluminum windows screens, plaster walls for example
- 16:33
- Mickey Mouse
- Asus
- 16:33
- Mickey Mouse
- https://www.youtube.com/watch?v=DU8hg4FTm0g
- 16:33
- Mickey Mouse
- Ch#14 is japan only
- 16:34
- Mickey Mouse
- very intersting demo on cell phone blocking and stuff
- 16:34
- Mickey Mouse
- @Geptto - Yeah I use ASUS APs (Well routers as APs)
- 16:34
- Mickey Mouse
- 12 and 13 not US but ok for UK
- 16:34
- Mickey Mouse
- Hmm, didn't think we could use 14 here - have to check that
- 16:34
- Mickey Mouse
- @Minnie - the high numbers are good in the UK, as most manufacturers tend to keep the defaults to 1 or 6
- 16:34
- Mickey Mouse
- 14 would be considered a super channel.
- 16:34
- Mickey Mouse
- 14 is ok here I think
- 16:35
- Mickey Mouse
- @Aramis P 14 is only allowed in japan
- 16:35
- Mickey Mouse
- 1 6 and 11 are the only non overlapping channels if you are in a multi AP installation.
- 16:35
- Mickey Mouse
- time to go wardriving
- 16:35
- Mickey Mouse
- Ah just checked, you can use 14 in the UK for some governement work. Not home use
- 16:35
- Mickey Mouse
- You must have seen the pineapple wifi device?
- 16:35
- Mickey Mouse
- LOL Abu
- 16:35
- Mickey Mouse
- https://en.wikipedia.org/wiki/List_of_WLAN_channels
- 16:36
- Mickey Mouse
- here is a decent overview of the channels and how to... audit if someone is doing it wrong: https://www.youtube.com/watch?v=lUfLCko6GU4
- 16:36
- Mickey Mouse
- pilots need to work for their jobs... make it a bit exciting for them? heh
- 16:36
- Mickey Mouse
- ILS approach to your... AP?
- 16:38
- Mickey Mouse
- @AramisP thanks
- 16:38
- Mickey Mouse
- Lunch time?
- 16:38
- Mickey Mouse
- enjoy lunch guys
- 16:38
- Mickey Mouse
- Guys enjoy!
- 16:39
- Mickey Mouse
- Missed that whole section, B****y networks and users
- 16:39
- Mickey Mouse
- alright see you just in a bit
- 16:39
- Mickey Mouse
- Enjoy birthday lunch
- 16:39
- Mickey Mouse
- I'm out for a bit. Chow!
- 16:39
- Mickey Mouse
- Don't get to drunk
- 16:39
- Mickey Mouse
- Haha didnt know you had one there
- 16:39
- Mickey Mouse
- @Porthos... it was mainly threory... you haven't missed the demos yest
- 16:39
- Mickey Mouse
- didnt they used to be yellow?
- 16:39
- Mickey Mouse
- OK cya all. I'm off now until after the weekend (bank holiday in the UK tomorrow) so enjoy the rest of the shows
- 16:39
- Mickey Mouse
- @Porthos the content of the bit we just did is also covered here: http://www.securitytube.net/video/1757
- 16:40
- Mickey Mouse
- UK chatroomers have a good break!
- 16:40
- Mickey Mouse
- :Aramis P see you, have a good break!
- 16:40
- Mickey Mouse
- bye Aramis!
- 16:40
- Mickey Mouse
- Don;t get stuck in traffic
- 16:40
- Mickey Mouse
- @Minnie thanks
- 16:40
- Mickey Mouse
- bye Abu
- 16:40
- Mickey Mouse
- @Minnie thanks
- 16:40
- Mickey Mouse
- bye
- 16:40
- Mickey Mouse
- wow... .that's a good commercial
- 16:41
- Mickey Mouse
- right!
- 16:41
- Mickey Mouse
- I'm excited
- 16:42
- Mickey Mouse
- Yeah, I like their new commercial.
- 16:44
- Mickey Mouse
- BRB, got to get the car home to my wife.
- 16:44
- Mickey Mouse
- AFK - Back later
- 16:46
- Mickey Mouse
- Question for all, what ( if any ) do you use for a home firewall/router? at the mo i use Sophos UTM but looking for something else, so would like to know if you use/recommend something else?
- 16:47
- Mickey Mouse
- Clean URL for the SQL injection URL list: http://pastebin.com/CAA3zFV6
- 16:48
- Mickey Mouse
- Thanks Minnie
- 16:48
- Mickey Mouse
- @Minnie How many cert are going for
- 16:48
- Mickey Mouse
- see ya later guys & girls
- 16:49
- Mickey Mouse
- Bye Pinocchio
- 16:49
- Mickey Mouse
- heading to lunch see you later
- 17:07
- Mickey Mouse
- @. not sure I understand the question. I'm not intending to take CEH just yet but once I've got some practical experience under my belt I may well go for it later in the year
- 17:14
- Mickey Mouse
- @.... I use a netbios at home. but I've ripped apart the fire wall rules and custom locked down everything I don't use... I also enforce time of day restrictions on things when it makes sense... aka streaming ports are blocked between 1am and 7am... because no one in my house has insomnia
- 17:16
- Mickey Mouse
- ... also... I'm re-thinking my use of netbios because I've been noticing some symptoms on my network that are making me want to switch to a different firmware (ddwrt/tomato) and my model isn't supported. So I might recommend getting a more 'hackable model if you're just going to flash it anyway because the more hackable ones are easier to find new firmware to flash to.
- 17:16
- Mickey Mouse
- hope that helps
- 17:18
- Mickey Mouse
- Cool, thanks
- 17:25
- Mickey Mouse
- I am seriously thinking of going to ddwrt or tomato myself but have not made the leap
- 17:31
- Mickey Mouse
- @Bambi - ck ebay for a used Compatible unit and flash it. Of course, if you are really crazy you can do what a friend of mine did and buy a Meraki firewall for the house and pay for the security. He did that because with 3 girls and all the traffic he wanted to prioritize plus keep things out of the house. Expensive but very secure.
- 17:43
- Mickey Mouse
- @Jafar: I'm really thinking of having a system with pfSense soon, which hopefully will be modern enough and easy to install.
- 17:46
- Mickey Mouse
- Thanks for all the replies, Huey yeah a couple of people have mentioned PF sence
- 17:48
- Mickey Mouse
- For those that asked for chat logs: http://bit.ly/itpro-CEH-chat which resolves to https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links
- 17:48
- Mickey Mouse
- Thanks Minnie!
- 17:51
- Mickey Mouse
- Pfsense works very well. Used it a a client who had 150 employees. With Multiple NICS it handled the load. For a home situation it would be very good
- 17:52
- Mickey Mouse
- I have a rather dated Provencia M50 firewall, which had to be licenced, and has a horrible Java web interface.
- 17:53
- Mickey Mouse
- Provencia was bought out by IBM, which killed the older products for their new line.
- 17:54
- Mickey Mouse
- The M50 runs a proprietary version of Redhat, so I'm thinking that switching to pfSense will work.
- 17:54
- Mickey Mouse
- @Minnie thanks for taking into account the security of chat logs.
- 17:54
- Mickey Mouse
- @Huey - Do you have multiple internet connections?
- 17:55
- Mickey Mouse
- Dell bought out SonicWALL, which helped me revive a little TZ150 I use in my office.
- 17:55
- Mickey Mouse
- At home I am on our service, a conventional DSL line.
- 17:56
- Mickey Mouse
- I think if i went the dedicated device route i may grab a WatchGuard
- 17:56
- Mickey Mouse
- In my office, I've split off most of my systems to a DSL line there, but have the corporate LAN as backup.
- 17:56
- Mickey Mouse
- but dont think ill do that TBH
- 17:56
- Mickey Mouse
- @Huey - Pretty straight forward and you can use an older PC
- 17:57
- Mickey Mouse
- We had an older Watchguard on the corporate LAN that was replaced less than a year ago it was pretty nutty.
- 17:58
- Mickey Mouse
- @Scrooge: I'll repurpose the M50, as it is based around a dual PIII.
- 17:59
- Mickey Mouse
- I want to see what I can set up for internal interfaces, turn off NAT, etc.
- 18:00
- Mickey Mouse
- when you say "older" what sort of timeframe is that? cause if it had anything older then 10X was not great
- 18:01
- Mickey Mouse
- One of the familiar red external cases.
- 18:01
- Mickey Mouse
- In fact we had a few replacements around, the was my boss's baby.
- 18:02
- Mickey Mouse
- lol
- 18:02
- Mickey Mouse
- *that* was...
- 18:03
- Mickey Mouse
- My company mostly uses WG when a client needs a new firewall
- 18:03
- Mickey Mouse
- I've got good plans for the home network, I just need to get moving on them.
- 18:04
- Mickey Mouse
- What speed you have at home?
- 18:04
- Mickey Mouse
- We replaced the Watchguard with a SonicWALL.
- 18:04
- Mickey Mouse
- @Minnie Thanks for logs
- 18:05
- Mickey Mouse
- 6Mbps, which is adequate at the moment.
- 18:05
- Mickey Mouse
- @Abu @. yw
- 18:05
- Mickey Mouse
- I've offered to test our GPON plans.
- 18:06
- Mickey Mouse
- you get fiber home connections over there?
- 18:06
- Mickey Mouse
- You know, untottled some I can see how the equipment handles it.
- 18:06
- Mickey Mouse
- not to the door, but fiber to the nearest cabinet
- 18:06
- Mickey Mouse
- *unthottled*
- 18:07
- Mickey Mouse
- Stuff like that is just going in, us and competitors.
- 18:08
- Mickey Mouse
- is that just in your area?
- 18:09
- Mickey Mouse
- Yes, a rural environment.
- 18:09
- Mickey Mouse
- ahh ok
- 18:13
- Mickey Mouse
- What time they back onLine?
- 18:14
- Mickey Mouse
- soon.
- 18:14
- Mickey Mouse
- we're filing back now
- 18:20
- Mickey Mouse
- 1:30
- 18:21
- Mickey Mouse
- Me toggling the casting here.
- 18:23
- Mickey Mouse
- Just caught up on the social engineering segment I missed. With the emphasis on security training and awareness I can highly recommend this book by Rebecca Herold: http://www.amazon.co.uk/Managing-Information-Security-Awareness-Training/dp/1439815453
- 18:24
- Mickey Mouse
- @Donald you need to setup mame on your laptop
- 18:28
- Mickey Mouse
- OK @Minnie... what do you do?!?
- 18:28
- Mickey Mouse
- I have to know now?!?
- 18:30
- Mickey Mouse
- Retail > IT support > Project management > Service transformation > Information Management/Records Management/Open data, Data Protection (Information governance) > Information Security Management
- 18:30
- Mickey Mouse
- That's pretty much my path
- 18:30
- Mickey Mouse
- Jebus Abuty!
- 18:31
- Mickey Mouse
- You're gonna burn out! Or be the most awesome person ever! I was looking at that book and wondering about it. Thanks for the recommendation.
- 18:32
- Mickey Mouse
- I'm back. My help desk has been keeping me busy today. Pineapple goodness!
- 18:32
- Mickey Mouse
- Wow, I've got to remember to turn on sound too.
- 18:32
- Mickey Mouse
- @Minnie do you cook as well?
- 18:33
- Mickey Mouse
- Tell me about it Geptto, I've had those "distractions" too...
- 18:33
- Mickey Mouse
- Thanks for the link, Minnie
- 18:33
- Mickey Mouse
- @Abu I do but my husband is better
- 18:33
- Mickey Mouse
- @Abu... that said.. .her husband is a 5 start chef
- 18:33
- Mickey Mouse
- *star
- 18:34
- Mickey Mouse
- LOL food network diners driveins and dives great show!
- 18:34
- Mickey Mouse
- I now how you feel Geptto. Today has been slow but yesterday my phone was always ringing
- 18:34
- Mickey Mouse
- @Bambi It really is excellent. I think the success I had with training and awareness in my last role owed much to Rebecca's book
- 18:35
- Mickey Mouse
- @Daisy yw @Louie LOL, he wishes
- 18:35
- Mickey Mouse
- @Bambi how about you, what do you do?
- 18:35
- Mickey Mouse
- @Geptto, @Aladdin: I wish they would leave me alone from "work"
- 18:35
- Mickey Mouse
- @Louie I missed that
- 18:36
- Mickey Mouse
- Information Security Specialist at Mount Sinai Health System
- 18:36
- Mickey Mouse
- We have 4900 members and I'm the only one working it since I took over.
- 18:36
- Mickey Mouse
- Oh wait.. that's... you were talking to.
- 18:37
- Mickey Mouse
- She isn't as clear cut... You'll have to wait for her to answer lol
- 18:38
- Mickey Mouse
- @Geptto ouch
- 18:39
- Mickey Mouse
- Just looked @ our records. it's 4,681 across 245 chapters.
- 18:39
- Mickey Mouse
- oh wait... my attention to detail is off... you did want... arg.... I need to eat something.
- 18:39
- Mickey Mouse
- @Louie is it you responsible for the additional LinkedIn profiles hits this past week then
- 18:39
- Mickey Mouse
- lol no... i try not to share direct links... make people do something
- 18:40
- Mickey Mouse
- but if y7ou image here is the same one for linkedin..... it makes it easy
- 18:40
- Mickey Mouse
- Who has a linkedin profile. I have one too.
- 18:40
- Mickey Mouse
- I was about to connect on linkedin Minnie - but that was before i had chat so it would have been totally anonymous... lol
- 18:40
- Mickey Mouse
- Not everyone's linked in is as locked down as your's Minnie
- 18:40
- Mickey Mouse
- I guess that's another way we can "link": Through LinkedIn
- 18:41
- Mickey Mouse
- I don't think it's that locked down Louie
- 18:41
- Mickey Mouse
- My profile hasn't been updated much.
- 18:41
- Mickey Mouse
- I have mines open I want employers to find me.
- 18:42
- Mickey Mouse
- I ignore requests with no text generally
- 18:42
- Mickey Mouse
- I have 2fa on my linkedin.
- 18:43
- Mickey Mouse
- @Geptto that's fair enough - although you could have it locked and use the premium version for ashort time to get hits. I also use the 2fa
- 18:43
- Mickey Mouse
- that make sense. also if you aren't linked at all, you cannot view your profile
- 18:43
- Mickey Mouse
- Got to jump my work truck, BRB.
- 18:44
- Mickey Mouse
- Is audio still muted?
- 18:44
- Mickey Mouse
- No
- 18:44
- Mickey Mouse
- it's quiet but it is on
- 18:45
- Mickey Mouse
- I turned on 2fa on everything I can.
- 18:45
- Mickey Mouse
- Thanks
- 18:46
- Mickey Mouse
- @Geptto Yeah, likewise. I was quite unimpressed with Huddle who claim to be a corporate tool yet have no 2fa available
- 18:46
- Mickey Mouse
- Huh? Huddle never messed w/ them.
- 18:47
- Mickey Mouse
- Another cloud storage provider. UK gov quite fond of, at least one of our cabinet ministers was
- 18:47
- Mickey Mouse
- think of it as sharepoint lite
- 18:47
- Mickey Mouse
- To our stations!
- 18:48
- Mickey Mouse
- Ah, I see.
- 18:49
- Mickey Mouse
- that's what happens when you're late!
- 18:50
- Mickey Mouse
- Warp core overloads
- 18:50
- Mickey Mouse
- I have one
- 18:50
- Mickey Mouse
- Will have to turn on one of the wifi into monitor mode on the pineapple.
- 18:50
- Mickey Mouse
- rip majel... she was a good computer voice.
- 18:51
- Mickey Mouse
- Watch the lights dim when Donald powers up his toys
- 18:52
- Mickey Mouse
- What Don didn't tell you guys he was pentesting you?
- 18:53
- Mickey Mouse
- I'm back.
- 18:53
- Mickey Mouse
- Oh dear... someone nearby using WEP on their wifi
- 18:54
- Mickey Mouse
- Geptto half of Florida goes dark when he turns them on
- 18:54
- Mickey Mouse
- no one around here.... there is an open signal..... but not wep
- 18:54
- Mickey Mouse
- why do they still offer wep
- 18:54
- Mickey Mouse
- How about computer security in the Star Trek Series as an academic paper.
- 18:54
- Mickey Mouse
- ... that could be interesting Scrooge
- 18:54
- Mickey Mouse
- @Aladdin LOL
- 18:54
- Mickey Mouse
- Please knock the power out for the Florida telemarketers
- 18:55
- Mickey Mouse
- @Scrooge That's such a great idea that I wonder if someone's done it already
- 18:56
- Mickey Mouse
- Be a big hit a security conference
- 18:56
- Mickey Mouse
- Awesome!
- 18:56
- Mickey Mouse
- Does anyone know whether Closed Captions is available on the Live Stream?
- 18:56
- Mickey Mouse
- http://software-security.sans.org/downloads/appsec-2014-files/what-star-trek-tng-can-teach-us-about-the-future-of-computer-security-rsnake-hansen.pdf
- 18:56
- Mickey Mouse
- "Data" generates a 256-bit encryption key on the fly.
- 18:57
- Mickey Mouse
- http://hakshop.myshopify.com/collections/gadgets http://hakshop.myshopify.com/collections/wifi-pineapple-kits
- 18:57
- Mickey Mouse
- M, we are just beginning to roll out CC for our recorded content library, so getting something for the live stream isn't on our radar right now
- 18:57
- Mickey Mouse
- for those who still don't know... that';s also the birthplace of the usb rubber ducky
- 18:57
- Mickey Mouse
- thanks
- 18:57
- Mickey Mouse
- Wonder if the presentation that goes with those slides is on youtube somewhere...
- 18:58
- Mickey Mouse
- Glad to hear that, Hercules
- 18:58
- Mickey Mouse
- Live Closed-Captioning is a challenge.
- 18:58
- Mickey Mouse
- The ducky & pineapple were just projects.
- 18:59
- Mickey Mouse
- @Scrooge Ah, not sure there is one, looks like it was done in jest but it would be very cool
- 18:59
- Mickey Mouse
- Voice-to-text is getting more accurate, but not close to 100%.
- 19:00
- Mickey Mouse
- For me Dragon is the best. Even on the keyboards on Android
- 19:00
- Mickey Mouse
- @Geptto... i would love the hack van
- 19:01
- Mickey Mouse
- @Will those are some cool dudes/dudettes there.
- 19:02
- Mickey Mouse
- Still happens today
- 19:03
- Mickey Mouse
- @Geptto voice commands on droid galaxy 5 phone pretty accurate
- 19:04
- Mickey Mouse
- @Abu are you talking google or samsung recognition
- 19:04
- Mickey Mouse
- marketing tactics = No lies!
- 19:04
- Mickey Mouse
- @Louie I guess that would be Samsung?
- 19:04
- Mickey Mouse
- People LOVE to test the limits of what they can do over wireless.
- 19:05
- Mickey Mouse
- expensive no joke! I paid a lot of $ for R8000
- 19:06
- Mickey Mouse
- $300?
- 19:06
- Mickey Mouse
- i hate wimax! I had to support that.
- 19:06
- Mickey Mouse
- @Daisy close.
- 19:06
- Mickey Mouse
- There is no difference using 802.11ac security wise except for the signal beaming
- 19:06
- Mickey Mouse
- I have an AC gigabit router... mine was $200 It an asus
- 19:07
- Mickey Mouse
- Asus just came out with AC3200. I'd sell the R8000 as long as I can load Tomato on it.
- 19:07
- Mickey Mouse
- I got an AC router for ~70
- 19:07
- Mickey Mouse
- I thought about getting the one you mentioned, but I liked the asus, and didn't want to spend too much more at that time
- 19:08
- Mickey Mouse
- @Daisy Good deal and not to get the R8000 and stay w/ Asus...
- 19:08
- Mickey Mouse
- Personally Daisy... I would go with the asus
- 19:08
- Mickey Mouse
- : )
- 19:09
- Mickey Mouse
- and when time warner started charging for their cable modems, I bought my own. I'm not paying them rent for a modem.
- 19:09
- Mickey Mouse
- Kismet is a nice wireless tool
- 19:09
- Mickey Mouse
- I did, Louie... bought it in January, I think.
- 19:09
- Mickey Mouse
- @Daisy Yep,
- 19:09
- Mickey Mouse
- nice
- 19:10
- Mickey Mouse
- @Abu, kismet is, as I currently know, the best way to capture btbb packets
- 19:10
- Mickey Mouse
- That's cause it's bridged.
- 19:10
- Mickey Mouse
- Did you see this from the other day? scan visualiser for airodump-ng http://hackoftheday.securitytube.net/2015/03/airodump-ng-scan-visualizer-ver-01.html
- 19:10
- Mickey Mouse
- wifi though.... it's a preference at this point
- 19:10
- Mickey Mouse
- I prefer aircrack-ng
- 19:11
- Mickey Mouse
- Netgear wireleass ap is my favorite
- 19:11
- Mickey Mouse
- Thanks Louie
- 19:11
- Mickey Mouse
- Has anyone had a good experience with Ubiquiti APs?
- 19:11
- Mickey Mouse
- I didn't see that Minnie but it's a good link. thanks
- 19:11
- Mickey Mouse
- Or bad for that matter
- 19:11
- Mickey Mouse
- lol
- 19:11
- Mickey Mouse
- SDR based wireless rough ap anyone?
- 19:12
- Mickey Mouse
- Or in the case of UK government ministers it could be they don't want to follow policy Mr Francis Maude
- 19:12
- Mickey Mouse
- Who also held the portfolio for cybersecurity - ironic much
- 19:13
- Mickey Mouse
- @Jafar - use have some Ubiquiti's here in the studio. They were rock solid for a year or two...and then one day they just kept dropping the signal.
- 19:13
- Mickey Mouse
- Gotta catch em all
- 19:13
- Mickey Mouse
- Mmmm, very easy to set up a travel router to mimic a location.
- 19:14
- Mickey Mouse
- winnie the pooh?
- 19:14
- Mickey Mouse
- @Hercules Did firmware cause or fix issue or did you end up just scraping them?
- 19:14
- Mickey Mouse
- and Tigger Too!!
- 19:15
- Mickey Mouse
- Flue has a decent WP on rogue AP detection http://www.fDueynetworks.com/content/Locating-rogue-802.11-Aps-Whitepaper-web
- 19:15
- Mickey Mouse
- *FDuey
- 19:15
- Mickey Mouse
- @ Scrooge lol
- 19:15
- Mickey Mouse
- not that I would know this... but all 2wirexxx/ATTxxx default PSKs are ten digit numbers
- 19:15
- Mickey Mouse
- It's a matter of mac addresses
- 19:15
- Mickey Mouse
- Nice. Thanks, Jafar
- 19:16
- Mickey Mouse
- @Daisy you're most welcome
- 19:16
- Mickey Mouse
- @Jafar thanks, adding to list
- 19:17
- Mickey Mouse
- @Minnie you bet
- 19:17
- Mickey Mouse
- Thanks Jafar will have to read later
- 19:17
- Mickey Mouse
- @Jafar - we still use them for guest and other use networks, but Ronnie Wong setup a Cisco AP that we use primarily.
- 19:18
- Mickey Mouse
- Mmmmm, donuts.
- 19:18
- Mickey Mouse
- @Hercules. Yea, we use all Cisco APs too, They have been rock solid. It would be nice to have an secondary option that was as reliable at a better price point.
- 19:19
- Mickey Mouse
- lol Huey
- 19:19
- Mickey Mouse
- I'm channeling Homer.
- 19:19
- Mickey Mouse
- Sure Aramis. Nice try
- 19:20
- Mickey Mouse
- a friend of mine has an old (I'll bet it's 20 feet across) satellite dish. Not in use - but I bet it would still pick up signals.
- 19:20
- Mickey Mouse
- I still can't work chopsticks lol
- 19:21
- Mickey Mouse
- cisco class
- 19:21
- Mickey Mouse
- Everyone else saw Megan of TWiT demonstrate the "Meerkat Hat" yesterday?....
- 19:21
- Mickey Mouse
- yaggi
- 19:22
- Mickey Mouse
- Or the new iPhone app where you put the phone in your mouth to have it read your caloric intake?
- 19:22
- Mickey Mouse
- @Hades. Meekat blew up.
- 19:22
- Mickey Mouse
- ha ha ha
- 19:22
- Mickey Mouse
- For those in chat, there's a good one on the various antennas n the security+ with ITpro.TV in this one: Network Administration Principles (ep: 00000101)
- 19:22
- Mickey Mouse
- Cool, thanks Minnie
- 19:23
- Mickey Mouse
- Thanks Minnie, i will check it out
- 19:23
- Mickey Mouse
- Thanks Minnie will watch
- 19:23
- Mickey Mouse
- @Minnie - Thanks for the lead
- 19:23
- Mickey Mouse
- I use Wifi Analyzer, which can make a noise as you close the AP....
- 19:23
- Mickey Mouse
- thanks Minnie
- 19:23
- Mickey Mouse
- However you do need to be connected to that network.
- 19:23
- Mickey Mouse
- brb
- 19:24
- Mickey Mouse
- Amateur Radio operators have the ability to use much more poser in the 2.4Ghz range including Wifi band. I believe we can use 5 watts which is a tremendous amount in that band.
- 19:24
- Mickey Mouse
- Here's Megan with the Meerkat Hat: https://www.youtube.com/watch?v=Rt-XacVGGAE
- 19:24
- Mickey Mouse
- http://www.wikihow.com/Make-a-Cantenna
- 19:25
- Mickey Mouse
- Aramis you gotta be able to make use of that
- 19:25
- Mickey Mouse
- Pringles can!!!
- 19:26
- Mickey Mouse
- sooo tired
- 19:26
- Mickey Mouse
- @D'artagnan saw that one:)
- 19:26
- Mickey Mouse
- i just got kicked in the face with the sleeping bug
- 19:26
- Mickey Mouse
- I used to do that in college because Klez was on our network and I wanted to play Counterstrike... pwning n00bs in my Ford Ranger parked in the middle of a subdivision LOL
- 19:27
- Mickey Mouse
- @D'artagnan nice lol
- 19:28
- Mickey Mouse
- Counterstrike needs more medi-kits
- 19:29
- Mickey Mouse
- Anyone remember the COPS episode (Las Vegas?) where they caught the guy war-driving, and he had people's identies written down?
- 19:30
- Mickey Mouse
- This is a reference that I have for different Cisco antennas that is pretty through. It has each antenna type with patterns http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/product_data_sheet09186a008008883b.html
- 19:31
- Mickey Mouse
- @Jafar nice link
- 19:31
- Mickey Mouse
- Thanks, the content is almost as long as the URL
- 19:33
- Mickey Mouse
- Antennas make more of a difference than power. A good antenna can make up for many other deficciencies
- 19:33
- Mickey Mouse
- I have no idea what to post in the chatroom today
- 19:34
- Mickey Mouse
- Nice one Jafar thanks.
- 19:34
- Mickey Mouse
- Thanks again Jafar. Good stuff.
- 19:34
- Mickey Mouse
- I have switched my organization to Meraki gear from Cisco. All remotely managed (since they are all over the US and I am Florida) and the WAP's have proven to be very good with adjustable power ranges and good security.
- 19:34
- Mickey Mouse
- yea, all of the good stuff is at the bottom
- 19:35
- Mickey Mouse
- @Athos - Love Meraki Equipment
- 19:36
- Mickey Mouse
- I have to manage HQ in Austin from here in Fla and I could not do it with Meraki.
- 19:36
- Mickey Mouse
- *without
- 19:38
- Mickey Mouse
- @Athos. Have you tried the Meraki switches or firewalls?
- 19:38
- Mickey Mouse
- I got a free Meraki AP for watching a webinar like being able to access from the internet.
- 19:38
- Mickey Mouse
- That's more then what if at frys electronics
- 19:40
- Mickey Mouse
- MR12 @Abu?
- 19:41
- Mickey Mouse
- I use the firewalls in two locations to create a VPN tunnel between offices. I also use a switch in one location and I have no issues with any of them.
- 19:41
- Mickey Mouse
- Check for the webinars, great way to get free gear from Meraki.
- 19:41
- Mickey Mouse
- Thanks
- 19:41
- Mickey Mouse
- @Abu +1
- 19:41
- Mickey Mouse
- We have not been impressed with the MR12
- 19:42
- Mickey Mouse
- other Meraki yes, just the MR12 doesnt perform very well.
- 19:43
- Mickey Mouse
- back
- 19:43
- Mickey Mouse
- @M think that's it ill check yes Athos worth the webinar LOL
- 19:43
- Mickey Mouse
- They sent me a MR18 for the webinar. I am trying to make time to put it through the ringer.
- 19:44
- Mickey Mouse
- MR18 seems to be a lot better
- 19:44
- Mickey Mouse
- We use MX60's, Z1's (office2office vpn) and MR18's for AP.
- 19:44
- Mickey Mouse
- I cant say for experience yet, but looking forward to testing it out
- 19:45
- Mickey Mouse
- Those are good @Athos, we also use MX90s and MS22P
- 19:45
- Mickey Mouse
- @Jafar nice can't beat the price
- 19:45
- Mickey Mouse
- Has anyone found any discount on Cisco Cert test?
- 19:45
- Mickey Mouse
- I do miss the CLI however
- 19:45
- Mickey Mouse
- Or any cert?
- 19:45
- Mickey Mouse
- @Abu true
- 19:46
- Mickey Mouse
- @Abu but they do get you on subscription
- 19:46
- Mickey Mouse
- @M CLI is great if you work in it a lot. FortunatelyWAN work is only a part of my job ..
- 19:47
- Mickey Mouse
- @Jafar Haven't gotten anything yet but expect soon
- 19:47
- Mickey Mouse
- @Athos - Agreed, but it is nice to know it is there as an alternative means of troubleshooting
- 19:50
- Mickey Mouse
- I cant tell you how many houses I have visited where the cable provider has used WEP to secure the modem/router combo.
- 19:50
- Mickey Mouse
- under 60 secs for wep
- 19:51
- Mickey Mouse
- When wifi came on the scene everyone was open!
- 19:51
- Mickey Mouse
- Older gaming consoles & handheld gaming consoles
- 19:52
- Mickey Mouse
- anyone else having video drops?
- 19:52
- Mickey Mouse
- I can't connect even with refresh
- 19:52
- Mickey Mouse
- i can't get anything at all
- 19:52
- Mickey Mouse
- fine here
- 19:52
- Mickey Mouse
- @Aladdin. I was yesterday. Better today
- 19:52
- Mickey Mouse
- everyone on att?
- 19:52
- Mickey Mouse
- http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
- 19:52
- Mickey Mouse
- @matt the Meraki supports SSH connections and a local interface. But still not full CLi
- 19:52
- Mickey Mouse
- 19:52
- Mickey Mouse
- Video is fine here also
- 19:53
- Mickey Mouse
- Video suddenyly stumbling here
- 19:53
- Mickey Mouse
- yeah - i had problems yesterday. att issue.
- 19:53
- Mickey Mouse
- good here
- 19:53
- Mickey Mouse
- It's under 10 now..... WOW!
- 19:53
- Mickey Mouse
- Damn that's fast
- 19:53
- Mickey Mouse
- QUSETION: which distro?
- 19:53
- Mickey Mouse
- @Athos. Good to know. I was not aware.
- 19:54
- Mickey Mouse
- The thing is, some places just dont have the money to upgrade, the company i work fro just took over IT for a school an they had 100meg switches, and their core network switch was about 20 years old. spanning tree was not even turned on, so kids would cause network loops that took ages to find!! so yeah some places still need wep wupport i suppose
- 19:54
- Mickey Mouse
- Note to self: shut down unused ports on switches when Donald is around.
- 19:54
- Mickey Mouse
- ha
- 19:54
- Mickey Mouse
- @Donald you should sell here on ITPRO.TV! lol
- 19:55
- Mickey Mouse
- haha
- 19:55
- Mickey Mouse
- note - someonle like Donald is always around.
- 19:56
- Mickey Mouse
- Kali
- 19:56
- Mickey Mouse
- @Jafar gotta try Kali
- 19:56
- Mickey Mouse
- Kali is Debian based so I guess not that one then
- 19:58
- Mickey Mouse
- Has anyone seen the TWiET episodes with Rafael Mudge?
- 19:58
- Mickey Mouse
- yeah those are good @Jafar
- 19:59
- Mickey Mouse
- Yeah, eye opening
- 20:00
- Mickey Mouse
- still could record the traffic and crack it later
- 20:00
- Mickey Mouse
- that's how i do it Aladdin
- 20:01
- Mickey Mouse
- yup - still a nightmare.
- 20:01
- Mickey Mouse
- pull a handshake with airodump-ng/aireplay-ng then use aircrack-ng convert to hashcat
- 20:05
- Mickey Mouse
- Using the gpu resources seems to be faster than the cpu
- 20:05
- Mickey Mouse
- yes and AMD is much better
- 20:06
- Mickey Mouse
- even though nvidia is better at claulating floating points... you want theose stream processors
- 20:06
- Mickey Mouse
- the more processing cores the faster you crack
- 20:06
- Mickey Mouse
- cuda cores in parallel work wonders
- 20:07
- Mickey Mouse
- HAK5 has the wifi pineapple
- 20:07
- Mickey Mouse
- it still takes me to ~24 hours to go through 10,000,000,000 combinations with my 980
- 20:07
- Mickey Mouse
- are there any known hacks when connected to "guess" networks? Because basically you get access but isolated, how to jump from there to the main network?
- 20:07
- Mickey Mouse
- ^^
- 20:08
- Mickey Mouse
- probe req are called beacon frames
- 20:08
- Mickey Mouse
- @Aladdin, now my video is getting random jitter (Level3).
- 20:09
- Mickey Mouse
- @Jafar - mine cleared up a few mins ago...
- 20:09
- Mickey Mouse
- Bunch of them hidden
- 20:10
- Mickey Mouse
- i must have a slow gpu cause I can't seem to get more than 2500. Up from the normal use of airmon-ng aircrack and those programs in Kali
- 20:10
- Mickey Mouse
- That is scary
- 20:10
- Mickey Mouse
- @greg????
- 20:10
- Mickey Mouse
- That's why MAC addresses should be matched.
- 20:11
- Mickey Mouse
- 2500 per second?
- 20:11
- Mickey Mouse
- if so it's probably cpu
- 20:11
- Mickey Mouse
- He's a doorman lol
- 20:11
- Mickey Mouse
- aircrack-ng itself only uses CPU
- 20:11
- Mickey Mouse
- i had long delays with short video once in a while. it cleared up 15 minutes ago or so.
- 20:11
- Mickey Mouse
- @Jumbo same here
- 20:12
- Mickey Mouse
- "why am i attaching to wifi-maui-hilton? i'm in gainesville?
- 20:12
- Mickey Mouse
- lol
- 20:13
- Mickey Mouse
- You can also ssh tunnel back through to see all of the activity.
- 20:13
- Mickey Mouse
- funny
- 20:14
- Mickey Mouse
- wow
- 20:14
- Mickey Mouse
- The systems are designed to connect to the strongest signal
- 20:14
- Mickey Mouse
- The box shows the SSID. Is there a way to see the BSSID of recent connected networks?
- 20:15
- Mickey Mouse
- Ha ha Donald
- 20:15
- Mickey Mouse
- lol
- 20:16
- Mickey Mouse
- YOU ARE AWESOME
- 20:16
- Mickey Mouse
- lol the air is free
- 20:16
- Mickey Mouse
- Juicy log files.
- 20:16
- Mickey Mouse
- LOL!
- 20:16
- Mickey Mouse
- The true beast reveals itself. Lol
- 20:16
- Mickey Mouse
- brb
- 20:17
- Mickey Mouse
- @Abu Yes if you use airmon-ng and probably other tools too.
- 20:18
- Mickey Mouse
- @Abu just fired it up on my Kali box here and BSSID is on left and ESSID on far right
- 20:18
- Mickey Mouse
- a lot of people swear by ESWA
- 20:18
- Mickey Mouse
- Nice Minnie!
- 20:18
- Mickey Mouse
- are there any known hacks when connected to "guess" networks? Because basically you get access but are isolated, how to jump from there to the main network?
- 20:18
- Mickey Mouse
- erm ewsa
- 20:19
- Mickey Mouse
- https://www.elcomsoft.com/ewsa.html
- 20:19
- Mickey Mouse
- @Iago probably but I haven't learned how to do that yet so will be interested in Donald's answer
- 20:19
- Mickey Mouse
- @Louie not cheap
- 20:21
- Mickey Mouse
- right
- 20:21
- Mickey Mouse
- @Captain my captain is it true you were particularly good at line dancing or was that made up for company profiles?
- 20:22
- Mickey Mouse
- @Minnie.. .true... and honestly... the only reason... it's user friendly
- 20:22
- Mickey Mouse
- it's not any faster. if anything it's slower
- 20:23
- Mickey Mouse
- I do like GUIs but fast learning that CLI seems to be the thing with pen testing
- 20:24
- Mickey Mouse
- i'm just speculating, but i expect you could host a malware link on your pc and inject into there http page. from there you have code running on their pc. if they are vpned into the company etc.... i have no exp..
- 20:24
- Mickey Mouse
- Haven't figured out how to use hashcat yet in Kali
- 20:25
- Mickey Mouse
- You lost me there Jumbo - are you talking about hopping?
- 20:25
- Mickey Mouse
- @ greg on sec I'll write you up some stuiffis
- 20:26
- Mickey Mouse
- getting them to run a buffer overflow exploit to get shell code running on there pc.
- 20:27
- Mickey Mouse
- @greg... amd or nvidia gpu?
- 20:27
- Mickey Mouse
- ah ok
- 20:27
- Mickey Mouse
- and 32 or 64 bit
- 20:27
- Mickey Mouse
- Nvidia 650x.
- 20:28
- Mickey Mouse
- if a person is browsing the internet using http you can inject anything into ther webpages to exploit them. then if it turns out they have a secure vpn connection to the corp network you have access
- 20:28
- Mickey Mouse
- 64
- 20:28
- Mickey Mouse
- 1. airmon-ng start wlan0 2. airodump-ng -w pwned mon0 3. aireplay -0 1 -a <bssid> -c <client mac> mon0 4. capture three way handshakes 5. wpaclean pwned pwned.cap 6. aircrack-ng -J pwned 7. cudahashcat64 -m 2500 pwned.hccap <path to wordlist>
- 20:29
- Mickey Mouse
- @Jumbo now I follow you
- 20:29
- Mickey Mouse
- I built the comp two years ago
- 20:29
- Mickey Mouse
- Oh that makes sense
- 20:30
- Mickey Mouse
- i realy only understand conceptualy. mostly from security now podcat
- 20:30
- Mickey Mouse
- @Louie what spec would you recommend for kali to run well in a vlab?
- 20:30
- Mickey Mouse
- yeah you can only run hashcat on hccap
- 20:31
- Mickey Mouse
- I always give it 4GB of ram so I don't have to worry about resources
- 20:31
- Mickey Mouse
- that said for the most part 1GB is good
- 20:32
- Mickey Mouse
- K
- 20:32
- Mickey Mouse
- i have lots of ram on my box so my kali has 4096 meg
- 20:32
- Mickey Mouse
- Only got 2Gb allocated to mine, I'll bump it up - thanks
- 20:33
- Mickey Mouse
- i had some feezing from tim to time. so for no more freez
- 20:33
- Mickey Mouse
- 8 gigs of ram is all I have
- 20:34
- Mickey Mouse
- 32 gig. i put together so i could practice vlab
- 20:34
- Mickey Mouse
- @Jumbo nice
- 20:34
- Mickey Mouse
- @greg... is it recognizing your GPU in the vm?
- 20:34
- Mickey Mouse
- For Linux 2GB memory works good for VM's from what I have found
- 20:35
- Mickey Mouse
- @Geptto... I would agree. The only reason I use 4 is because I like to put a lot of strain on things
- 20:35
- Mickey Mouse
- the freez i had could still turn out to be something else
- 20:39
- Mickey Mouse
- @Donald, so basically what we are learning here... is Don't use Wireless
- 20:39
- Mickey Mouse
- QUESTION: I've had pen test reports recommend we use obfuscation on teh SSID but I really don't see the point - is there any?
- 20:39
- Mickey Mouse
- lol
- 20:40
- Mickey Mouse
- lol
- 20:40
- Mickey Mouse
- lol
- 20:40
- Mickey Mouse
- lol
- 20:40
- Mickey Mouse
- Airborne!! HOAH!
- 20:40
- Mickey Mouse
- we use hidden SSID not for security but so SSID list is not cluttered - keep guests connecting to one you want
- 20:40
- Mickey Mouse
- Not at the comp right now.
- 20:41
- Mickey Mouse
- No any connect wireless device broadcasts SSID and mac address in the clear?
- 20:41
- Mickey Mouse
- Model numbers in the show notes please.
- 20:42
- Mickey Mouse
- Question: If an enterprise enviornment is requiring certs and network authentication is that reasonably secure?
- 20:42
- Mickey Mouse
- Righto, will have to weight it up with requirements at work
- 20:43
- Mickey Mouse
- year
- 20:44
- Mickey Mouse
- *yes
- 20:44
- Mickey Mouse
- @Minnie Would you happen to be posting the list of useful links you mentioned that you are building. I have been in and out of the sessions tied up with other tasks and not able to catch it all.
- 20:44
- Mickey Mouse
- What about using RADIUS
- 20:44
- Mickey Mouse
- RADIUS pops into my head now... donno why
- 20:45
- Mickey Mouse
- Is it reasonably secure to setup an enterprise wireless requiring both certs and network authentication?
- 20:45
- Mickey Mouse
- 802.1x with certs
- 20:45
- Mickey Mouse
- @Jafar FYI - CEH links thread - https://bitly.com/itpro-ceh-links which resolves to https://forums.itpro.tv/topic/353/ceh-useful-links
- 20:45
- Mickey Mouse
- @Jafar will update later/tomorrow
- 20:45
- Mickey Mouse
- Same minds D'artagnan
- 20:45
- Mickey Mouse
- Good afternoon/evening just got back online.
- 20:46
- Mickey Mouse
- @Minnie Awesome, thanks
- 20:46
- Mickey Mouse
- Steve Gibson would know. Lol
- 20:46
- Mickey Mouse
- lol yay
- 20:47
- Mickey Mouse
- Is there a way security admins can be alerted to rogue access points?
- 20:48
- Mickey Mouse
- Do you mean issuing and deploying specific wi-fi certs from your pki and using that for verification as part of authentication process? That's how we've done it previously
- 20:48
- Mickey Mouse
- Switch be necessary for home network?
- 20:48
- Mickey Mouse
- @Minnie., Yes
- 20:48
- Mickey Mouse
- Thanks @ Aramis
- 20:49
- Mickey Mouse
- Some brands of APs report rogue APs.
- 20:49
- Mickey Mouse
- Where I used to works there were 4 or 5 company built certs requierd
- 20:49
- Mickey Mouse
- That WiSpy is awesome, I have used it several times
- 20:49
- Mickey Mouse
- Those are cool but very expensive.
- 20:50
- Mickey Mouse
- Awesome! Thanks.
- 20:50
- Mickey Mouse
- you can get a directional antenna for that too
- 20:50
- Mickey Mouse
- Chanalizer?
- 20:51
- Mickey Mouse
- http://www.inssider.com/index2.html?utm_expid=80366919-52.xFTKjY6_QkGzl57I2-Qj1g.1
- 20:51
- Mickey Mouse
- @Donald, which bluetooth device do you use?
- 20:51
- Mickey Mouse
- FDuey!
- 20:52
- Mickey Mouse
- @Aramis thnk for link
- 20:52
- Mickey Mouse
- http://www.fDuey.com/
- 20:52
- Mickey Mouse
- They had a device on TWIET a while back for troubleshooting and monitoring Wireless activities
- 20:52
- Mickey Mouse
- forget what it is called
- 20:53
- Mickey Mouse
- Thanks Aramis
- 20:53
- Mickey Mouse
- @Aramis FDuey is the Electrical test tool division. www.fDueynetworks.com rather
- 20:53
- Mickey Mouse
- inssider is great for free
- 20:54
- Mickey Mouse
- U need to start a show called IT Weekly
- 20:54
- Mickey Mouse
- FDuey is also great for electrical test tools
- 20:55
- Mickey Mouse
- What do recommend for bluetooth?
- 20:55
- Mickey Mouse
- pwnapd
- 20:55
- Mickey Mouse
- Interesting link here: http://www.pcworld.com/article/2456620/airmagnet-wifi-security-tool-takes-aim-at-drones.html
- 20:55
- Mickey Mouse
- *pwnpad
- 20:55
- Mickey Mouse
- Thanks Aramis and Donald
- 20:55
- Mickey Mouse
- Pwnpad I want one
- 20:55
- Mickey Mouse
- @Minnie Did anyone mention http://map.ipviking.com/ or http://www.digitalattackmap.com/ ?
- 20:55
- Mickey Mouse
- Thanks very much for another excellent show.
- 20:55
- Mickey Mouse
- Awesome link @Minnie
- 20:56
- Mickey Mouse
- IT weekly, yes.
- 20:56
- Mickey Mouse
- Thanks guys and gals
- 20:56
- Mickey Mouse
- Great show guys
- 20:56
- Mickey Mouse
- Thanks Donald and Aramis great show
- 20:56
- Mickey Mouse
- thanks guys that was a fun segment
- 20:56
- Mickey Mouse
- @Jafar I've metnioned both those sites on previous days and they are in my links post
- 20:56
- Mickey Mouse
- Great show
- 20:56
- Mickey Mouse
- Cool.
- 20:56
- Mickey Mouse
- Thanks so much
- 20:57
- Mickey Mouse
- Give Minnie another book. she's awesome
- 20:57
- Mickey Mouse
- so best security of corporate wifi would be 802.1x and certificates?
- 20:57
- Mickey Mouse
- No Wes today for his drum roll
- 20:58
- Mickey Mouse
- @Aramis - Was there any information on getting my book replaced? D:
- 20:58
- Mickey Mouse
- I would say... certificates, radius, and requirement of domain authentication
- 20:58
- Mickey Mouse
- It looks like the link i provided earlier for finding rogue APs will allow you to provide info but not allow download of the whitepaper. I will see if I can find another link.
- 20:58
- Mickey Mouse
- +1 Louie
- 20:58
- Mickey Mouse
- +1 @Clarke!!
- 20:59
- Mickey Mouse
- Yeah, that'd be a lot of effort to get into that
- 20:59
- Mickey Mouse
- and by the time you have access to all of that info, why use wireless?
- 20:59
- Mickey Mouse
- http://7signal.com/
- 21:00
- Mickey Mouse
- I'm not hearing anything.
- 21:00
- Mickey Mouse
- I can't believe we only have one more day of this.
- 21:00
- Mickey Mouse
- Ok, that explains it.
- 21:00
- Mickey Mouse
- yeah these past two weeks have flown by
- 21:00
- Mickey Mouse
- No more live shows. That sucks
- 21:00
- Mickey Mouse
- Congrats
- 21:00
- Mickey Mouse
- Congrats!!!!
- 21:00
- Mickey Mouse
- Congrats
- 21:00
- Mickey Mouse
- WOW!
- 21:00
- Mickey Mouse
- congrats Daisy
- 21:01
- Mickey Mouse
- Woo - many congrats Daisy!
- 21:01
- Mickey Mouse
- ____Drum Roll____________________________
- 21:01
- Mickey Mouse
- Thanks guys!!!
- 21:01
- Mickey Mouse
- Grats!!
- 21:01
- Mickey Mouse
- Congrats @Daisy! Yay!
- 21:01
- Mickey Mouse
- Congrats Daisy
- 21:01
- Mickey Mouse
- Congrats Daisy
- 21:01
- Mickey Mouse
- Congrats!!!!
- 21:01
- Mickey Mouse
- Congreg Daisy
- 21:01
- Mickey Mouse
- YAY!!!!
- 21:01
- Mickey Mouse
- Thanks guys : )
- 21:01
- Mickey Mouse
- congratz!
- 21:01
- Mickey Mouse
- Yes, you did... the first time
- 21:02
- Mickey Mouse
- congrats Daisy
- 21:02
- Mickey Mouse
- thanks @ Aramis!
- 21:02
- Mickey Mouse
- Great show thanks
- 21:02
- Mickey Mouse
- See you all tomorrow. Quick reminder of links for you which I'll update tomorrow
- 21:02
- Mickey Mouse
- Ok dude
- 21:02
- Mickey Mouse
- There seem today delay on Roku
- 21:02
- Mickey Mouse
- FYI - CEH links thread - https://bitly.com/itpro-ceh-links which resolves to https://forums.itpro.tv/topic/353/ceh-useful-links
- 21:03
- Mickey Mouse
- I'm so stoked!
- 21:03
- Mickey Mouse
- Chow everyone!
- 21:03
- Mickey Mouse
- For those that asked for chat logs: http://bit.ly/itpro-CEH-chat which resolves to https://forums.itpro.tv/topic/351/ceh-chat-logs-privacy-and-links
- 21:03
- Mickey Mouse
- ROFL @Donald
- 21:03
- Mickey Mouse
- Night all
- 21:03
- Mickey Mouse
- 21:03
- Mickey Mouse
- Goodnight everyone, beeeer time, uk holiday
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement