Ed Smiley's Blog

As I looked at my calendar last weekend, I wondered why it was so packed.  Aside: Hey, I am a Sys Admin.  My meetings tend to be more spontaneous, like my computer is on fire or the website is down.

Turns out there were 6 great events going on this week:

1.  Pauldotcom put on Part 2 of Zen and the Art of an Internal Penetration Testing, which covered using tools such as Nessus, Core Impact, and Metasploit for tying vulnerability scanning, penetration testing and reporting into an efficient, repeatable testing process.  I did not get a chance to listen to all of this, but look forward to a recording being released at a later time.

2.  Rob Lee brought us Memory Analysis for Incident Responders and Forensic Analysts.  I thought that this was an incredible webcast which gave great insight about why memory analysis is important, which tools to use for acquisition and analysis, and sample cases on memory analysis.  I would highly recommend anyone interested in security/forensics to go back and listen to this webcast.  Also, version 1.3 of the SIFT Workstation just released, so be sure to pick that up.

3.  Larry Pesce brought us the monthly Late-Breaking Attack Vectors Webcast where he discusses the latest happenings in attacks.  Items covered were the every so popular Mikeyy Twitter worm, OS X botnets, and many others.  Larry did an excellent job and this webcast is always worth a listen.

4.  Chris Nickerson and Mike Murray discussed Modern Social Engineering Part II – Top 5 Ways to Manipulate Humans Over the Wire.  Social Engineering is a technique usually not discussed as much as using vulnerabilities or exploits to get inside a network, but Chris and Mike go deep into how to manipulate people.  They do an excellent job expanding on Part I and give real world examples throughout.  Also at the end there is a fairly long Q&A which discusses some interesting techniques.  If you would like to learn more, check out ChicagoCon coming up.  Looks like a great opportunity to interact with some of the great minds in security and it is cheap! ($100).  Also be sure to check out Chris’ new podcast Exotic Liability.

5.  Pauldotcom celebrated its 150th episode with a 12 hour extravaganza featuring guests such as Lenny Zeltser, Martin McKeay, Johnny Long, Stephen Northcutt, and many others.  This episode will surly keep you entertained for a long while to come!

6.  Mike Murray and Danni Lupisella presented on many of the threats that popped up in quarter 1 2009 in their Midnight Hacking webcast.  This was a great webcast that allowed for interaction directly with the presenters and covered great content such as mobile phone vulnerabilities, SSL exploits, and Conficker.  These appear to be monthly and I look forward to attending them on a regular basis.

A little while back this question came up to the SecurityTwits feed from michealc:

Well Micheal, here is your answer.  These types of webcasts are probably the best online security training you can have for the money (free).  They allow you to hear an excellent presentation from some of the best minds in information security and then interact with those great minds during question and answer sessions.  I have been to a few trainings in the last year or so, but some of these webcasts are much better as far as content, presenter knowledge and style.  Keep your eyes on Twitter and the securitytwits feed for great more great webcasts/podcasts.

An interesting article came up in my Google Reader tonight from Michael Krigsman of the IT Project Failures Blog on ZDNet.� He discusses how Twitter is dangerous to businesses and governments due to the rapid nature information can spread.� He ends with an interesting question: “Is Twitter a weak link in the security chain?”

First of all, I don’t think he is picking directly on Twitter, but the any social network tools like Twitter, Facebook, My Space, and numerous others.� While I do agree that posting something on Twitter could easily reach hundreds of thousands (and possibly millions) of people in minutes. The important part is that someone has to be typing the 140 characters into Twitter to begin with.� While you can loosely say Twitter is a weak link in the security chain, it is only as the facilitator.� The weaker link in the security chain can be multiple other things, such as the misunderstanding of the power of Twitter or even the direct message function.

An example Michael uses is of US Congressman Pete Hoekstra (R-Michigan) tweeted information about a secret congressional envoy in Iraq.� Yes, probably a bad move.� However, this does not make Twitter a weak link, it makes Mr. Hoekstra a weak link to sensitive government information.� Come on, this guy is a ranking member of the House Intelligence Committee!� I am sure he has to handle loads of sensitive information and should know better.

You know how everyone says when you are all fired up, you should not belt out a nasty email?� Perhaps the same thought should be put in before you tweet things, such as congressional information, to the world.� I twittered a 140 character summary of what I wrote here to Michael and he responded with the another question: “The question is getting folks to think before tweeting confidential information. Easier said than done.“� He is absolutely correct, but how do we do it?� Twitter is a great tool because it is so open.� How far are we away from tweets being siphoned through company security or PR before getting posted, or is that already happening?

Found a great post on the Delicious Hotlist for the 14 Tools of Highly Effective Twitter Users.� Listed there were lots of great tools for the active Twitter user.� The ones that piqued my interest are:

TweetSuite: This is a WordPress plugin with lots of great features such as retweet-this buttons, a digg-like tweet-this button, automatic tweeting of new posts and a most-tweeted widget.� I had been using TwitterTools, which worked great up until this last update (which caused other problems) as it would not automatically post when I used Ecto to write a post. (I see there is another update for TwitterTools, perhaps t fixes this problem.)� TweetSuite looks great with a lot of functions for the active twitterer.

TweetStats: I have been using TweetStats for quite a while.� It gives awesome stats such as tweets per month and the top 10 people you reply to.� It is nice to check this every once and a while to see how your twitter trends look:

TwitterFriends: TwitterFriends is a culmination of a bunch of twitter tools such as TweetStats and Follow-cost.� TwitterFriends gives a lot more stats than TweetStats and also compares most of them to the average Twitterer.

As you can see, I am below average in just about every category except retweets (probably due to hyping Securabit!).� One of the stats I am really interested in (for whatever reason) is the percent of tweets exactly 140 characters.� Unfortunately, that one does not show up for some reason.� Anyway, check out TwitterFriends for lots of great stats.

I was playing around on Apple’s Iphone WebApp site and found some pretty cool WebApps. The new January 08 software update that allows multiple home screens makes these even more interesting.

Twitter on ThinCloud: Nice interface for posting and browsing Twitter. This app is optimized for EDGE and is quite fast. The buttons are nice and big so it limits me from fat-fingering.

Podcaster: Often I find myself forgetting to sync my favorite podcasts. Now with Podcaster, I can import my Itunes podcast list and stream all my podcasts without having to download them to the phone. This will be great for people with limited space on their Iphone. The interface is quite nice and is very Itunes-esc.

FlyTunes: This webapp gives you access to quite a bit of streaming content such as musics, news, and sports. Two channels of interest to me if ESPN and BBC. The interface is laid out very well and is pretty useable over EDGE. Some channels take longer to buffer than others.