Traffic Talk 9 Posted
February 3rd, 2010 admin
I just noticed that my 9th edition of Traffic Talk , titled Testing Snort with Metasploit , was posted. From the article: Security and networking service providers are often asked whether their solutions are working as expected. Two years ago, I wrote How to test Snort , which concentrated on reasons for testing and ways to avoid doing poor testing. In this article, prompted by recent discussions among networking professionals, I show how to combine several tools in a scenario where I test Snort with Metasploit. Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Related Videos from Youtube
AFCERT circa 2000...This video shows the United States Air Force Computer Emergency Response Team (AFCERT) in 2000. Kelly AFB, Security Hill, and Air Intelligence Agency appear. The colonel who leads the camera crew into room 215 is James Massaro, then commander of the Air Force Information Warfare Center. The old Web-based interface to the Automated Security Incident Measurement (ASIM) sensor is shown, along with a demo of the "TCP reset" capability to terminate TCP-based sessions. We have a classic quote about a "digital Pearl Harbor" from Winn Schwartau, "the nation's top information security analyst." Hilarious, although Winn nails the attribution and national leadership problems; note also the references to terrorists in this pre-9/11 video. "Stop the technology madness!" Incidentally, if the programs shown were "highly classified," they wouldn't be in this video!
Black hat Is BACK! Black-hat affili...www.Black-Hat-is-Back.com Black hat Is BACK! Black-hat affiliate marketing for IMMEDIATE PROFITS! Finding the best products and selling the market what they're starving to buy without any guesswork! euser Reviews » Howie Schwartz and the Black Hat is Back System Nov 7, 2008 ... Find out what Howie says about dominating the dark side of Google. This may not be what you think it is. Find out why. Black Hat USA 2008 : Hands on Penetration Testing with Back ... This is an intensive, hardcore, hands on Security class by the creators of Backtrack especially designed for delivery in blackhat Trainings. ... Black Hat : Beware of Cylons at the Back Door - internetnews:The ... Black Hat : Beware of Cylons at the Back Door. By Sean Michael Kerner on February 22, 2008 10:09 AM. blackhat.jpg. Application back doors aren't just the ...Black Hat is Back? - sitepoint Forums Old Today, 15:41. halfasleeps. Actionscript Guru. halfasleeps's Avatar. Join Date: Feb 2006. Location: Altoona, PA. USA. Posts: 1820. Black Hat is Back? ...taosecurity: Bejtlich Teaching at Black Hat DC 2009 Training Black Hat was kind enough to invite me back to teach a new 2-day course at Black Hat DC 2009 Training on 16-17 February 2009 at the Hyatt Regency Crystal ...ieblog : Back from Black Hat After some very long days and nights, the IE delegation is back from Vegas . Some sessions I found especially interesting: Alex S & Scott Stender ...The Secret Of Black Hat Is Back - Black Hat Is Back Seo Secrets ... Dec <b>...</b>
Both Days of Air Traffic Control Au...Audio Courtesy liveatc.net Here's the original recordings of both days together. Day two starts at around 3:00. Clear space is edited out. Radio calls in between are not for emphasis. The scanner clips the audio between both tower channels as it's recorded so not every word exists on this audio recording. This is the reason for missing audio in some sentences. What was probably harmless is now being highlighted by the news media and now with FAA repercussions FAA Statement WASHINGTON, DC — The Federal Aviation Administration announced today that two employees at John F. Kennedy Airport Tower are on administrative leave following an incident last month when a child was permitted to talk with pilots on an air traffic control frequency. This lapse in judgment not only violated faas own policies, but common sense standards for professional conduct. These kinds of distractions are totally unacceptable, said FAA Administrator Randy Babbitt. We have an incredible team of professionals who safely control our nations skies every single day. This kind of behavior does not reflect the true caliber of our workforce. The two JFK Tower employees, a supervisor and an air traffic controller, are on administrative leave pending the outcome of an official FAA investigation into the incident which is already underway. In addition, all unofficial visits to FAA air traffic control operational areas, such as towers and radar rooms, will be suspended during the investigation. The FAA <b>...</b>
Child Air Traffic Controller JFK Ke...Audio Courtesy liveatc.net What was probably harmless fun is now being highlighted by the news media. Here's the original recording. bit.ly and now the FAA repercussions FAA Statement WASHINGTON, DC — The Federal Aviation Administration announced today that two employees at John F. Kennedy Airport Tower are on administrative leave following an incident last month when a child was permitted to talk with pilots on an air traffic control frequency. This lapse in judgment not only violated faas own policies, but common sense standards for professional conduct. These kinds of distractions are totally unacceptable, said FAA Administrator Randy Babbitt. We have an incredible team of professionals who safely control our nations skies every single day. This kind of behavior does not reflect the true caliber of our workforce. The two JFK Tower employees, a supervisor and an air traffic controller, are on administrative leave pending the outcome of an official FAA investigation into the incident which is already underway. In addition, all unofficial visits to FAA air traffic control operational areas, such as towers and radar rooms, will be suspended during the investigation. The FAA Administrator has directed a team to conduct a full-scale review of air traffic control policies and procedures related to facility visitors.
How to Talk Yourself Out of A Ticke...George4vlogging explaing the basic concepts in dealing with police at a routine traffic stop: 1. Acknowledge officer and be friendly 2. Do not admit guilt in any way 3. Engender Empathy 4. Keep it light 5. Fight the Ticket, Extend the payment as long as possible (If everyone fought these useless tickets, the gov't entity would view them as a losing investment
谭谈交通Tan's Traffic Talk Show...When policeman meets fei zhu liu. English Subs. If you didn't understand some of the culture-specific references, please go to torisefromashes.blogspot.com for explanations.
Related Posts
I just noticed that my 8th edition of Traffic Talk , titled How to use user-agent strings as a network monitoring tool , was posted this week. It’s a simple concept that plenty of NSM practitioners implement, and I highly recommend it. Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)...
I just noticed that my tenth edition of Traffic Talk , titled Pcapr.net — where Web 2.0 meets network packet analysis , has been posted. From the article: Solution provider takeaway: Pcapr.net is a free packet collaboration site hosted by Mu Dynamics. Solution providers can participate in the community to exchange, analyze and gather traces...
Jim Manico invited me to speak on the OWASP Podcast . If you’d like me to try answering specific questions, please email them to podcast at owasp.org. When the show is posted I will let everyone know here. Thank you. Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Read More →
Amazon.com just posted my three star review of Jeff Carr’s Inside Cyber Warfare . From the review : Jeff Carr is a great digital security intelligence analyst and I’ve been fortunate to hear him speak several times. We’ve also separately discussed the issues he covers in Inside Cyber Warfare (ICW). While I find Jeff’s insights...
The March 2010 BSD Magazine includes an article I wrote titled Keeping FreeBSD Applications Up-to-Date . It’s a sequel to my article in the January 2010 BSD Magazine titled Keeping FreeBSD Up-to-Date: OS Essentials . With these two articles published, they replace the versions I wrote in 2005. I wrote these articles to demonstrate the variety...
I’m happy to report that I will present Building a Fortune 5 CIRT Under Fire at FIRST 2010 on 16 Jun 10 in Miami, FL. I plan to attend the majority of the conference, since it is one of the few focused on incident detection and response. I hope to see you there! Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com...
Amazon.com just posted my five star review of Web Security Testing Cookbook by Paco Hope and Ben Walther. From the review : I just wrote five star reviews of The Web Application Hacker’s Handbook (TWAHH) and SQL Injection Attacks and Defense (SIAAD). Is there really a need for another Web security book like Web Security Testing Cookbook...
We close out the year with a somewhat irreverent show that includes sexy security professionals, discussions of security and
Read More →
Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud security . I thought the conference was excellent and many people posted their thoughts to #dojocon on Twitter. Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)...
One of the presentations I delivered at the Information Security Summit last month discussed Network Security Monitoring. The Security Justice guys recorded audio of the presentation and posted it here as Network Security Monitoring and Incident Response. The audio file is InfoSec2009_RichardBejtlich.mp3. Copyright 2003-2009 Richard Bejtlich and...
Related Tweets from Twitter
|
rgruyters (Robin Gruyters) : Nice Traffic Talk article from @taosecurity about Pcapr service. http://drp.ly/zLX4H.. Updated : 2010-03-11T12:38:43Z | Reply | View Tweet |
|
jamesmaze (James Maze) : RT @tomwparker: Nice post by @taosecurity on pcapr. Great to see my old friends at @mudynamics getting more traction with researchers http:/.. Updated : 2010-03-11T05:58:25Z | Reply | View Tweet |
|
oneraindrop (gunnar peterson) : RT @owasp_podcast: OWASP Podcast #61 - an interview with @taosecurity (Richard Bejtlich) from GE - is now live! http://www.owasp.org/index.p.. Updated : 2010-03-10T17:33:32Z | Reply | View Tweet |
|
0x58 (Xavier Santolaria) : RT @OWASP_podcast: Podcast #61 - iview with @taosecurity (Richard Bejtlich) from GE - is now live! http://bit.ly/bGk7Ph.. Updated : 2010-03-10T16:44:40Z | Reply | View Tweet |
|
pcapr (pcapr) : RT @tomwparker: Nice post by @taosecurity on pcapr. Great to see my old friends at @mudynamics getting more traction with researchers http:/.. Updated : 2010-03-10T16:35:00Z | Reply | View Tweet |
Related News from Digg
-
OpenPacket.org 1.0 Is Live
[Security]The mission of OpenPacket.org is to provide quality network traffic traces to researchers, analysts, and other members of the digital security community. One of the most difficult problems facing researchers, analysts, and others is understanding traffic carried by networks.
-
Chinese Hack France
[Security]The news is coming in that France was the latest victim of the Chinese hackers, following the recent announcements of United States and United Kingdom being compromised.
-
Thanks for the Memories Sys Admin Magazine
[Linux/Unix]Thanks for the Memories Sys Admin Magazine...
-
Black Hat USA 2007 Round-Up Part 1 and 2
[Security]I'm waiting in the airport for my flight home after spending 6 days in Las Vegas at Black Hat USA 2007. I last attended in 2003. Put simply I was blown away by the quality of the majority of the talks I saw. I'll summarize the talks and my response.
-
US Air Force now fights in air, space, and cyberspace.
[Security]The Air Force believes it must be able to control cyberspace, when need be, as it at times controls the air. The goal is to make cyberspace capabilities fully available to commanders. --Via TaoSecurity.
Leave a comment
| Trackback
