Tenable Network Security Podcast - Episode 64

Welcome to the Tenable Network Security Podcast - Episode 64

Hosts: Paul Asadoorian, Product Evangelist, and Ron Gula, CEO/CTO

Announcements

• Several new blog posts have been published this week, including:
  • Log Correlation Engine 3.6 – Now with its own GUI
  • SSL Certificate Authority Auditing with Nessus
  • SecurityCenter 4 Receives FDCC and SCAP Validated Tool Certification
  • 3D Tool beta Video
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• A router that runs the Tor software prevents Web tracking - While off-loading your Tor traffic routing and encryption to your home router may sound appealing, Tor comes with its own set of caveats. For example, how can you be certain the Tor exit node you are using is not operated by someone with malicious intent? For general web browsing it can be problematic, as the exit node you go through may be in another country with restrictions on content that can be viewed. Tor does a great job of providing anonymity, but use caution when sending your data over this network as someone could be listening.
• Breaking GSM Using a $15 Phone - This is the same thing as Wifi. In the beginning, it was really expensive to eavesdrop on Wifi, so people implemented no security. Then more people sniffed Wifi, so they came up with WEP. WEP was easily broken, and the cost of Wifi sniffing plummeted so they came up with WPA. The problem is that people still THINK Wifi is secure when its really not. GSM seems to be going through a very similar evolution.
• Wikileaks Targets - Interesting little rumbling of Wikileaks having information on Bank Of America. Recent reports are stating this is not untrue. My fear is that even speculation could be damaging.
• thicknet: starting wars and funny hats - This has to be one of the best blog posts I've read in quite some time (aside from any of Ron's posts, of course). The concept is pretty simple; it's like your cutting in at a dance and stealing the homecoming queen, but with technology. Using TCP, some Perl scripts and MiTM, you can steal sessions and do whatever you want with them. Why wait for sensitive data to be passed? Just steal the session, send a query/request for sensitive data, and be done. I really love this technique.
• 2011 Predictions - This section left blank intentionally. No, seriously, as a general rule of thumb I don't make predictions. They tend to be not based on fact and not really all that helpful. It is fun to speculate, but take it for what it's worth: speculation. However, we can tell you about some of the things that Tenable is working on for 2011.