This is coming in a day later than usual; I got my new dual-core Mac mini on Monday and built a new iTunes Library on my NFS server. I then crashed it twice which turned into literal fscking nightmare. So I finally got it back up last night and started listening to my backlog of podcasts (which has grown enormously now that I can subscribe to them so easily). Highlights from the shows after the jump.
A big Thank you to everyone who has stopped by my Facebook profile to wish me a Happy Birthday today. I’m 25, my NFS server is running rock-solid, so is my new mini, and I got an official job offer in the mail, so today has been treating me really well. Happy birthday to my twin sister Adele, even though the international date line means I already missed it.
Security Now! 29 Ethernet Insecurity 52:14 covers how ARP works and why it is so insecure. This is something that everyone should know, but it may be easier to understand if you read Steve Gibson’s accompanying article. He mentions in the podcast an old story about a security researcher’s comments that a lot of hotels still use hubs instead of switches; I found the story on Schneier. I think Irongeek’s article was my first introduction to the subject of ARP spoofing.
BellCoreRadio 24 45:35 Not much here, but the running joke is pretty funny: Phoneswarm posts an interesting payphone number each week. Last week’s was 310-394-9052, a payphone on the Santa Monica pier that just happens to be visible on this webcam. The first time PonyBoy got someone on the phone it was a group of geocachers that needed their photo take by the cam.
PaulDotCom Security Weekly 17 59:56 My favorite quote: “… to show the guys how they can use CORE IMPACT to test an IDS” “Aww, sweet!” They mention the “startkeylogger” IRC DOS attack. They’ve got a post rounding up security podcasts as well.
Live Ammo Digital Forensics and Hacking Investigations, Part 4 36:15 More hardware/software tools and ARP.
Blue Box #18 35:57 Covering SPIT, SPam over Internet Telephony.
TWAT 74 BitViper WRT Hacking 36:39 I listened to all of the podcasts that came from TWAT radio this week, but this was by far my favorite. If you’ve got a Linksys WRT54G and don’t know where to start, BitViper and PowerStick do a kick ass job covering all of the ins and outs of the device and the multiple firmwares available. Even if you are well informed about the WRT, you will probably enjoy their personal story about doing a long run with multiple WRTs and some clever hardware hacking: start at 27:00. Great job guys!
In the Trenches 1:00:48 I think the idea of the test crashing during an MCSE exam is hilarious. They’ve also got a funny story about using a $600 Cisco router in the home. It ended up giving them 8Mbps instead of the regular 2Mbps from the Linksys WRT.
If you are interested in Weblogs, Inc. or just where this company came from you should check out the interview with my boss… or at least follow the link to see whose t-shirt he’s wearing.
…and if you’re following Catty Girls Discuss you’d hear Brigitte’s plans to buy an inflatable boat.