Wednesday, February 26, 2014

Episode 6: Michael Gough Part 2, video tutorials, and moving to Seattle, and a big thank you.

We had a great interview session with Michael Gough. That gentleman knows his way around malware, and I think his Sniper Forensic Toolkit would work great if you needed to secure several sensitive computer systems on the network. His Bsides Austin in March is shaping up to be really excellent. Red Team/Blue Team debate, speakers talking about safeguarding credit card info, and the Wednesday night talk on Windows logging is going to something special. Add to the price of attending the conference, you'd be crazy to not go. Plus, We've been asked to have a table at the conference! I would love to say we'll have swag, but all we'll have is Mr. Boettcher (hopefully!) will be doing drive by interviews. Please come on by, and he'll ask you probing questions, like favorite colors, favorite packet dumps, and Picard/Kirk preference. :)

During the post interview conversation, we talked about the Neiman Marcus alerts that were being generated, 60,000 alerts, and they still didn't see them going off. Here is the link to that article... Neiman Marcus

We would really like to do more interviews, but I worry about not showcasing our talents, so I will be working on some tutorial type videos. Nothing fancy, just testing the waters for more in-depth type applications. I wanted to start with an oldie, but a goodie... kismet. Show how to it up, configuring it to work with GPS, importing into Google Maps... incidentally, this will be a double feature with war driving. I'll get to work on my shaky cam skills too... but if I can get it to work, I'll be doing pretty well.

I'm sitting in my hotel room with my family, waiting to fly with my wife, daughter, and 3 furry children to Seattle, so my wife can work at a great job. I am able to work remotely, which is great, except the time zone is going to be a bit different for me. Plus, Mr. Boettcher and I will be 2 hours difference, which changes recording times for the podcast. We have the same issue on my other podcast (, since up until today, we were spread across 3 time zones. Things just got simpler, but we still have 3 hours between Dale, Jared, Farid, and myself. Change is good though. Makes for an interesting dynamic.

I just wanted to thank all of the people who have downloaded and/or listened to our podcast. Thanks to all of you, we've been accepted to iTunes, and we're getting to do what we love. Sharing info, talking about security, and having a good time. Plus, you probably get a few CPEs in the process.

Next week, we'll have part 1 of our interview with Kevin Johnson. A really great couple of interviews. Stay tuned!

Here is Part 2 of the Michael Gough Interview: Episode 6 Part 2

Thursday, February 20, 2014

Episode 6 Part 1: Michael Gough, Moon Pcap, Moving, and editorializing

Holy cow! We are in iTunes!!!

We're in the big leagues now. I just noticed that this morning on our stats page from Libsyn... Apparently, people discovered us before I discovered myself. LOL

We had a great interview with Michael Gough (@hackerhurricane) from MI2Security about the malware that has been in the news recently. We talked a bit about how he would have done things differently if he was in the IT shop at Target.

One thing that we have to learn, as new podcasters in this industry, is to not editorialize. We cannot make statements of opinion as if they are a fact. We cannot say "Mr. Jones thinks X is fantastic", when he may not be all in on something.

It's a learning process, and thankfully, we learned it early, with someone who is cool and not pursuing legal action.

I (Bryan Brake) will be leaving the Austin area next week, and moving to the Pacific Northwest with my wife, who has taken a position with a small mom and pop software company up there. I'm going to be working remotely, which is always nice, but my job will be no less demanding of my time. I'll just have to adapt to 7am PST meetings. :) We'll still be having a podcast, next week is another interview with a person that Brian and I hold immense respect, both as a human being, and a security professional. You'll have to tune in to find out who. Use that spiffy new iTunes link. Now, we just have to figure out how to change the icon, and author, and everything...

Oh yea, was trolling Twitter the other day, and someone at @sans_isc posted a link to a pcap of the MOON self-replicating malware that is plaguing Linksys routers. I posted a link on the BDS homepage, so you can grab it. It goes to our Google Drive, so download and check it out, you packet weasels!!! MOON Pcap file

Without further ado, here's Episode 6, Part 1, with Michael Gough Link

Sunday, February 9, 2014

Episode 5: Interview with Frank Kim

Man, it was a great week. If you ever have the chance to go to a SANS Course, do it, and do it often. It may be expensive, but the networking opportunities are great, and the instructors are just good people.

During the "Capture the Flag", which I will not give out information about (so don't ask), I felt utterly useless. I had done all that I felt I could do, but it's amazing that you can take experiences from your own work and apply it to issues. Once we'd gotten in, I remembered something about a security issue at our office, and in doing so, I found a flag! I went from thinking I was a failure to being a hero of our team. What we didn't know was that another team had found all the flags, but because of a configuration issue on their browser, they missed a flag they'd discovered. If they'd not done that, they would have won.

But because of that mistake, our team capitalized on the the CTF, and won first place!

Mr. Boettcher and I had a blast over the week, networking with various people and instructors, meeting a tons of great people, hearing Robert 'RSnake' Hansen speaking at the SANS Summit, and just getting some really excellent training on tools like Burp, SamuraiWTF, Sqlmap, and others.

We also got several interviews in the can. Episode 5 is with Frank Kim, an Instructor with SANS, who was teaching the Secure Java coding class. We got him to sit down with us and discuss some of the issues dealing with the culture of secure coding

Have a listen: Frank Kim Interview

Sunday, February 2, 2014

Episode 4: Origin stories, and talking about mentoring and reconnaissance

Next week is going to be super hectic for your favorite co-hosts. Starting on Monday 3 February, we'll be taking SANS SEC542 in an effort to get our GIAC Web Pentest certs (GWAPT).

I haven't been this nervous since I went for my CISSP. Another company paid the skrill for that cert as well. Thankfully, I passed my CISSP on the first try. I was always excellent listening and retaining information in school, and I write a decent test.

But I know I'll prevail, because of excellent instructors like Kevin Johnson and Jason Lam. And I'll have my comrade in security Mr. Boettcher right alongside of me.

Anywho, enjoy the episode, we didn't have show notes, because of some logistical issues, our interview with Michael Gough had to get re-scheduled until after our class... but we are going to have that really soon, and it will be awesome.

Take care, we love the feedback, thanks to all those with positive feedback, and those with constructive feedback. We hear you, and are learning so we can do better.