Episode 32 – InfoSanity, and Sqrrl

Hey folks, we’ve got something a little different tonight.  Both Jason and Dustin are unavailable, so my friend Danny has agree’d to step up and stand in on tonight’s show.

Danny is one of the Hosts of Rally Security @rallysecurity, and works for Sqrrl @sqrrldata.  He also helped build InfoSanity @infosanityorg, a site/support group for folks in IT that might be going through some rough times, and need peers to help them through.

Episode 31B – Year end InfoSec Podcast

We were invited to participate in the year-end InfoSec podcast, with Braking Down Security, Purple Squad, rally sec, and Advanced Persistent Security.  It was a good time!  Nate participated, Jason and Dustin couldn’t make it.

Here are some links we discussed in the show, and contact info for the other shows involved. Happy 2018!

https://www.infosecurity-magazine.com/news/every-single-american-household/

https://tosdr.org/

https://tosdr.org/#google

http://infosystir.blogspot.com/2017/12/top-50-women-shaping-future-of.html

advanced persistent security @c_3pjoe
@johnsnothere purplesquadsec.com
danny @dakacki rally sec infosanity.org
@infosecsherpa
@infosystir brakesec
@brakesec @bryanbrake

Episode 30 – We chat security/ops with Dave Kennedy!

Welcome to Episode 30!

News

https://hackernoon.com/10-things-infosec-professionals-need-to-know-about-networking-d159946efc93

Announcements

Chat

Main topic
Mr. Dave Kennedy!
Who is this guy?
Entrepeneur
TrustedSec – https://www.trustedsec.com/
Binary Defense – https://www.binarydefense.com/
One chip challenge?
derbycon!

Why is he on our podcast?
Pure luck

When there‘s no clear division of sec and ops
How does the sysadmin skillset apply to infosec?
How might that help a sysadmin who want‘s to transition into Infosec?
What should new sysadmins learn to be more secure? – Jason

https://www.trustedsec.com/team-members/paul-koblitz/ (Roll over the photos)

https://www.amazon.com/Time-Based-Security-Winn-Schwartau/dp/0962870048

sysmon? – Linux alternative is auditd :

apt-get install auditd / yum install auditd
auditctl -a task,always
ausearch -i -sc execve

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

https://www.ironsysadmin.com/slack
Apple Podcasts
Stitcher!
Google Play Podcasts

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 29 – Migrations!

Welcome to Episode # 29

News
• https://www.cnet.com/news/omg-texting-is-25-years-old/
• https://gizmodo.com/facebook-launches-new-messenger-app-for-young-kids-what-1820972251
• http://www.sciencealert.com/google-s-ai-built-it-s-own-ai-that-outperforms-any-made-by-humans
• https://www.csoonline.com/article/3238890/security/apples-high-sierra-allows-root-with-no-password-theres-a-workaround-to-help.html
• https://betanews.com/2017/12/03/apple-root-access-bug-snafu/

Announcements
• https://teespring.com/iron-sysadmin-t-shirt
• LV Hackers!

Chat
• wordpress

Main topic

 

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

https://www.ironsysadmin.com/slack
Apple Podcasts
Stitcher!
Google Play Podcasts

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 28 – Ansible

Welcome to Episode #28!

News
https://apple.slashdot.org/story/17/11/18/2340225/apple-is-served-a-search-warrant-to-unlock-texas-church-gunmans-iphone
http://www.wired.co.uk/article/mozilla-firefox-quantum-browser-vs-google-chrome
Facebook’s testing a new method to prevent revenge porn that requires uploading your nudes
https://amp.thehackernews.com/thn/2017/11/oneplus-logkit-app.html
https://www.darkreading.com/vulnerabilities—threats/researcher-finds-hole-in-windows-aslr-security-defense/d/d-id/1330466?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/
https://arstechnica.com/gadgets/2017/11/microsoft-and-github-team-up-to-take-git-virtual-file-system-to-macos-linux/
https://www.engadget.com/2017/11/10/the-naked-truth-about-facebook-s-revenge-porn-tool/

Announcements
Now on Google Play Podcasts

Chat

Main topic
What‘s this ansible thing?
Why ansible and not Puppet/Chef/Salt/etc.
How does it compare to other automation tools

Tower
AWX

playbooks
roles

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

https://www.ironsysadmin.com/slack
Apple Podcasts
Stitcher!
Google Play Podcasts

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 27 – Openshift

Welcome to Episode 27!

News
• https://amp.thehackernews.com/thn/2017/11/tor-browser-real-ip.html
• https://thehackernews.com/2017/10/microsoft-edge-crashes.html?m=1
• http://mashable.com/2017/11/03/xbox-one-x-review/#sf5xN_m_oqqi
• https://qz.com/1117836/bitcoin-mining-heats-homes-for-free-in-siberia/
• https://thehackernews.com/2017/10/iphone-camera-spying.html?m=1

Announcements
bsides de!

Chat

 

Main topic
what is openshift?
Why would i run this?
Can i pay for support?
Red hat openshift container platform
openshift origin

 

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

https://www.ironsysadmin.com/slack
Apple Podcasts
Stitcher!

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 26 – Amazon ECS

Welcome to Episode #26

News
https://www.engadget.com/2017/10/19/samsung-introduces-linux-on-galaxy/
https://www.bleepingcomputer.com/news/microsoft/windows-10s-controlled-folder-access-anti-ransomware-feature-is-now-live/
http://www.reuters.com/article/us-usa-security-kaspersky-russia/kaspersky-lab-to-open-software-to-review-says-nothing-to-hide-idUSKBN1CS0Y1
https://www.washingtonpost.com/news/answer-sheet/wp/2017/10/19/bill-gates-has-another-plan-for-k-12-public-education-the-others-didnt-go-so-well/

Announcements
LVHackers, Nov 1st, 2 Rivers Brewing, Easton, PA
BsidesDE! Nov 10/11 @ DTCC in Deleware
A WHOLE YEAR!

Chat
ansel?

Main topic
Amazon ECS
What is it?
How does it work?
What does it cost?

Nates Dive into ECS
First go, seemed limited
Second go, things are starting to make sense.
Clusters are comprised of EC2 instances.
Instances run docker.
Docker is controlled by some amazon magic?
Containers are pushed to repos, seems like this is 1 to 1.
tasks are what actually instantiates containers.
Tasks can run services. Services are what you‘d think they are.
I had a basic python service running, but updating the service seemed less seemless than I expected. In attempting to get the new build of the container online I ended up with a stuck task that i couldnt delete.

 

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

Apple Podcasts
Stitcher!
Slack!

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 25 – Moar Openstack!

Welcome to Episode # 25

News

It’s official: Data science proves Mondays are the worst
http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html
AOL Instant Messenger is shutting down after 20 years
https://www.bleepingcomputer.com/news/software/office-depot-best-buy-pull-kaspersky-products-from-shelves/
https://www.wired.com/story/google-closer-to-using-balloons-for-telecom-in-puerto-rico/
https://thehackernews.com/2017/10/macos-high-sierra-apfs-password.html

Announcements

LVHackers – October 11
BsideDE – November 10/11

Chat

https://teespring.com/shop/trevorforget-september-2017#pid=369&cid=6513&sid=front


w00tstout!

Main topic: OpenStack with John Fulton
• RDO is an RPM-based Distribution of OpenStack: https://www.rdoproject.org
• TripleO is a project to install, upgrade, operate OpenStack: http://tripleo.org
• Ceph is a unified, distributed storage system designed for excellent performance, reliability and scalability: http://ceph.com
• In the Pike release, TripleO will deploy Ceph in Containers via ceph-ansible and ceph-docker
• Upcoming RDO Events: http://rdoproject.org/events

CRUSH – https://www.ssrc.ucsc.edu/Papers/weil-sc06.pdf

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

Apple Podcasts
Stitcher!

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/

Episode 24 – DerbyCon!

Welcome to Episode 24

News
http://www.ibtimes.com/derbycon-hackers-hold-memorial-dead-cockroach-trevor-outside-louisville-kentucky-2593611
https://access.redhat.com/security/vulnerabilities/3189592
http://www.reuters.com/article/us-equifax-cyber/equifax-says-cyber-attack-may-have-hit-2-5-million-more-u-s-consumers-idUSKCN1C61Y4

Microsoft to bring Spotify to Groove Music Pass customers

Tesla is Shipping Hundreds of Powerwall Batteries to Puerto Rico

Nintendo fans are thoroughly shook after learning Mario was actually punching Yoshi in the head

 

Announcements
Join our slack Team!

BsidesDE, November 10-11, 2017 at DTCC (Delaware Technical Community College) – CFP IS OPEN, REGISTRATION IS OPEN, ALL THE THINGS ARE OPEN!
http://bit.ly/BSidesDE

Chat
Vegas

Main topic
DerbyCon!

Where can you find us?
https://www.ironsysadmin.com
https://www.patreon.com/ironsysadmin
https://www.facebook.com/ironsysadmin
https://www.ironsysadmin.com/youtube

Apple Podcasts
Stitcher!
Slack!

Intro and Outro music credit: Tri Tachyon, Digital MK 2
http://freemusicarchive.org/music/Tri-Tachyon/