Vídeos de la Defcon 19
Ya están disponibles los vídeos de la Defcon 19:
- Dark Tangent and LosTboY - Welcome and Making of the DEF CON Badge
- Panel - Network Security Podcast
- Panel - Meet The Federal Agent 2.0
- Abstrct - When Space Elephants Attack A DEFCON Challenge for Database Geeks
- Chema Alonso and Juan Garrido - Bosses Love Excel Hackers Too
- Chema Alonso and Juan Garrido - Dust Your Feed RSS Belongs To You! Avoid Censorship!
- Sterling Archer and Freaksworth - IP4 TRUTH The IPocalypse is a LIE
- James Myrcurial Arlen - Security When Nano Seconds Count
- Mike Arpaia and Ted Reed - Beat to 1337 Creating A Successful University Cyber Defense Organization
- Adam Baldwin - Pillaging DVCS Repos For Fun And Profit
- Barisani Laurie Franken and Bianco - Chip and PIN is Definitely Broken
- Bruce Grymoire Barnett - Deceptive Hacking How Misdirection Can Be Used To Steal Information Without Being Detected
- Olivier Bilodeau - Fingerbank Open DHCP Fingerprints Database
- Olivier Bilodeau - PacketFence The Open Source Nac What Weve Done In The Last Two Years
- Emmanuel Bouillon - Federation and Empire
- Sam Bowne - Three Generations of DoS Attacks
- David Bryan and Luiz Eduardo - Building The DEF CON Network Making A Sandbox For 10000 Hackers
- Jeff Bryner - Kinectasploit Metasploit Meets Kinect
- Jamie Butler - Physical Memory Forensics for Cache
- Carey Rude and Vandevanter - Metasploit vSploit Modules
- George Chamales - Lives On The Line Securing Crisis Maps In Libya Sudan And Pakistan
- Ming Chow - Abusing HTML5
- Mouse and Renderman - Familiarity Breeds Contempt
- Christopher Cleary - Operational Use of Offensive Cyber
- Tyler Cohen - Look At What My Car Can Do
- Kees Cook - Kernel Exploitation Via Uninitialized Stack
- Greg Conti - The Art and Science of Security Research
- Paul Craig - Internet Kiosk Terminals The Redux
- Adrian Crenshaw - Cipherspaces Darknets An Overview Of Attack Strategies
- Daniel Crowley - Speaking with Cryptographic Oracles
- Phil Cryer - Taking Your Ball And Going Home Building Your Own Secure Storage Space That Mirrors Dropbox Functionality
- Panel - PCI 2 Still Compromising Controls and Compromising Security
- Panel - Former Keynotes The Future
- datagram - Introduction to Tamper Evident Devices
- Ganesh Devarajan and Don LeBert - VDLDS All Your Voice Are Belong To Us
- Deviant Ollam - Safe to Armed in Seconds A Study of Epic Fails of Popular Gun Safes
- Whitfield Diffie and Moxie Marlinspike
- Artem Dinaburg - Bit-squatting DNS Hijacking Without Exploitation
- Alva Skip Duckwall - A Bridge Too Far Defeating Wired 8021x with a Transparent Bridge Using Linux
- Nelson Elhage - Virtualization Under Attack Breaking out of KVM
- Tim Elrod and Stefan Morris - I Am Not a Doctor but I Play One on Your Network
- Patrick Engebretson and Josh Pauli - Mamma Dont Let Your Babies Grow Up to be Pen Testers
- eskimo - Steganography and Cryptography 101
- Eston Abraham and Johnson - Dont Drop the SOAP Real World Web Service Testing for Web Hackers
- Ben Feinstein and Jeff Jarmoc - Get Off of My Cloud Cloud Credential Compromise and Exposure
- Foofus - Handicapping the US Supreme Court Can We Get Rich by Forceful Browsing
- Gus Fritschie and Mike Wright - Getting F***** On the River
- Eric Fulton - Cellular Privacy A Forensic Analysis of Android Network Traffic
- Daniel Garcia - UPnP Mapping
- Andrew Gavin - Gone in 60 Minutes Stealing Sensitive Data from Thousands of Systems Simultaneously with OpenDLP
- Kenneth Geers - Strategic Cyber Security An Evaluation of Nation-State Cyber Attack Mitigation Strategies
- Ramon Gomez - Bulletproofing The Cloud Are We Any Closer To Security
- Vlad Gostom and Joshua Marpet - Smile for the Grenade Camera Go Bang
- Panel - Represent Defcon Groups Hackerspaces and You
- Panel - Smartfuzzing the Web Carpe Vestra Foramina
- Rob Havelt and Wendel Guglielmetti Henrique - Earth vs The Giant Spider Amazingly True Stories of Real Penetration Tests
- Deral Heiland - From Printer To Pwnd Leveraging Multifunction Printers During Penetration Testing
- Thomas Holt and Max Kilger - Assessing Civilian Willingness to Participate in On-Line Political and Social Conflict
- Rick Howard - An Insiders Look at International Cyber Security Threats and Trends
- Hubris and a5h3r4h - Anonymous Cyber War
- Mikko Hypponen - The History and the Evolution of Computer Viruses
- Hackajar - Economics of Password Cracking in the GPU Era
- Aseem Jakhar - Jugaad Linux Thread Injection Kit
- Matt Joyce - The Art of Trolling
- Dan Kaminsky - Black Ops of TCPIP 2011
- Dave Kennedy - Hacking Your Victims Over Power Lines
- Brian Kennish - Tracking the Trackers How Our Browsing History Is Leaking into the Cloud
- Alexander Kornbrust - Hacking and Securing DB2 LUW Databases
- Itzik Kotler and Iftach Ian Amit - Sounds Like Botnet
- Matt Krick - DCFluX in License to Transmit
- Lai Wu Chiu PK - Balancing The Pwn Trade Deficit APT Secrets in Asia
- Lawson Potter and Deviant Ollam - And Thats How I Lost My Eye Exploring Emergency Data Destruction
- Grayson Lenik - Im Your MACbDaddy
- Katy Levinson - Dont Fix It In Software
- Steven Levy - We Owe it All to the Hackers
- Ryan Linn - PIG Finding Truffles Without Leaving A Trace
- David Litchfield - Hacking and Forensicating an Oracle Database Server
- Johnny Long - Johnny Long and Hackers for Charity
- William Manning - Pervasive Cloaking
- Joey Maresca - Were Here To Help A Look At How FIPS 140 Helps And Hurts Security
- Moxie Marlinspike - SSL And The Future Of Authenticity
- Jon McCoy - Hacking Net Applications The Black Arts
- Wesley McGrew - Covert Post-Exploitation Forensics With Metasploit
- John McNabb - Vulnerabilities of Wireless Water Meter Networks
- Charlie Miller - Battery Firmware Hacking
- Panel - DEF CON Comedy Jam IV A New Hope For The Fail Whale
- Steve Ocepek - Blinkie Lights Network Monitoring with Arduino
- Panel - Ask EFF The Year in Digital Civil Liberties
- Kyle Osborn and Matt Johanson - Hacking Google Chrome OS
- Jason Ostrom - VoIP Hopping the Hotel Attacking the Crown Jewels through VoIP
- Nicole Ozer - Big Brother on the Big Screen
- Nicholas Percoco and Paul Kehrer - Getting SSLizzard
- Nicholas Percoco and Jibran Ilyas - Malware Freak Show 3 Theyre pwning erbody out there
- Nicholas Percoco and Sean Schulte - This is REALLY not the droid youre looking for
- Josh Phillips - Hacking MMORPGs for Fun and Mostly Profit
- Gregory Pickett - Port Scanning Without Sending Packets
- Jason Pittman - My password is FullOfFail The Core Problem with Authentication and How We Can Overcome It
- Mahmud Ab Rahman - Sneaky PDF
- Rezchikov Wang and Engelman - Why Airport Security Cant Be Done FAST
- Panel - Whoever Fights Monsters Aaron Barr Anonymous and Ourselves
- Michael Robinson - What Time Are You Anyway
- The Dark Tangent and Russ Rogers - DEF CON Awards
- Dan Rosenberg - Owned Over Amateur Radio Remote Kernel Exploitation in 2011
- Michael Scarito - Build your own Synthetic Aperture Radar
- Panel - Net Neutrality Panel
- Michael theprez98 Schearer - WTF Happened to the Constitution The Right to Privacy in the Digital Age
- Jason Scott - Archive Team A Distributed Preservation of Service Attack
- Justin Searle - Attacking and Defending the Smart Grid
- Jimmy Shah - Mobile App Moolah Profit taking with Mobile Malware
- Shrdlu - Are You In Yet The CISOs View of Pentesting
- Skunkworks - Hacking the Global Economy with GPUs or How I Learned to Stop Worrying and Love Bitcoin
- Reeves Smith - How Haunters Void Warranties
- Panel - SCADA and PLCs in Correctional Facilities: The Nightmare Before Christmas
- Jayson E Street - Steal Everything Kill Everyone Cause Total Financial Ruin
- Sumner alien and alison b - Weaponizing Cyberpsychology and Subverting Cybervetting for Fun Profit and Subterfuge
- Bruce Sutherland - How To Get Your Message Out When Your Government Turns Off The Internet
- Martin Holst Swende and Patrik Karlsson - Web Application Analysis With Owasp Hatkit
- Mike Tassey and Rich Perkins - Wireless Aerial Surveillance Platform
- Richard Thieme - Staring into the Abyss The Dark Side of Crime-fighting Security and Professional Intelligence
- Tobias Fiddler and Bluzmanis - Insecurity An Analysis Of Current Commercial And Government Security Lock Designs
- Schuyler Towne - DIY Non-Destructive Entry
- Marketa Trimble - The Future of Cybertravel Legal Implications of the Evasion of Geolocation
- Shawn Webb - Runtime Process Insemination
- Matt scriptjunkie Weeks - Network Nightmare Ruling The Nightlife Between Shutdown And Boot With Pxesploit
- Yekaterina Tsipenyuk ONeil and Erika Chin - Seven Ways to Hang Yourself with Google Android
- Jos Weyers - Key Impressioning
- Thomas Wilhelm - Staying Connected during a Revolution or Disaster
- Andrew Wilson and Michael Brooks - Traps of Gold
- Brad Woodberg - Network Application Firewalls Exploits and Defense
- Joey Zhu - Phishing and Online Scam in China
- Zoz and Andrea Bianchi - Vanquishing Voyeurs Secure Ways To Authenticate Insecurely
- Panel - Is it 0-day or 0-care
Adiós al padre la Inteligencia Artificial moderna, John McCarthy
Este mes de Octubre no será fácil de olvidar para los informáticos y los amantes de la tecnología. Ahora ha fallecido John McCarthy (a los 84 años) , padre del lenguaje LISP (uno de los más antiguos que aún es utilizado) y ganador en 1972 del famoso premio Turing.
La premisa de McCarthy era hacer la IA interactiva y esos algoritmos son lo que ha permitido desarrollar programas como Eliza ó el más reciente Siri. Una de sus premisas fundamentales era que la IA pudiera pasar el Test de Turing (lógico viendo su intención de humanizar a las máquinas).
Lectura para este finde
Si no tienes nada planeado para este fin de semana, aquí tienes para distraerte:
- HTML5 For Web Designers
- MacRuby: The Definitive Guide
- The Macintosh Way
- Introduction to the Command Line
- Dive Into HTML5
- Learn C The Hard Way
- The Little Book on CoffeeScript
- Don’t Just Roll the Dice A usefully short guide to software pricing (PDF)
- How to Design Classes
- Advances In Genetic Programming 3
- Radiosity: A Programmer’s Perspective (ZIP)
- Clever Algorithms Nature-Inspired Programming Recipes
- Barebones Spring MVC
- ECRYPT II Yearly Report on Algorithms and Keysizes (2010-2011) (PDF)
Super Rubik Land
Historia de los estándares web (Infografía)
Pauldotcom Episodio 7
Ya tenemos otro nuevo episodio de este magnífico podcast sobre seguridad de la mano de Carlos Perez, también conocido como Darkoperator. En esta ocasión nos trae una entrevista al autor de la BESTIA (B.E.A.S.T), Juliano Rizzo, la que tanto ha dado que hablar desde que fue presentada en la ekoparty.
Puedes descargar el podcast desde aquí.
Vídeos de la Hack3rcon II
Desde la web de archive, podemos acceder a los vídeos de las charlas de la segunda edición de la Hack3rcon
- 1-1 Opening Ceremony - Johnny Long - Keynote (via Skype) 244.1 MB
- 1-2 Chris Silvers and Pat McCoy Hook Line and Syncer A Liar for Hires Ultimate Tackle Box 306.8 MB
- 1-3 Borris Sverdlik Your Perimeter Sucks 598.0 MB
- 1-4 Joshua Perry OSINT 446.9 MB
- 1-5 Gus Fristschie Getting fXXXed on the river 682.4 MB
- 1-8 Eric Milam Automating MiTM for Winning 752.4 MB
- 2-1 Keith Pachulski Common Project Issues with Technical Assessments 195.3 MB
- 2-2 Tim Tomes and Mark Baggett Lurking in the Shadows 527.2 MB
- 2-3 Martin Bos Your Password Policy Sucks 350.8 MB
- 2-4 James Macgregor Watson Online Time OF cRIME 203.6 MB
- 2-5 Charlie Vedaa FXXX the Penetration Testing Execution Standard 236.5 MB
- 2-8 Stephan Looney Up and Running with Backtrack Workshop 1.2 GB
- 3-1 Thomas Hoffecker Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon 669.1 MB
- 3-2 @grecs How to Win Followers and Influence Friends Hacking Twitter to Boost Your Security Career 416.0 MB
- 3-3 Jon Schipp Knowing What's Under Your Hood Implementing a Network Monitoring System 325.3 MB
La bicicleta tocadiscos
¿Qué es un tocadiscos? Anda niño míralo en la enciclopedia wikipedia.
El invento es muy geek, pero para aquellos amantes del vinilo, esta es la bicicleta de las bicicletas. Lleva el disco en la rueda trasera. Eso si tienes que ser muy paciente y guardar una velocidad, muy lenta, constante para que el disco se escuche más o menos bien. Esto es sólo un prototipo, pero tiene toda la gracia :)
SysAdmin Anywhere, un completo gestor del Directorio Activo gratuito
Windows
Admin Anywhere es una aplicación gratuita con una interface muy intuitiva y fácil de manejar para poder gestionar usuarios, grupos, ordenadores, servidores y dominios.
Contiene una gran cantidad de herramientas incluidas para poder hacer una buena gestión de nuestra red.
Estas son las características:
Gestión del ordenador
- Búsqueda de un ordenador
- Ver y editar propiedades
- Ver eventos
- Ver procesos en el ordenador remoto
- Monitor del rendimiento (CPU, memoria, etc)
- Ejecutar cualquier comando en el ordenador
- Ver listado de hardware instalado
- Idem del software
- Reiniciar un ordenador remoto
- Apagar un ordenador
- Información básica del ordenador
Gestión del usuario
- Búsqueda rápida de usuarios
- Ver y editar las propiedades
- Añadir fotografías
- Añadir un nuevo usuario rellenando todos los campos requeridos automáticamente y crear un nuevo login usando una plantilla (esta opción me parece espectacular).
- Incluir o excluir ciertos grupos
- Reiniciar la contraseña
- Rápidamente ver información sobre un usuario
Gestión de grupos
- Búsqueda de grupos
- Ver y editar las propiedades
- Incluir o excluir ciertos grupos
- Rápidamente ver información sobre un grupo
- Gestión de contactos
- Búsqueda de contactos
- Ver y editar propiedades
- Incluir o excluir ciertos grupos
Informes
- Imprimir informes varios
- Parámetros para generarlos
- Ver el informe en diferentes escalas
Ya veis, no está mal para una aplicación grauita (tiene una extensión de pago que incluye gestión de inventario entre otras mejoras). Una buena ayuda para la gestión de nuestra red.
Visto en 4SysOps.