Presentation at ECPI University

June 05, 2015 / Timothy De Block

On Thursday, June 4, 2015, ColaSec was invited to ECPI University here in Columbia to give a presentation on Linux/Unix security. Jeff and Adam spent several hours building a security presentation for a students looking to get into infosec. Here are some thoughts from one of the presenters:

Jeff

"The presentation for ECPI was an interesting experience. We were
asked to come up with something dealing with Unix/Linux and Security.
We were given a time frame for anything from 1 hour to 3 hours. Adam
and I put together an presentation dealing with things like what
security professionals do, why they do it, what tools they use, how
you deal with data breaches, and some general sysadmin style best
practices for securing linux systems and user accounts.

It turned out to be a lot of material but we covered most of it,
albeit in 3.5 hours (with an unexpected 30 minute lunch break). We
had some demos tossed in and for the most part the demo gods were good
to us and we were able to complete all but one demo (ran out of time)
on network flow data. It proved that both Adam and I are talkers and
need to learn to stick to the material.

Most of the class seemed to appreciate the talk. They seemed to
appreciate the fact we told real life stories and experiences. They
also liked that we expanded on information on the slides rather than
just read them the information that was there. We got a lot of good
questions from the class and hope they took some useful information
away from it.

They perked up when we started talking about Wireshark because they
had some exercises on that during class. They wanted more information
about it and how its used. We're going to follow up with them with
some links for packet capture challenges (they will be uploaded to the
presentation's google document that they have access to). These are
games that have been setup that require you to use tcpdump or
wireshark to uncover information hidden in network packets.

Adam and I agreed that we have some tweaking to do to the presentation
and maybe look at breaking it into three parts that can be done
separately or chained together for a longer one. All and all I think
it went well and I learned some good things from the experience and I
hope the students did also."

Pictures of the presentation are available in the gallery section and the slides can be found via this Google Slides link.

Comment 0 Likes

categories / Outreach
tags / Presentation, infosec, Linux, Unix

May 19, 2015, meetup wrapup - pwned by the demo-gods

May 21, 2015 / Timothy De Block

Last Tuesday was our May meetup for 2015. We had planned to dive into the game PwnAdventure3, unfortunately, it was meant to be as we had hardware issues with the server that was supposed to be running the game. Of course, it worked perfectly the week prior. I even completed the first task! We still plan to do PwnAdeventure3 at a future meetup.

The meeting didn't go too waste, however, we discussed several things:

Skycure - https://maps.skycure.com/?loc=29201

Someone who attended HackMiami sent me this link. Based on "Crowd Wisdom," the map shows wifi networks that might have threats on them. We've got two in the Columbia, SC, area.

Cover VT - https://red.cirt.vt.edu/

We had a couple guys from Virgina Tech show us this nifty little link, that has their snort data mapped to Google Map API.

MT6D Visual Data Display - http://paisley.cirt.vt.edu/

This is a link that's meant to demonstrate one way of mitigating a DDoS attack. Essentially as I understood it, the IP address of a device or application keeps randomly switching, which in essence makes it harder for someone to DDoS an individual target.

Finally, we discussed a few things people would be interested in discussing for future meetups.

Thanks to everyone that came out. We look forward to seeing everyone next month!

Comment 0 Likes

categories / Meetup
tags / visualization, pwned, Skycure, Virginia Tech, infosec

May 19, 2015, meetup agenda - PwnAdventure3

May 14, 2015 / Timothy De Block

The next ColaSec meetup we will be taking a look at the hacking game Pwn Adventure 3, which was featured at Shmoocon and in this article on WIRED. The game is a massively multiplayer online (MMO) game, where objectives are completed by hacking the game.

We have setup a server to run the game. Attendees will need to bring a laptop and download the game client from the Pwn Adventure 3 site. After downloading and installing, launch the client to run an update on it.

Some other things attendees might want to install/bring is a decompiler program to view the game files, like .NET Reflector. I've also found a walkthrough that uses utilizes Wireshark, so that might come in handy as well. Speaking of walkthroughs, feel free to do a little research ahead of time. Here are some links to get your started:

Ghost in the Shellcode - Home of the Pwn Adventure. Has walkthroughs on last year's version.

PwnAdventure3 - Main website.

Dead Packet Society - A walkthrough using Wireshark.

PwnAdventure2 walkthroughs:

balidani

Everlasting Wanderer

Lockboxx

List of tools for static code analysis - Wikipedia

This exercise is something I've never done before and I those most of the group hasn't done before, so I'm hoping we can all learn and grow from the game together.

Comment 0 Likes

categories / Meetup
tags / Meetup, Meetup Agenda, infosec

ColaSec meetup January 20, 2015, roundup

January 22, 2015 / Timothy De Block

Tuesday we had our first ColaSec meeting of the new year at IT-ology. Among the announcements we have POSSCON looking for security professionals to present at the conference who have a background and experience with implementing open source for security related projects. The POSSCON organizers approached us to help them fill the five speaking slots they have available. Each speaking session will be 45 minutes and should cover a topic that includes implementing or developing an open source tool for security. If this of interest to you or if you have questions, contact me at timothy.deblock[at]gmail[dot]com.

I presented on, How to get started and keep up with information security. When I first got interested in security I wasn’t exactly sure where I needed to start. This presentation is meant to share my experiences of going from reading one security related site to reading several, listening to podcast, reading books, going to conferences, and getting involved. If you’re interested in reviewing my presentation the slides are available here.

PRESENTATION: How to get started and keep up with information security by Timothy De Block

A ShmooCon ball at our meeting tonight. One of our members is giving a review of the conference. pic.twitter.com/w2dMqHqFBP
— Cola InfoSec (@cola_sec) January 21, 2015

After my presentation Jeff gave us a review of ShmooCon which he recently attended in Washington, DC. Aside from scaring the shit out of us in regards to our vulnerable home routers, he also tolds us about the Keynote by Joseph Lorenzo Hall, which covered, “the intersection of technology, law, and policy.” Essentially, keeping the internet the open internet. He also told us about encryption and the police, a talk about analysis of point-of-sale (POS) software, Httpscreenshot, Masscan’s ability to scan the entire internet in 6 minutes (calling BS here), and also timing side channels which dealt with some cryptography voodoo.

After those two presentations we got into a little bit of a discussion on career paths into security and what someone would need to do for that. It was a great meetup with a lot of good back and forth and resource sharing. Our next meetup is scheduled for Tuesday, February 17, 2015. We look forward to seeing you there!

Comment 0 Likes

categories / Meetup
tags / infosec, ShmooCon, Presentation

January 20, 2015, meetup agenda

January 13, 2015 / Timothy De Block

Tuesday January 20, 2015, is our first meetup of the new year.

This Friday Blackhat gets released to theaters and we're looking to have a special ColaSec meetup to go watch the movie. Shmoocon is also this weekend so be on the look out for items to talk about from there next Tuesday.

On the docket is me giving a presentation on how to keep up/get into information security. The title is still very much in the works, but it's a presentation that talks about some of the resources an information security professional can use to keep up with the latest happening in the community. This is my first presentation every and I'm hoping it's not too noobish and gives people some good information they can use. The goal is to be interactive so that those already following the infosec community can participate as well. Really, it's just a way for us to create some discussion and share some great resources to make us all better professionals.

Looking forward to seeing some old faces and some new faces at the next meetup.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda

New ColaSec meetup day and social engineering

December 30, 2014 / Timothy De Block

After talking to several current and potential members of this user group, we have decided to shift our meetup day from every third Monday of the month to every Tuesday of the month. Tuesday just seems to fit everyone's schedule better and allows everyone to shake off those Monday blues. We also won't be conflicting with Monday night football during the fall.

With the new date it puts our next ColaSec meetup on Tuesday January 20th, 2015. The Tuesday after Blackhat releases. If anyone is planning on going hit me up on Twitter or by email (timothy.deblock[at]gmail[dot]com).

While on holiday and doing some chores this past week I was listening to episode 120 of the Down the Rabbithole security podcast and they had on Chris Hadnagy who was talking about social engineering. It's a really good episode, with a lot of good information and interesting stories about social engineering, as well as how organizations can better protect themselves against social engineering. If you can find the time I would highly recommend listening to the episode.

1 Comment 0 Likes

categories / Meetup
tags / Meetup, Podcast, Social Engineering

ColaSec meetup agenda December 15, 2014

December 15, 2014 / Timothy De Block

It's the final ColaSec meetup of 2014 and we're looking to do a little planning for 2015. We've had a good start to the security meetup and want to continue to grow and expand our membership. This is your opportunity to show up and let us know what you want out of this monthly meetup.

We will be meeting Monday, December 15, 2014, at Hunter-Gatherer Brewery on Main Street in downtown Columbia.

We'll also be talking about some of the latest news in infosec, including:

Sony Hack
POODLE part deux
Target liability for last year's breach

Be sure to come out and join us. We would love to meet new information security professionals in the area.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda

New signs!

December 13, 2014 / Adam Twitty

Be on the lookout for our new signs at Hunter Gatherer on the 15th. Just picked them up today and I'm pretty pleased with how they came out:

I've also got some business cards for the group on order, but I don't think they will arrive in time for our meeting on the 15th. :( I promise I'll have plenty to pass out for our first meeting next year.

Also, for anyone who's interested in the source image for the banner and signs above, here you go:

Comment 0 Likes

ColaSec meetup agenda October 20th, 2014

October 15, 2014 / Adam Twitty

Our next ColaSec meeting will be held at IT-oLogy on October 20th, 2014 at 6:00 PM. We will have pizza, a demo of metasploit & some traffic analysis, a presentation on Google dorking, and a discussion of some of the InfoSec news from the past few weeks (there has been plenty). Adult beverages are welcome, but this is a BYOB event

Please note that parking in the garage at IT-oLogy is free after 5:00 p.m. You can access this garage on Gervais St between Marion and Sumter. There's a foot bridge over into the area where we'll be meeting. Directions will be posted on our website before the weekend.

Comment 0 Likes

categories / Meetup
tags / Hacking, Presentation, Meetup Agenda, Google dorking, infosec

Blackhat trailer #1 - new hacker movie coming

October 08, 2014 / Timothy De Block

This looks like it has a lot of potential to be a good movie. Would anyone be interested in going to it as a group when it releases in early January?

Comment 1 Likes

categories / Media
tags / Movies, Trailer, Hackers

SCITDA 2014 Conference Talk: Don't Panic - Incident Response

October 01, 2014 / Timothy De Block

ColaSec organizer Adam Twitty had a talk in early September at the South Carolina Information Technology Directors Association conference on incident response. Below is video from that talk, which i shot with my phone. I apologize in advance for the abrupt cuts, I was texted and then called during recording.

This talk was also presented at our September 15, 2014, meetup. We meet every third week of the month at IT-ology. Be sure to join us for our next meetup October 20, 2014.

Comment 0 Likes

categories / Media
tags / Video, infosec, SCITDA, Incident Response