The Linux Ninja

I created a new page that contains links to all of the InfoSec self education resources that I currently use or have used in the past. The page started out as a blog post but morphed into a page because it was something I saw myself and potentially others referring back to and updating in the future. I have links to blogs, podcasts, webcasts, conference materials, live distributions, and I am currently in the process of adding some mailing lists. I am still updating many of the sections on the page, but I will take any and all suggestions of things to add.

-jason

I started listening to the Security B-Sides Las Vegas 09 audio release by the Security B-Sides guys (I believe Jack Daniel did most of the audio editing) after forgetting that the mp3 files had been out there for awhile. You can either subscribe to the B-Sides RSS feed or subscribe to the podcast in iTunes. So far I have finished listening to to a talk on WarVOX by H.D. Moore of the Metasploit project, a talk on using BeEF + Cain for snagging and cracking password hashes, and a good talk by Mike Kershaw, author of kismet, that covers developments in lorcon and kismet and integration into metasploit. These have all been really interesting and informative to listen to and are highly recommended.

The BruCon conference was held at the end of September and they released the presentation materials and video soon after. You can find the video on the BruCon website here and the materials here.I’ve started watching Chris Nickerson’s (of Tiger Team fame and currently one of the hosts on Exotic Liability in addition to his day job at Lares Consulting) talk and it’s been really good so far. The videos look to be a little bit fuzzy so I recommend following along in the PDF versions of the slides.

I hope to take some ideas from these talks and start making some posts on using the tools and methods talked about and applying them in virtual environments for those that are inclined to do alot of self-learning, so please stay tuned….

UPDATE: Edited to reflect my mistake of saying Jayson Street donating all of his proceeds from his book to Hackers for Charity. He is, however, donating a portion of his proceeds to Hackers for Charity so you should still buy it for that and because it’s a great book

I just wanted to make a few quick book recommendations about one book I recently finished reading and one I plan to start reading as soon as it arrives.
I read Daemon by Daniel Suarez in about a week and I found it very engrossing. The basic idea is that a genius programmer named Matthew Sobol who is dying of brain cancer has created programs that are waiting for triggers (the first one being news of his death). Once these daemons trigger they start setting events in motion that enable a distributed and extremely sophisticated AI to coordinate an attempt at restructuring everything according to Sobol’s vision. The only things that took me out of the book were the technical definitions he inserted in the beginning of the book that felt kind of out of place. I felt they might be better placed in a glossary area or made a little simpler. When one of the characters gives a very technical definition of VOIP to a very non-technical cop and the cop accepts it like he understands it just didn’t feel right. That’s my only major gripe with the book and once he gets some initial terminology out of the way those parts disappear and the story gets moving pretty fast. I somewhat saw the ending coming but that was more because I heard some snippets about the sequel and I was able to piece together what needed to happen to get to some of the vague plot points I heard. I definitely recommend reading the book and then following up with the sequel Freedom (TM) when it comes out early next year.

My other book recommendation is Dissecting the Hack: The f0rb1dd3n Network by Jayson Street and others. Jayson has said that he will be donating all of his proceeds a portion of his proceeds to Hackers for Charity and the link I provide is via Johnny Long’s affiliate link so you can end up helping Johnny double . My copy is currently on order and I am waiting for it to arrive so I can dive in.