The Security Hookup The Security Hookup is a 5-minute video broadcast which you can view on your video iPod or in any Quicktime or MPEG-compatible video player. Each episode gives you news, information, and techniques you can use to secure your network against the latest threats. The show is hosted by Joe Stewart, Senior Security Researcher with LURHQ, and is geared for a technical audience. Add The Security Hookup to your iTunes - open iTunes, go to the menu option Advanced->Subscribe to Podcast, then paste in one of the following feed URLs, or click on one of the "Subscribe" buttons below: Video Feed XML Audio Feed XML If you have a question related to network security in the enterprise, send it to securityhookup@lurhq.com. If we use your question in an upcoming show, we'll send you a LURHQ Threat Intelligence Group T-Shirt! Episode 1 - Squid as a Security Device In this episode, we talk about recent Firefox exploits, Chinese "patriotic hackers" and the rash of targeted intellectual property theft coming from China. The hookup this week is showing you how to use Squid as a way to prevent ingress of exploits and egress of stolen data in your network. Resources Squid DNSBLs rbldnsd Bad neighborhoods Squid Block SquidGuard DansGuardian Example user-agent ACL for Squid Quicktime/iPod Format Windows/MPEG-1 Format Audio Only MP3 Format Episode 2 - Using Qpsmtpd to Block Spam This episode covers recent trends in "ransomware", along with a summary of the war between Blue Security and spammers. The hookup this week is how to use qpsmtpd to limit the amount of spam and viruses you receive on your network. Resources qpsmtpd Using Qpsmtpd Open Fusion qpsmtpd Plugins Allan's qpsmtpd Plugins Frank's HostName BlackList qpsmtpd Plugin Quicktime/iPod Format Windows/MPEG-1 Format Audio Only MP3 Format Episode 3 - Protecting your Ports In this episode, we look at recent exploits for RealVNC and ways you can protect your listening ports against attackers, using SSH tunnelling, Portsentry and Portknocking. Resources Installing an OpenSSH server on Windows VNC port forwarding with ssh HOWTO ssh/VNC tunnelling for Windows Portknocking.org Quicktime/iPod Format Windows/MPEG-1 Format Audio Only MP3 Format Episode 4 - Stopping Exploits in Email Tonight's episode discusses zero-day attacks from China using malicious Microsoft Office documents and the use of Fess to bridge the gap between antivirus and IDS detection of exploits in email. Resources Fess - File Exploit Scanning System ClamAV Snort MailScanner Quicktime/iPod Format Windows/MPEG-1 Format Audio Only MP3 Format The Security Hookup is produced solely using Free and Open Source software. LURHQ would like to extend a special thanks to the following software projects that make The Security Hookup possible: Kino/dvgrab Audacity Blender Cinelerra FFmpeg Debian GNU/Linux About LURHQ Corporation LURHQ is the leading provider of Threat and Vulnerability Management services. LURHQ empowers security professionals at enterprise clients by partnering with them to provide the Consulting and Managed Security Services necessary to better align their security efforts with business risk. The result is the development of a strategic Threat and Vulnerability Management process that delivers an enhanced security posture, greater security operations efficiency, improved compliance and reduced security program costs. For more information visit http://www.lurhq.com/.

// Home // Research