h1

TWiET #72 – A Firewall Admin’s Worst Nightmare

December 26, 2013

And, last week, I was on This Week in Enterprise Tech, a second time, to pre-record episode 72, their Christmas special. This time, we went through covert communication and how a low and slow attacker would keep and use a beachhead in a compromised network.

But first, a story:

I usually go on the show with two laptops. One for screensharing and another for Skype video. I wasn’t able to do so this time and we had to get creative. This led to some troubleshooting during the live recording of the episode. The folks on the irc.twit.tv/twitlive chatroom were very gracious and good spirited as we worked through these things. The in-between time of the episode allowed for some fun banter, so it wasn’t all bad. I watched the episode in its edited form and I’m pleasantly surprised. I think it came out really well.

Here’s the episode:

In the video, I use Cobalt Strike’s Beacon to demonstrate this beachhead. To dig more into Beacon, here are the blog posts on this topic:

Once again, I hope you enjoy the trip down into the offensive rabbit hole.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s