Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 57 - Dennis Brown

Welcome to the Tenable Network Security Podcast - Episode 57

Hosts: Paul Asadoorian, Product Evangelist

Announcements

  • Be certain to check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.

  • We're hiring! - Visit the web site for more information about open positions.

  • You can subscribe to the Tenable Network Security Podcast on iTunes!

  • Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!
  • Interview with Dennis Brown

    dennissmall.png

    "Dennis Brown is a research engineer for Tenable Network Security. He specializes in malware analysis with a penchant for botnet research. Dennis has spoken previously at Defcon 18, Toorcon 10 and 11 and on the PaulDotCom security podcast. He also organizes the DC401 hacker group in Rhode Island and the QuahogCon security conference."

    Dennis recently gave a presentation titled "Resilient Botnet Command and Control with Tor" at HiTB Malaysia and Toorcon 13. Dennis and I discussed the following topics:

    • I was working for a University when Tor first became popular. This presented many challenges; students were using it to evade detection by the RIAA/MPAA, attackers were using it to launch attacks against us, and I even encountered a few Tor exit nodes in my time. How has the Tor network evolved over time?
    • Which botnets have been observed in the wild using Tor?
    • What is a private Tor network? How do you build a private Tor network? Is it easy?
    • How does using Tor affect speed? Does this impact the botnet, and how so?
    • What is an HTTP hidden service? Tor3web proxy? How does this all work to mask the botnet's command and control channel?
    • I always thought that encryption would be the end of the good guys' fight against malware, but has that largely turned out not to be true or has it?
    • It seems that masking the command and control channel produces the highest rate of success for a botnet. How does Tor help the bad guys accomplish this?
    • How can we detect botnets using Tor?

    Related Posts

    Subscribe to the Tenable Blog

    Subscribe
    Try for Free Buy Now

    Try Tenable.io

    FREE FOR 60 DAYS

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

    Buy Tenable.io

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

    65 assets

    $2,190.00

    Buy Now

    Try for Free Buy Now

    Try Nessus Professional Free

    FREE FOR 7 DAYS

    Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

    Buy Nessus Professional

    Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

    Buy a multi-year license and save

    Try for Free Buy Now

    Try Tenable.io Web Application Scanning

    FREE FOR 60 DAYS

    Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

    Buy Tenable.io Web Application Scanning

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

    5 FQDNs

    $3,578.00

    Buy Now

    Try for Free Contact Sales

    Try Tenable.io Container Security

    FREE FOR 60 DAYS

    Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

    Buy Tenable.io Container Security

    Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

    Learn More about Industrial Security

    Get a Demo of Tenable.sc

    Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.