TechSNAP

Episode 360: AMD Flaws Explained

March 22nd, 2018  |  29 mins 9 secs

amd platform security processor, amd psp, epyc, ethereum dns rebinding attack, expedia, fallout, firefox master password, orbitz, rdp vulnerability, ryzenfall, sysadmin podcast, techsnap

We cut through the noise and explain in clear terms what’s really been discovered. The botched disclosure of flaws in AMD products has overshadowed the technical details of the vulnerabilities, and we aim to fix that..

Episode 359: Netflix’s Dark Capacity

March 15th, 2018  |  31 mins 49 secs

acme, amplification attack, aws, cisco hardcoded password, cve 2018-1057, ddos, fail2ban replacement, let’s encrypt, netflix, project nimble, s3scanner, samba 4, slingshot, sysadmin podcast, techsnap, wildcard ssl

Netflix has a few tricks we can learn from, and the story of clever malware that was operating undetected since 2012.

Episode 358: A Future Without Servers

March 1st, 2018  |  36 mins 28 secs

apple, aws, cloud storage, cve tracking, devops, encryption, icloud, iron.io, lambda, open-lambda, openwhisk, private browsing, pwned passwords, serverless architecture, sysadmin podcast, techsnap, troy hunt, veil

The term serverless gets thrown around a lot, but what does it really mean? What are the benefits and the drawbacks? It’s a TechSNAP introduction to Serverless Architecture.

Episode 356: The Concern with Containers

February 15th, 2018  |  37 mins 23 secs

air-gapped, asa, blockchain, cisco, containers, docker, microsoft did, remote code execution, skype update flaw, sysadmin podcast, techsnap, telegram zero-day, xml parser

The problems containers can’t solve, nasty security flaws in Skype and Telegram, and Cisco discovers they have a bigger issue on their hands then first realized.

Episode 355: Operation FreeNAS Rescue

February 8th, 2018  |  40 mins 13 secs

adb.miner, best practices, beyondcorp, freenas, freenas migration, google security, lsi, monero, network security, supermicro, sysadmin podcast, techsnap, wordpress, zfs, zpool

We save our FreeNAS Mini from the edge, and perform an emergency migration to much larger hardware.

Episode 354: Here Come the Script Kiddies

February 1st, 2018  |  51 mins 59 secs

802.1x, autosploit, autosploit review, docker swarm, iscsi explained, portainer, psad, securing wordpress, shodan, simple network authentication, sysadmin podcast, techsnap, vlan, wordpress

AutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon, and other places vulnerable to this automated attack. We’ll tell you all about it, and what these 400 lines of Python known as AutoSploit really do.

Episode 353: Too Many Containers

January 25th, 2018  |  43 mins 8 secs

ai, ansible, bpf, checkpoint, chronicle, dnsfs, introduction to kubernetes, kubernetes, kubernetes explained, project zero, sysadmin podcast, techsnap

We introduce you to Kubernetes, what problems it solves, why everyone is talking about it, and where it came from. Also who shouldn’t be using Kubernetes, and the problems you can run into when scaling it.

Episode 352: Stop Using apt-get

January 22nd, 2018  |  36 mins 40 secs

android malware, ansible vs chef, cm, configuration management for the desktop, configuration management introduction, lenovo backdoor, samsam, sysadmin podcast, techsnap

And start using configuration management. Embrace reproducibility of systems, and streamlined management with TechSNAP’s introduction to Configuration Management.

Episode 351: Performance Meltdown

January 11th, 2018  |  41 mins 43 secs

backdoor, coordinated disclosure, freebsd, kaiser, kpti, macos high sierra, meltdown, pcid, perfmon, performance, pti, side-channel attack, spectre, speculative execution, sysadmin podcast, sysinternals, techsnap, ubuntu, wd my cloud

The types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself, and the outlook for 2018.

Plus a concise breakdown of Meltdown, Spectre, and side-channel attacks like only TechSNAP can.

Episode 349: All Natural Namespaces

December 21st, 2017  |  50 mins

botlogs, botnets, containers, fireeye, ieee 802.1ab, linux, malware, network namespace, robot attack, routing, sysadmin podcast, techsnap, triton, virtual ethernet devices, vrf, wannacry, wannacry killswitch, wireguard

Network Namespaces have been around for a while, but there may be be some very practical ways to use them that you’ve never considered. Wes does a deep dive into a very flexible tool.