Hello, welcome to the Friday, July 7th, 2017 edition of the Sandtonet Storm Center's Stormcast.

My name is Johannes Ulrich, and the day I'm recording from Prague, Czech Republic.

A couple of interesting diaries to start out with.

First one by DDA, of course, yet another Python script by DDA,

and this time about finding interesting domain names.

We had this in the past.

His is a little bit of different approach.

We actually train the script to tell it what normal words look like and it then looks

for abnormal one, which of course come out to be more random domain names.

Mark Baggett has a similar script looking at it from an entropy point of view.

What's sort of different with the idea that you actually can train it with different dictionaries

so you can make it somewhat language-specific?

And then we got the second guest diary by Ali DeCantana

this time, again about BitTorrent Sync version 2,

but from a log file perspective,

so what you can find about this particular tool

from the log files, it leaves on a system.

And to keep this week interesting, we got a couple of updates from Cisco. Cisco patches,

first of all, vulnerability in the elastic services controller. Apparently there were some

static login details that were shipped with this

product that have to be removed and that's done with this latest update. And the auto IT service

apparently allows the execution of shell commands as route without authentication. That has

...