Penetration Testing - Human Factor

From: Marios A. Spinthiras (mario@netway.com.cy)
Date: Mon Aug 21 2006 - 02:19:39 EDT

• Next message: Lubos Kolouch: "Re: MAC address spoofing - conflict?"
• Previous message: lakshminarayanan79@yahoo.com: "Re: Vulnerability Assessment vs. PenTest"
• Next in thread: steven@lovebug.org: "Bluetooth Pentesting?"
• Reply: steven@lovebug.org: "Bluetooth Pentesting?"
• Reply: Paul Melson: "RE: Penetration Testing - Human Factor"
• Reply: Arian J. Evans: "RE: Penetration Testing - Human Factor"
• Maybe reply: Catsworth@noemail.thanks: "Re: Penetration Testing - Human Factor"
• Maybe reply: KeenerPB@mcnosc.usmc.mil: "RE: Penetration Testing - Human Factor"
• Reply: R. DuFresne: "Re: Penetration Testing - Human Factor"
• Maybe reply: K K Mookhey: "Re: Penetration Testing - Human Factor"
• Maybe reply: Evans, Arian: "RE: Penetration Testing - Human Factor"
• Reply: StyleWar: "RE: Penetration Testing - Human Factor"
• Maybe reply: KeenerPB@mcnosc.usmc.mil: "Re: Penetration Testing - Human Factor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

As a thorough sceptic Id like to conclude in most cases of a TRUE hacking
incident social engineering has been a factor of success for the malicious
user attacking a system.
    For quite a while now I have been compiling methodology on the
assessment of the weak human security link which can be exploited through
social engineering. Has anyone got any thoughts they would like to share or
guidelines to the audit of the human factor when security is concerned?

Any information is much apreciated.

Many Thanks,
Mario A. Spinthiras

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Lubos Kolouch: "Re: MAC address spoofing - conflict?"
• Previous message: lakshminarayanan79@yahoo.com: "Re: Vulnerability Assessment vs. PenTest"
• Next in thread: steven@lovebug.org: "Bluetooth Pentesting?"
• Reply: steven@lovebug.org: "Bluetooth Pentesting?"
• Reply: Paul Melson: "RE: Penetration Testing - Human Factor"
• Reply: Arian J. Evans: "RE: Penetration Testing - Human Factor"
• Maybe reply: Catsworth@noemail.thanks: "Re: Penetration Testing - Human Factor"
• Maybe reply: KeenerPB@mcnosc.usmc.mil: "RE: Penetration Testing - Human Factor"
• Reply: R. DuFresne: "Re: Penetration Testing - Human Factor"
• Maybe reply: K K Mookhey: "Re: Penetration Testing - Human Factor"
• Maybe reply: Evans, Arian: "RE: Penetration Testing - Human Factor"
• Reply: StyleWar: "RE: Penetration Testing - Human Factor"
• Maybe reply: KeenerPB@mcnosc.usmc.mil: "Re: Penetration Testing - Human Factor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:46 EDT