Re: pentest physical security

From: intel96 (intel96@bellsouth.net)
Date: Sat Aug 26 2006 - 11:26:29 EDT

Next message: pdp (architect): "AttackAPI 0.5 (JavaScript tools)"
Previous message: Patrick: "RE: C# Exceptions"
Maybe in reply to: scott: "pentest physical security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mervyn,

You are off point
pentesting. So I
suggested.

Using USB flash
an old game. The
"confidential
This attack vector

A better attack
software with a custom Trojan.
role of the person at the company.
person a new update
This attack vector

Another twist
switch, router, server,
modified to assist
installed.

These latter attacks
corporations.

Ok, now lets get

Mervyn Heng wrote:
>
>
>
>
>
>
>
>
>
>
>
> you
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> cleaning
>
>
> were
>
>
>
>
>
> know
>
>
>
> they did
>
>
>
>
>
>
>
>
> and the
>
>
>
>
>
> >
>
>
>
>
>
>
>
> >
>
> >
> >
>
>
>
>
>
>
>
> >
>
> >
>
>
>
>
>
>
> >>
> >
>
> >
> >
>
>
> >
> >
> > --
>
>
>
> >
>
>
>
> >
> >
>
>
> >
>
>
>
>
> >
>
> >
> >
> >
> >
>
>
>
> >
>
>
>
>
> >
>
> >
> >
> >
>
>
>
>
>
>
>
>
>
>
>
>
>

--------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm
Click the link to

Next

Previous

Maybe

Messages [ date ] [ [ [ [

This archive was : Sat Apr 12 2008 - 10:56:50 EDT here with the topic, which is physical security will provide you some insight into the article you drives to circumvent logical security is a new twist to old game was to use a CD marked with something like - companyname finances" loaded with Trojan software. worked all the time. is sending someone a repackaged commercial piece of This attack is targeted based on the Examples include sending a finance to Quickbooks or an engineer a copy of AutoCad. worked all the time. that also works is sending a new piece of hardware (e.g. etc.) to a company that has been physical you gaining access to the network after it has been cost money, but are used to today to gain access to back on point with physical security. You don't even need physical access. This article shows why. http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1 <http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1> On 8/25/06, *intel96* <intel96@bellsouth.net <mailto:intel96@bellsouth.net>> wrote: Posing as a cleaning person allows you to obtain unrestricted access into some sensitive locations (e.g. CxO offices). The trash makes a great place to hide disk duplication equipment, hardware keystroke loggers and other equipment. The disk duplication equipment allows to copy the laptop and desktop hard drives without stealing them. The keystroke loggers allow you to obtain passwords for encrypted files and other applications. Posing as HVAC personnel also works. The cleaning crews can expose MAJOR gaps in an organization security posture as noted below: I once provided a FREE physical security inspection and a vulnerability assessment to a Fortune 500 telecommunications firm (requirement for Masters Degrees). Part of my assessment was to questioned the company that provided services to this telecommunications firm. The cleaning company did verify anything about their workers and most from Asia countries (mostly Korea and China). These workers had unrestricted access into development areas for new products (e.g. cellular, networking, etc.). When I provided my final report to the company nothing changed. I this because I worked at this company for a year after the report and caught several cleaning people in restricted areas looking at project information. When asked what they were doing they stated that not understand English and hurried away............... JJacoby wrote: > My experience has been that there are two groups that have nearly unfettered > and unescorted access to all spaces: private security guards, > cleaning crew. Both are poorly paid and on the bottom of the social scale, > so employees don't want to be seen having any contact with them. Duplicate > their appearance and you will be shunned. > Try to observe the cleaning crew's appearance, doors used, etc. Cleaning > crews leave doors open / unlocked / propped all the time. They work after > hours, so there are few (if any) employees around to watch you shove laptops > into your trash bin. > Stonewall > -----Original Message----- > From: Cedric Blancher [mailto:blancher@cartel-securite.fr <mailto:blancher@cartel-securite.fr> ] > Sent: Tuesday, August 15, 2006 10:28 AM > To: scott > Cc: pen-test@securityfocus.com <mailto:pen-test@securityfocus.com> > Subject: Re: pentest physical security > Le lundi 31 juillet 2006 à 00:49 -0400, scott a écrit : >> Okay,I've been contacted about pentesting physical security system for >> a medium size company that is integrating IT & physical >> security,ie;cameras,id gates,etc. >> I'm not exactly sure where to start,other than the >> obvious;passwords,permissions,etc. > Maybe some clue here: http://recon.cx/en/f/sconheady-social-engineering-for-pen-testers.pdf <http://recon.cx/en/f/sconheady-social-engineering-for-pen-testers.pdf> > http://sid.rstack.org/ > PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >>> Hi! I'm your friendly neighbourhood signature virus. >>> Copy me to your signature file and help me spread! >>> ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ ---------------------------------------------------- finds vulnerabilities fast. buy it, try it or download Hailstorm for FREE. .com/products_services/download_hailstorm.php">http://www.cenzic.com/products_services/download_hailstorm.php ---------------------------------------------- message: pdp (architect): "AttackAPI 0.5 (JavaScript tools)" message: Patrick: "RE: C# Exceptions" in reply to: scott: "pentest physical security" sorted by: thread ] subject ] author ] attachment ] generated by hypermail 2.1.7