From: Des Ward (security@senticom.co.uk)
Date: Tue Jan 30 2007 - 17:41:30 EST
Buy ten thumb drives, put a piece of code on them to sent a net message to your server internally or something similar (Basically you want the devices to phone home once placed in the users workstation) then you'll find how many people are still dumb enough to put an unknown device in their corporate system.
-----Original Message-----
From: webmaster@absolutenetworks.biz
To: pen-test@securityfocus.com
Sent: 30/01/07 14:12
Subject: Testing the user community
We all know our weak link but how do you identify just how weak they are? I
think it's time to pen test my user community and have a couple ideas to gather
statistics on just how nonaware they really are. Maybe a simple phishing scam
and bogus email with a fake virus attachment that emails me when it's opened so
I can track how many folks actually opened it. Has anyone ever done this
before? I can't find any information about it on the web.. thoughts and ideas
anybody?
Many thanks
Kurt
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:33 EDT