From: Andy Cuff (lists@securitywizardry.com)
Date: Fri May 04 2007 - 08:22:24 EDT
Afternoon,
The discussion on USB devices on the basics list, prompted me to report on
GFI's FREE Online USB scanner
http://www.securitywizardry.com/endpoint.htm#freegfi
Back in the 90's I found that a quick squirt using l0phtcrack was a great
way to win the hearts and minds of system owners to Information Security and
open their ears. Obviously these days enabling password complexity is
trivial and cracking complex passwords pointless (mostly), therefore
password cracking doesn't have the same effect. VA tools tend to switch off
interest, therefore what do we do? I saw the above scanner as another
Hearts and Minds tool, in that it will show the owner what USB devices have
ever been on a given system from Mass Storage to iPods, I'm sure it can be
defeated however it wakes them up.
What other Hearts and Minds tools do Pen Testers use for grabbing
attention??
Regards
Andy Cuff
Managing Director / CEO
Computer Network Defence Ltd
www.SecurityWizardry.com
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:46 EDT