From: MacDougall, Shane (smacdougall@idanalytics.com)
Date: Thu Mar 11 2004 - 15:40:24 EST
Actually I have hired a strip-o-gram in the past to gain access to a
secured site during a pentest. I arrived at the site with the stripper
and told the guard we were there to give an employee (whose name we had
gained from the website) a Strip-o-gram. The security guard gladly
buzzed us in through the mantrap, signed us in and took us into the data
center. While all the staff were busy watching the show I was grabbing
password files and installing software. This isn't as rare as you might
think.
Now let's take this thread in its logical direction: Sexy pen-testers on
meth.
Shane
-----Original Message-----
From: Chuck Fullerton [mailto:chuckf69@ceinetworks.com]
Sent: Wednesday, March 10, 2004 10:35 AM
To: J. Oquendo; pen-test@securityfocus.com
Cc: neale.green@eds.com
Subject: RE: Sexy pen-testers and auditing...
Ok,
This is a great conversation but let's please keep it realistic. How
many
pen testers will hire an escort to social engineer a client. How do you
get
permission for that?
Not meaning to get flamed here, just stating the obvious.
Chuck Fullerton
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:50 EDT