From: nicola@softech.it
Date: Sat Dec 11 2004 - 09:03:13 EST
On Thu, 2004-09-12 at 21.18, Frank Knobbe wrote:
> Sure, but you show it to management/sponsor. You don't show it to the
> people affected unless they are involved in a test (like branch managers
> having you detained in their office).
> Penetration Testing is all about showing flaws, but to the sponsor, not
> the folks who commit the violations. It's the responsibility of the
> sponsors to take action in a way they see fit.
> Discretion is paramount in these engagements. You just don't leave stuff
> behind.
I'm agree with Frank...in a physical security test, discretion is very
important..then, what about using the so called "password pen"?
Watch this:
http://www.softwareandstuff.com/CES10368.html
With this pen you can write on any surface with invisible to the naked eye
ink; when you point an UV light on the area you wrote, your tag will
appear.
Imho discreet and effective.
Bye
Nicola
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:10 EDT