A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Joe Schorr – “Rule 1: Cardio” (and 9 other rules to keep intruders out) Derbycon 2011 (Hacking Illustrated Series InfoSec Tutorial Videos)

Joe Schorr – “Rule 1: Cardio” (and 9 other rules to keep intruders out)
Derbycon 2011

No one likes to be made a fool of. But it’s doubly embarrassing if you help in the process. Physical pen tests tend to expose, sometimes in painful detail, just how low a priority is placed on preventing the entry of a new and unwanted organic endpoint (like me, Tom Cruise, the cast of Sneakers or a real bad guy) into one’s environment. Put another way, most organizations are content to sit behind their chain link fences, their electronic doors and their low-paid security guards while blithely unaware of bad guys scripting out attack vectors. Sadly, these vectors are not really novel, or new, or even especially difficult. In fact, the ‘Top 10' items in this presentation will seem like common sense, but when sewn together, create a virtual Red Carpet for a savvy pentester. This presentation is not meant to be uber-techie but presents some social engineering and physical pentesting exploits that anyone responsible for securing people, places and things should familiarize themselves with. You will be given real-life examples from ethical hacking engagements as well as tips to help you close those avenues of attack.

Back to Derbycon 2011 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast