From: Upadhyaya, Vijay (vupadhyaya@ipolicynetworks.com)
Date: Thu Aug 24 2006 - 02:36:42 EDT
Hi,
Wear excellent expensive outfit (business) with chauffer driven car and a
secretary right in to the company, and try show as if u are bigshot VC and
want to meet CEO or any other important person, or may be u can
impersonate spot audit check from ISO if ISO certified or any other
regulatory firm,
See if they are allowing u in.
Goal is to bypass all their physical security measures and get inside the
facility.
2 Cents.
Regards,
Vijay
-----Original Message-----
From: Cedric Blancher [mailto:blancher@cartel-securite.fr]
Sent: Tuesday, August 15, 2006 10:28 AM
To: scott
Cc: pen-test@securityfocus.com
Subject: Re: pentest physical security
Le lundi 31 juillet 2006 à 00:49 -0400, scott a écrit :
> Okay,I've been contacted about pentesting physical security system for
> a medium size company that is integrating IT & physical
> security,ie;cameras,id gates,etc.
> I'm not exactly sure where to start,other than the
> obvious;passwords,permissions,etc.
Maybe some clue here:
http://recon.cx/en/f/sconheady-social-engineering-for-pen-testers.pdf
-- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:48 EDT