Re: [PEN-TEST] 2 quick questions

["sporty o'one" <sporty () SPORTY ORG>]

> First is I was curious about routers:  If a network has a router (a hardware
> one, not a computer running Linux or NT).  Is there anything to be gained
> from breaking into the router through one of the remote administration
> points?  Is this thus a fruitless exercise or is there something to show the
> customer or gain yourself if you are auditing your network's security?

you can certainly DoS the network.  simply firewall/disable any given
interface, change admin pass.  do this on a sunday nite at about 6pm or
when modes of transit become impossible to generate more anger.

> Second I was curious about social engineering.  Is this considered "fair
> play?"  Is it discussed in advance?  If you're allowed to do it how far do
> you take it?  Do you take it the point where you do a mass mailing of BO or
> Sub 7 to show the owners of the network how vulnerable they are to this flaw
> (because isn't social engineering kind of a flaw even though it is a human
> one?)  Or do you just stop with tricking them into revealing user names and
> passwords?

I personally think taking a machine that can be quickly redone or a dummy
machine, set it up like a normal machine to be infected and show how
easily done it is.

If the excuse, "But you know how to do these things" comes from
co-workers/supervisors, point out that you aren't exactly one of a kind.