Penetration Testing mailing list archives
Re: physical security pentesting procedures, tips, audit programs?
From: ctg <plumme () gmail com>
Date: Fri, 3 Dec 2004 10:57:41 +0000
Heya Mark,
I am performing a pentest of the physical security at a hospital. Can anyone offer procedures, methodologies, tips, etc on this?
I did get from your email that you're going to do this only in one day. The thing is that, you might not notice all the things in just one day, if you have any change to use camera then use it to document and make a plan for your test. The idea also could consist of getting floor plans for the hospital, the main goal in those plans is to get electrical drawings and if you have any change, then try to obtain security network plans for the hospital. You could pose as a building constructor for the authorities. In the other hand hospital just isn't like a bank, so think about it, they do have awful lot of valuable information/equipments/drugs etc. in the building.
I plan to break the day into two parts: 1) physical security pentesting 2) physical security assessment
Good plan. I would recommend you think what is your goal. Think about what would you do, if you would be breaking in the hospital, what would be your goal(s). Then think about has the hospital made anything to secure those goals.
I think social engineering will be a big part of 1. A friend lent me a lab coat. :) I did some searches, and below are my notes and what others have said (sorry not to give credit).
Just a lab coat, what if you would be just regural visitor who got lost? or patient, security guard, secretary, janitor. I would recommend you to practise some lockpicking or obtaining at least automated tool for that. Also think about it, is it easier to get in certain places during different times of days. You could even try to enlist to them as new employee and get a position. Note that many organisations doesn't have security measures for the attacker from the inside and when they test their security, they do it from the outsider point of view.
The hospital was not informed, but a VP will be on the premises to vouch for me if caught.
Another good plan.
dumpster diving small screwdriver / credit card for opening doors
screwdriver leave marks, and you don't want to leave marks. Do you know how to use piece of plastic to open locks?
follow employees to lunch, eat near them, take notes
Don't just stalk, socialize with them if you can, you get more information by using that method.
plant keylogger? pretend to be the tape storage vendor?
Are these your goals? Plant a keylogger, why not trying to get access in the wiring closet and plant a laptop there with a sniffer, if that is what you want to do.
pop up ceiling tile, go over wall detect with ceiling motion detectors
This can be quite obvious and hazardous and might blow your cover. Do you want to do that or just casually observe and get it from the drawings. These are just ideas, so please don't take them in wrong way. - ctg. -
Current thread:
- physical security pentesting procedures, tips, audit programs? marc spamcatcher (Dec 02)
- Re: physical security pentesting procedures, tips, audit programs? ctg (Dec 03)
- RE: physical security pentesting procedures, tips, audit programs? Eric Greenberg (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Vic N (Dec 03)
- RE: physical security pentesting procedures, tips, audit programs? Jerry Shenk (Dec 07)
- Re: physical security pentesting procedures, tips, audit programs? Don Lord (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? xyberpix (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Jerry Shenk (Dec 07)
- Re: physical security pentesting procedures, tips, audit programs? Jose Maria Lopez (Dec 09)
- <Possible follow-ups>
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Frank Knobbe (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 09)
(Thread continues...)
- Re: physical security pentesting procedures, tips, audit programs? ctg (Dec 03)