Re: Taking Testing a Firewall to the extreme

[Adam Shostack <adam () homeport org>]

        A normal penetration test is social engineering.  Ok, how
about "should be"?  Its a remarkably powerful technique.  Sure, Van
Eck boxes are kewl, but a telephone will get you the same information
faster in most cases, and the phone is a lot cheaper.  (A nice suit is
also a useful tool, and still cheaper than a van Eck setup.)

        We Americans tend to have a thing for using toys.  Thats fine,
we build some excellent toys, but when I was consulting, I never found
a site where I had any desire to talk about van eck.  The customers
money was always better spent on things other than copper shielding,
such as user training, security for the dialups, a firewall for the
extranet, etc.

        If you find yourself at a facility where you want to try van
Eck, try another pass at walking around, calling up, getting hired as
a janitor, or subverting an employee.  There is going to be a better
way.

        (Incidentally, van eck was the dutch professor who published a
paper on electro magnetic radiation from computers and their use in
spying.)


Adam

Edward Cracknell wrote:
| OK, so call this OTT, (and Marcus...stop me when I go too far!)
| 
| Does the group consider the use of Electro-Magnetic Radiation scanning
| tools, keyboard taps etc. outside the scope of a 'normal' test.
| 
| I suppose one has to define what a 'normal' penetration test is, and
| certainly it ain't the job of a firewall to cater for that type of
| compromise, but more the job of the policy.



-- 
"It is seldom that liberty of any kind is lost all at once."
                                                       -Hume