PaulDotCom mailing list archives
Security Awareness Training for SysAdmins
From: craigfreyman at gmail.com (Craig Freyman)
Date: Thu, 22 Apr 2010 08:40:49 -0600
I recently gave a demo to some of our managers and tech support guys using SET that blew them away. I followed it up with some of the flashy metasploit stuff like the soundrecorder script and the vnc payload. Then, I had Metasploit order me a pizza. The demo had a major impact on them and they're all of a sudden very open to security awareness training and not bitching about having admin rights. On Wed, Apr 21, 2010 at 11:51 PM, Ng Choon Kiat <choonkiat83 at gmail.com>wrote:
Hi, I had a simple report on weak password and recommendation. Hope it is helpful for you This is quite silly, it was shared and posted not long ago here. http://twitter.com/cs420 Regards, Grey On Thu, Apr 22, 2010 at 10:27 AM, Jorge A. Orchilles <jorgeao at gmail.com>wrote:Hello all, I was asked to put together an outline for a security awareness training/talk/presentation aimed at system and network admins. I would like to show examples and make it fun. Here are my thoughts so far but would like to see if any of you have done this, have resources to point me to, and/or feedback on what I have so far: - Password construction/management - Show online password lists for default passwords - Examples of bruteforcing and cracking - Emphasis on having strong and different passwords for each system - Policy - Online postings related to work - Social networks - Mailing lists - Vendor sites/forums - Following best practices - SANS SCORE - Vendor recommendations - Think of the data Thanks in advance, Jorge Orchilles _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100422/7c14dc0c/attachment.htm
Current thread:
- Security Awareness Training for SysAdmins Jorge A. Orchilles (Apr 21)
- Security Awareness Training for SysAdmins Ng Choon Kiat (Apr 21)
- Security Awareness Training for SysAdmins Craig Freyman (Apr 22)
- Security Awareness Training for SysAdmins Pommerening, Jeremy (Apr 22)
- Security Awareness Training for SysAdmins Craig Freyman (Apr 22)
- Security Awareness Training for SysAdmins Craig Freyman (Apr 22)
- Security Awareness Training for SysAdmins John Strand (Apr 22)
- Security Awareness Training for SysAdmins Ng Choon Kiat (Apr 21)