Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Physical pen testing

From: John Brand <jbrand () ARL ARMY MIL>
Date: Tue, 22 Aug 2000 09:27:37 -0400
Still very new at this racket, so this is my maiden comment.  Not sure who,
if anyone will get it, but here goes.

motion detectors:  ADT put a very nice IR motion detector in my house,
cheap.  It's a threshold device, passive.  Not sure what the output is, so
testing to be sure they are still working when installed in out of the way
places might be real fun.  Good for above drop ceilings.

mix with sonar and passive acoustic sensors: still very cheap.  Good for
above drop ceilings.  Threshold may be a problem, but that's doable.

perimeter alarm switches: radio shack stuff.  For small areas wireless
stuff like ADT tried to sell me is good, versatile, and configurable. Some
kid stuff is well worth doing, even if kid stuff.

about 20 yrs ago you could get a pyroelectric vidicon (you remember
vidicons?) that were made to French Army mil specs.  That gives you thermal
imaging as well as visible, if you use the right lens systems.  Of course
regular focal plane array TVs are so small and cheap it would be crazy to
use pyros for visible rather than using modern stuff.  Pyros were basically
a bolometric device, so were astonishingly wavelength independent.  D* was
awful but enough for this stuff.   To get an image of a static scene you
had to chop them, which meant they were, unchopped, inherent motion
detectors as well.  No cooling, just plug in and forget except to watch.
Worked fine in total darkness.  You can get uncooled mer-cad-telluride
linear arrays (a few years ago D* was still awful) but don't know about
focal plane arrays.  In any case build-it-yourself is pretty tedious for
this stuff.

Redundancy in devices (coverage) and diversity of technology used are keys.

The real key however is to do a decent audit and write and enforce a decent
SOP.  If management doesn't care enough to decide to do something and no
one knows what to do given they do care, and unless some one checks now and
then, you are dead meat.

If this is too trivial for this forum, apologies.

Regards, john b.
Previous By Date Next
Previous By Thread Next

Current thread: