Penetration Testing mailing list archives
Re: [PEN-TEST] Penetration Testing and Van Eck Scanning
From: "Brooke, O'neil (EXP)" <o'neil.brooke () LMCO COM>
Date: Thu, 9 Nov 2000 16:29:08 -0500
To offer this as a penetration test, I think would be very positive for the security industry. I do not think that the general public is aware of TEMPEST or it's implications. If penetration testers started to offer this type of a scan I am sure we would raise awareness on this issue. Demand for tempest resistant office equipment would increase and given time we would all be a little safer from this kind of monitoring.
-----Original Message----- From: Rob Shein [SMTP:rshein () mail wash averstar com] Sent: Wednesday, November 08, 2000 11:08 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Penetration Testing and Van Eck Scanning If I understand the laws correctly (and I am NOT a lawyer, thank god), construction of a Van Eck device is illegal in the U.S. The concept behind the law is similar to the law regarding ownership or construction of bugging devices. Frankly, I don't see how viable it really is for a typical commercial enterprise to go sufficiently TEMPEST-compliant to thwart this form of surveillance. If they're a small business, it's too expensive for their budget, and if it's a large business, it's too difficult to cast the net that wide and be sure that some high-level manager doesn't circumvent the controls because he doesn't want to deal with the inconvenience or cost.-----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Johann van Duyn Sent: Wednesday, November 08, 2000 10:45 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Penetration Testing and Van Eck Scanning Just a thought I had while on a nicotine-and-caffeine break: Has anyone ever done a bit of Van Eck (aka TEMPEST) surveillance as part of a penetration test, just to show people what can be seen from a van in the corporate parking lot when the security attendant is on his lunch break? That could provide a few hot debates in boardrooms, especially if one were to tune in to the Internet browsing habits of a few senior directors... Has anyone done it, or had/seen it done (esp. outside of a military environment)? Are there any good references around re. proposed civilian standards for 'safety' from Van Eck scanning? And where would one look around either for people who do that type of surveillance, or the equipment to do that with. And, finally, if this is not the right forum for such discussions, could anyone in the know point me to such? Very ta, +---------------- | Johann van Duyn BA, MCSE, BCP-ISS | Network Manager: The Appleton Group Ltd | johann.vanduyn () appleton com | tel. +27 21 7998026 | cel. +27 82 4588472 | fax. +27 21 7944677 +---------------- "Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out judgement. For even the very wise cannot see all ends." -- Gandalf, in "Lord of the Rings" by JRR Tolkein ***The Appleton Group Ltd*** This message, including any attachments, is intended only for the individual or institution to which it is addressed and may contain information that is privileged, confidential or prohibited from disclosure or unauthorized use. If the recipient of this transmission is not the intended recipient, you are hereby notified that any use, reproduction dissemination, copying, disclosure, modification, distribution and/or publication of this email message or any of its attachments other than by its intended recipient is strictly prohibited by the sender. If you have received this message in error, please notify The Appleton Group Ltd immediately at postmaster () appleton com and destroy the message and all copies thereof in your possession.> ****************************
Current thread:
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning, (continued)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Deus, Attonbitus (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Cornali, Remo (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Cornali, Remo (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning batz (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Bys, Cory (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning ISSO (Nov 09)
- Message not available
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Alex Butcher (Nov 11)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning shaun (Nov 14)
- Message not available
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Frank Knobbe (Nov 10)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning David Alexander (Nov 10)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Brooke, O'neil (EXP) (Nov 10)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Frank Darden (Nov 11)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Talisker (Nov 13)