Re: [PEN-TEST] Penetration Testing and Van Eck Scanning

[shaun () 2600 CO ZA]

ISSO wrote:
> I think TEMPEST eavesdropping has very limited value with today's low
> rad monitors.

Short article in ZD's Smart Business Magazine of June 2000 (formerly PC
Computing) - page 72 - content as follows:

'Frank Jones, a former police officer who now develops TEMPEST scanners for
authorized government agencies, outlined the security threat of
electromagnetic radiation in his 1996 essay, "Nowhere to Run...Nowhere to
Hide..."'

'During a day trip to downtown New York City with a portable TEMPEST
scanner, Jones found that "with the proper frequency tuning, antenna
manipulation,...and vehicle location, we could monitor just about anyone,
anywhere, anytime." Jones's successful targets included the New York Post,
City Hall, and several midtown banks at ranges of up to 300 yards.'

Further down the article it also mentions that Jones' latest TEMPEST
scanner - the DataScan TEMPEST Monitoring System, is capable of reaching
ranges of 1000 yards.

I would not be too quick to eliminate TEMPEST scanning as a very real
threat, both of external attack, and of government CANIVORE-esque behaviour.
One could include in their pen-test a physical audit which would check
things like the age of the monitors for the important servers, location of
the most important machines relative to the exterior of building, and their
height above the ground floor (or below).


Shaun Dewberry
(If-someone's-got-a-title-to-describe-my-job-insert-here-please)
2600 Computer Security
www.2600.co.za