Penetration Testing mailing list archives
RE: physical security pentesting procedures, tips, audit programs?
From: "Jerry Shenk" <jshenk () decommunications com>
Date: Sat, 4 Dec 2004 13:12:24 -0500
I would strongly recommend against DOSing anything. I'd only do that during a cooperative assessment. You really don't want to take some vital piece of equipment out while nobody really knows who you are. You might look for DOSable devices and suggest a return visit because it probably is something that should be addressed....especially if you can connect to the network from an unattended RJ45 jack or wireless connection. -----Original Message----- From: Vic N [mailto:vic778 () hotmail com] Sent: Friday, December 03, 2004 9:40 AM To: pen-test () securityfocus com Subject: RE: physical security pentesting procedures, tips, audit programs?
From: marc spamcatcher <junk () zounds net> To: pen-test () securityfocus com Subject: physical security pentesting procedures, tips, audit programs? Date: Wed, 1 Dec 2004 20:41:28 -0600 (CST) I am performing a pentest of the physical security at a hospital. Can anyone offer procedures, methodologies, tips, etc on this?
I'd suggest you look at the challenge from the viewpoint of an unattended patient left alone in an examination room. I've seen instances where IP #'s are plainly labelled on wireless devices in public areas (such as an ER) and these IP's match simple ARIN lookups (do the ARIN lookups before you go in). Patient rooms sometimes have multiple RJ45 jacks to secondary equipment networks that could easily be plugged into. While it might not grant access to information, gaining access to and DOS'ing a network that say provides access to vitals monitoring could be a hospitals worst nightmare (and to be clear, I don't recommend doing it for a pen-test!) and should make your client take note. In this mode, I'm sure you'll see numerous HIPPA violations with workstations being left unlocked too. My experience has been that you're not separated from your possessions even in an ER situation (it's just put in a bag and you hold on to it). A standard notebook w/wireless and an RJ-45 cable idling ready to go in a non-descript bag... If you go in as a non-critical patient needing observation and not as a "stranger" you're bound to be left unattended in the "hurry up and wait" nature of treatement and have more than a few minutes to test.
Current thread:
- physical security pentesting procedures, tips, audit programs? marc spamcatcher (Dec 02)
- Re: physical security pentesting procedures, tips, audit programs? ctg (Dec 03)
- RE: physical security pentesting procedures, tips, audit programs? Eric Greenberg (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Vic N (Dec 03)
- RE: physical security pentesting procedures, tips, audit programs? Jerry Shenk (Dec 07)
- Re: physical security pentesting procedures, tips, audit programs? Don Lord (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? xyberpix (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Jerry Shenk (Dec 07)
- Re: physical security pentesting procedures, tips, audit programs? Jose Maria Lopez (Dec 09)
- <Possible follow-ups>
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 07)
- RE: physical security pentesting procedures, tips, audit programs? Frank Knobbe (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? Todd Towles (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? xyberpix (Dec 09)
- RE: physical security pentesting procedures, tips, audit programs? Frank Knobbe (Dec 09)
- Re: physical security pentesting procedures, tips, audit programs? nicola (Dec 12)
- Re: physical security pentesting procedures, tips, audit programs? ctg (Dec 03)