RE: How to check an Executive's notebook

["Andrej Budja" <andrej () budja com>]

Hi Mike,

There's an interesting document in the SANS Reading Room.

Auditing a Systems Security Consultant's Laptop Running Fedora Core 2
http://www.sans.org/reading_room/whitepapers/honors/1615.php

While it might not be exactly what you are looking for, you can at least get
some ideas. 

I definitely would not redirect any of his traffic! I would do the normal
check-up, but let him do it. You need to make sure he's got antivirus. Let
him show it to you. Are all patches installed? Let him do the clicks. Is he
running a firewall? Let him show you which ports might be opened. You get
the idea...

If you want to check his behavior let him browse the Cookies folder and look
for any suspicious sites...

This way, not only will you do the job, but you will also educate him. If he
really is a high powered Executive then he will appreciate the knowledge you
share with him.

Best,
Andrej

-----Original Message-----
From: itsec.info [mailto:itsec.info () gmail com] 
Sent: Saturday, August 05, 2006 1:19 PM
To: pen-test () securityfocus com
Subject: How to check an Executive's notebook

Hi

I have a client who is a very high powered Executive and he asked me to
check his notebook regarding security etc.
Actually this would be any easy task but he is not willing to hand over his
notebook to me and I am not allowed to retrieve any data from it.

Well how can you assess such a notebook and also the person's behaviour
regarding security (e.g. reading his private email via smtp and the like)?

The only idea I found so far is to re-direct the notebook's Internet traffic
through a proxy and then I can examine this traffic and give him some
advice.

Any other ideas are very welcomed.

--
Regards,
Mike


----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise, you need to proactively protect your applications from hackers. Cenzic
has the most comprehensive solutions to meet your application security
penetration testing and vulnerability management needs. You have an option
to go with a managed service (Cenzic ClickToSecure) or an enterprise
software (Cenzic Hailstorm). Download FREE whitepaper on how a managed
service can help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------