Penetration Testing mailing list archives
Re: Generating awareness amongst IT staff
From: Faheem SIDDIQUI <fahimdxb () gmail com>
Date: Sat, 02 Dec 2006 09:09:06 +0400
Thanks to all the great tips you guys have given here. Will need your assistance once I start to lay down the presentation details. Regards Sol_Invictus wrote:
After that tell them that it even easier with a copy of the rainbow tables.Some tips for them to remember.. 1. Think like the bad guys. 2. Be suspicious 3. Default Deny 4. Know everything on you're network/system. A tip for you. Be careful not to "insult their intelligence" Allow them to ask the questions if they don't understand. I've done many of these before, feel free to hit me offlist if you have anyother questions.Sol. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Faheem SIDDIQUI Sent: Saturday, November 25, 2006 11:14 AM To: pen-test () securityfocus com Subject: Generating awareness amongst IT staff I am in the middle od preparing slides for security awareness presentation amongst IT staff (network admins/system/DBAs) etc. Security awareness is quite low amongst these guys and they seem to believe that the way have done it all these years, can continue all the remaining years too. Plan is, to create password hack using Ophcrack and run it during presentation. What else can I do to create real time engaging presentation so that these guys might sit up and take notice. How about doing a pen test on databases? Anyone has any ideas to make this presentation to largely IT technical staff...as engaging as possible? ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Re: Re: Generating awareness amongst IT staff bulgaro76 (Dec 01)
- Re: Generating awareness amongst IT staff Jerome Athias (Dec 03)
- Re[2]: Generating awareness amongst IT staff Roman Shirokov (Dec 03)
- Re: Re[2]: Generating awareness amongst IT staff pand0ra (Dec 03)
- Re: Re[2]: Generating awareness amongst IT staff nick leachman (Dec 05)
- Re: Re[2]: Generating awareness amongst IT staff pand0ra (Dec 05)
- Re[2]: Generating awareness amongst IT staff Roman Shirokov (Dec 03)
- Re: Generating awareness amongst IT staff Jerome Athias (Dec 03)
- <Possible follow-ups>
- Re: Generating awareness amongst IT staff Faheem SIDDIQUI (Dec 03)
- RE: Re: Generating awareness amongst IT staff Michael Scheidell (Dec 03)
- Re: Generating awareness amongst IT staff Eagle Fire (Dec 03)