Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Winning Hearts and Minds

From: "Andy Cuff" <lists () securitywizardry com>
Date: Fri, 4 May 2007 13:22:24 +0100
Afternoon,
The discussion on USB devices on the basics list, prompted me to report on
GFI's FREE Online USB scanner
http://www.securitywizardry.com/endpoint.htm#freegfi

Back in the 90's I found that a quick squirt using l0phtcrack was a great
way to win the hearts and minds of system owners to Information Security and
open their ears.  Obviously these days enabling password complexity is
trivial and cracking complex passwords pointless (mostly), therefore
password cracking doesn't have the same effect. VA tools tend to switch off
interest, therefore what do we do?  I saw the above scanner as another
Hearts and Minds tool, in that it will show the owner what USB devices have
ever been on a given system from Mass Storage to iPods, I'm sure it can be
defeated however it wakes them up.

What other Hearts and Minds tools do Pen Testers use for grabbing
attention??

Regards
Andy Cuff
Managing Director / CEO
Computer Network Defence Ltd
www.SecurityWizardry.com


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: