Hi,
Wear excellent expensive outfit (business) with chauffer driven car and a
secretary right in to the company, and try show as if u are bigshot VC and
want to meet CEO or any other important person, or may be u can
impersonate spot audit check from ISO if ISO certified or any other
regulatory firm,
See if they are allowing u in.
Goal is to bypass all their physical security measures and get inside the
facility.
2 Cents.
Regards,
Vijay
-----Original Message-----
From: Cedric Blancher [mailto:blancher@cartel-securite.fr]
Sent: Tuesday, August 15, 2006 10:28 AM
To: scott
Cc: pen-test@securityfocus.com
Subject: Re: pentest physical security
Le lundi 31 juillet 2006 à 00:49 -0400, scott a écrit :
Okay,I've been contacted about pentesting physical security system for
a medium size company that is integrating IT & physical
security,ie;cameras,id gates,etc.
I'm not exactly sure where to start,other than the
obvious;passwords,permissions,etc.
Maybe some clue here:
http://recon.cx/en/f/sconheady-social-engineering-for-pen-testers.pdf
--
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
smime.p7s
Description: S/MIME cryptographic signature
