Mitnick is a good resource for review if you don't have personal experience
with it.
...Google his work on Sprint phones and Nortel switches and the Las Vegas
phone system (he was never caught, but did testify about it).
-
StyleWar
"I dare do all that may become a man; Who dares do more is none."
Macbeth, 1. 7
-----Original Message-----
From: Marios A. Spinthiras [mailto:mario@netway.com.cy]
Sent: Monday, August 21, 2006 1:20 AM
To: pen-test@securityfocus.com
Subject: Penetration Testing - Human Factor
As a thorough sceptic Id like to conclude in most cases of a
TRUE hacking incident social engineering has been a factor of
success for the malicious user attacking a system.
For quite a while now I have been compiling methodology
on the assessment of the weak human security link which can
be exploited through social engineering. Has anyone got any
thoughts they would like to share or guidelines to the audit
of the human factor when security is concerned?
Any information is much apreciated.
Many Thanks,
Mario A. Spinthiras
--------------------------------------------------------------
----------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
--------------------------------------------------------------
----------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
