Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Boot floppy

from [Curt Purdy] Network Security [Permanent Link]
Subject: Re: Boot floppy
Date: Thu, 12 Apr 2007 09:44:25 -0400 
Absolutely Chris.  If they have Enterprise EnCase, they have complete
control, IF it is a company PC, and IF they have a written policy of no
expected privacy.  Barring the Navy case that had a questionable ruling, I
know of no other case that questioned the authority to do that with EnCase.
I have not worked with V6 yet, but V5 has about all the capability I could
ask for.

Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA 
Information Security Officer 
Information Systems Security
Columbia, MD
infosysec@gmail.com
purdy@tecman.com

-------------

If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked. 
-- former White House cybersecurity czar Richard Clarke 
 


-----Original Message-----
From: listbounce@securityfocus.com 
[mailto:listbounce@securityfocus.com] On Behalf Of Chris Zevlas
Sent: Wednesday, April 11, 2007 4:14 AM
To: Shreyas Zare; Pen-Testing
Subject: [lists] Re: Boot floppy

How about you doing a remote image with Encase this way he 
will never know 
what you did.

----- Original Message ----- 
From: "Shreyas Zare" <shreyas@technitium.com>
To: "Pen-Testing" <pen-test@securityfocus.com>
Sent: Tuesday, April 10, 2007 10:48 PM
Subject: Re: Boot floppy



Hi,

Try using social engineering. Tell him you are given a job to patch
all machines in the company for some security update then patch his
machine with a good rootkit. You may give him the update 

(infected) in

any CD or USB media so that he would install it himself. Or use any
idea which will not look suspicious to the target.

Regards,

On 4/10/07, Mifa <mifa@stangercorp.com> wrote:

We have a user who takes a company  computer home with 

them (no its not a 

lap top).  We have a good reason to need to look at their files. 
However, we want to do so without that employ knowing.  

They seem to know 

something about security becasue auto runs is disabled and the 
workstation is always locked with a third party software.  

INserting a U3 

drive will not run a program either.  Are there any 

programs that will 

boot from a floppy then copy a program to the c drive then 

wite an auto 

start entry into the registry?  This was the only way I 

can think of to 

get the user to install a program..

Any other ideas how we maight gain access?  It has to be 

fast (bathroom 

breaks ect).  I dont have time to load a live cd. Further, 

robooting 

would cause the user to loose work.





--------------------------------------------------------------
----------

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.



http://www.cenzic.com/products_services/download_hailstorm.php
?camp=701600000008bOW



--------------------------------------------------------------
----------







-- 
(This e-mail was composed and sent completely using 

recycled electrons)


Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@technitium.com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@technitium.com

Technitium Personal Computers
We belive in quality.
Visit http://pc.technitium.com for details.



--------------------------------------------------------------
----------

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.



http://www.cenzic.com/products_services/download_hailstorm.php
?camp=701600000008bOW



--------------------------------------------------------------
----------







--------------------------------------------------------------
----------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php
?camp=701600000008bOW
--------------------------------------------------------------
----------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: publications concerning port forwarding, Thomas W Shinder
Next by Date:  RE: Boot floppy, Mifa
Previous by Thread:  Re: Boot floppy, Chris Zevlas
Next by Thread:  Re: Boot floppy, berg
Indexes:  [Date] [Thread] [Top] [All Lists]