PaulDotCom mailing list archives
Re: Presentation Advice
From: Jack Daniel <jackadaniel () gmail com>
Date: Wed, 8 Sep 2010 21:49:58 -0400
Non IT folks? Aim low. That is not a shot at the audience, just that they may not get the significance of everything you show, and they may not understand the ease or difficulty of the attacks. Simplify the message, and repeat it. Ask what the one thing is you want them to take away, and a couple of points you would consider bonuses- and focus on those. If you can get the demo to work, great- but the demo gods are vengeful, have a backup plan and don't fumble around if it is clear the demo is going to fail- move on. Good luck, and good for stepping up to do the education, we all need to do more of it. Jack On Wed, Sep 8, 2010 at 4:59 PM, Craig Freyman <craigfreyman () gmail com>wrote:
I'm giving a security presentation to a room full of non IT folks in a few
weeks. The point I want to drive home is that simply having AV and a
Firewall doesn't make you bulletproof. There is a big gap between what the
bad guys can do and what modern security apps can stop or catch. I think one
way to help bridge this gap would be to raise user awareness and to get
users thinking about security issues. I believe most users think that with
AV/Firewall and not clicking on links, they're safe.
I was planning on doing a live demo (crossing fingers) to make this point.
I will set up a rogue AP ("FreeWIFI Connect to ME!"), connect a client
machine and then demonstrate some MITM attacks. I'll also throw in some SET
to have some meterpreter fun. Password stealing, key logging, sound
recording etc... I know I cant get too technical and if I do, I'll loose the
group. I think this demo would get their attention but was wondering if
anyone has done this before and if so, what did you do?
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
-- ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Presentation Advice Craig Freyman (Sep 08)
- Re: Presentation Advice Pommerening, Jeremy (Sep 08)
- Re: Presentation Advice Jack Daniel (Sep 08)
- Re: Presentation Advice Andrew Johnson (Sep 08)
- Re: Presentation Advice Dave Ockwell-Jenner (Sep 08)
- Re: Presentation Advice Craig Freyman (Sep 08)
- Re: Presentation Advice Bugbear (Sep 09)
- Re: Presentation Advice d4ncingd4n (Sep 09)
- Re: Presentation Advice Nils (Sep 10)
- Re: Presentation Advice Craig Freyman (Sep 08)