Penetration Testing mailing list archives

Re: Penetration Testing - Human Factor

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 22 Aug 2006 21:27:22 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 21 Aug 2006, Marios A. Spinthiras wrote:

As a thorough sceptic Id like to conclude in most cases of a TRUE hackingincident social engineering has been a factor of success for the malicioususer attacking a system.

My observations differ. There tend to still remain enough low hangingfruit that one need not resort to directed victim contact. As well,social engineering can be hampered and has limitations; especially incross border incidents. Yes this does sound as though I'm bundling allsocial engineering into the Mitnick realm of phone calls for information,but consider, am I more likely to respond in the fashion you wish if thespelling and grammar match the language and region I'm in and accustomedto?



Thanks,

Ron DuFresne

- --~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE6679st+vzJSwZikRAp83AJ4pz9uQA8QoTi/1EB7aDZa1T0DIQwCg0cWF
V1lJFW7qTCQTJlyhVKi1+Gs=
=2W6B
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

Re: Bluetooth Pentesting?, (continued)
- - - Re: Bluetooth Pentesting? Fabio Nigi (Aug 22)
    - Re: Bluetooth Pentesting? Thor (Hammer of God) (Aug 22)
    - SV: Bluetooth Pentesting? Martin Gustafsson (Aug 22)
    - Re[2]: Bluetooth Pentesting? Thierry Zoller (Aug 22)
  - Re: Bluetooth Pentesting? Times Enemy (Aug 22)
- RE: Penetration Testing - Human Factor Paul Melson (Aug 21)
- RE: Penetration Testing - Human Factor Arian J. Evans (Aug 21)
  - Re: Penetration Testing - Human Factor Marios A. Spinthiras (Aug 23)
    - RE: Penetration Testing - Human Factor Isaac Van Name (Aug 24)
  - RE: Penetration Testing - Human Factor StyleWar (Aug 26)
- Re: Penetration Testing - Human Factor R. DuFresne (Aug 22)
- RE: Penetration Testing - Human Factor StyleWar (Aug 26)
- Re: Penetration Testing - Human Factor Catsworth (Aug 22)
- RE: Penetration Testing - Human Factor KeenerPB (Aug 22)
  - Re: Penetration Testing - Human Factor Joey Peloquin (Aug 23)
    - Message not available
    - Re: Penetration Testing - Human Factor K K Mookhey (Aug 23)
    - RE: Penetration Testing - Human Factor Robert D. Holtz - Lists (Aug 23)
    - Pen-testing/auditing MS Exchange Servers. Serge Vondandamo (Aug 24)
    - RE: Pen-testing/auditing MS Exchange Servers. Justin Polazzo (Aug 25)
    - RE: Penetration Testing - Human Factor StyleWar (Aug 26)
    - Re: Penetration Testing - Human Factor Joey Peloquin (Aug 29)

(Thread continues...)