I recently gave a demo to some of our managers and tech support guys using SET that blew them away. I followed it up with some of the flashy metasploit stuff like the soundrecorder script and the vnc payload. Then, I had Metasploit order me a pizza. The demo had a major impact on them and they're all of a sudden very open to security awareness training and not bitching about having admin rights.
On Wed, Apr 21, 2010 at 11:51 PM, Ng Choon Kiat <[email protected]>wrote: > Hi, > > I had a simple report on weak password and recommendation. Hope it is > helpful for you > > This is quite silly, it was shared and posted not long ago here. > http://twitter.com/cs420 > > Regards, > Grey > > On Thu, Apr 22, 2010 at 10:27 AM, Jorge A. Orchilles <[email protected]>wrote: > >> Hello all, >> >> I was asked to put together an outline for a security awareness >> training/talk/presentation aimed at system and network admins. I would like >> to show examples and make it fun. Here are my thoughts so far but would like >> to see if any of you have done this, have resources to point me to, and/or >> feedback on what I have so far: >> >> - Password construction/management >> - Show online password lists for default passwords >> - Examples of bruteforcing and cracking >> - Emphasis on having strong and different passwords for each system >> - Policy >> - Online postings related to work >> - Social networks >> - Mailing lists >> - Vendor sites/forums >> - Following best practices >> - SANS SCORE >> - Vendor recommendations >> - Think of the data >> >> Thanks in advance, >> Jorge Orchilles >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
