A Lesson I have learned some time ago, from the management. They say “You not need to kill me to demonstrate that you can do it”. So better mount a presentation with test machines.
netsec novice wrote:
I would like to demonstrate the importance of physical security to management by presenting information I was able to easily obtain by accessing one of our 'publically' available PCs residing on our private network. What I had in mind was to run a keylogger and perhaps nessus from a machine for a short period of time and present the output. I pictured installing a keylogger and a reconaissance type tool on a thumbdrive - leave it there for a period of days and then retrieve. Does anyone have suggestions on a keylogger or nessus type tool that could be easily installed on portable media that could then be carried away for analysis? I want to provide as realistic scenario as possible. IE - someone leaves a thumb drive attached for a day for keylogger or someone walks in and powers the PC off and then boots of a Linux based CD to run a scan and then easily collects data?
Thanks for any ideas!!
_________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
---------------------------------------------------------------------------
----------------------------------------------------------------------------
.
La información y archivos contenidos en este mensaje son confidenciales y para utilización exclusiva de los destinatarios consignados. Si Usted no reviste ese carácter, no se encuentra autorizado para divulgar, copiar,distribuir o retener todo o parte de la informacion y archivos, y deberá notificarlo de inmediato al remitente y eliminarlo de su sistema. Muchas gracias.
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
