Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: Presentation Advice
From: "Pommerening, Jeremy" <jpommerening () SYMBION COM>
Date: Thu, 9 Sep 2010 01:55:56 +0000

I scared my corporate users a few years ago just talking about botnets. A simple demo should do the trick. I'm planning 
on doing one myself soon for my company too. They still talk about that presentation.
Jeremy Pommerening
Giac GCFA GPEN GAWN GCFW
MCSE Win2k NT4

Sent from Blackberry

DISCLAIMER: This message is being sent from a portable device. This email and any files transmitted with it are 
confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are not 
the original recipient or the person responsible for delivering the email to the intended recipient, be advised that 
you have received this email in error, please delete it from your system without copying it, and notify the sender by 
reply email so that our address record can be corrected. Thank you. Symbion, Inc.

________________________________
From: pauldotcom-bounces () mail pauldotcom com <pauldotcom-bounces () mail pauldotcom com>
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com>
Sent: Wed Sep 08 15:59:43 2010
Subject: [Pauldotcom] Presentation Advice

I'm giving a security presentation to a room full of non IT folks in a few weeks. The point I want to drive home is 
that simply having AV and a Firewall doesn't make you bulletproof. There is a big gap between what the bad guys can do 
and what modern security apps can stop or catch. I think one way to help bridge this gap would be to raise user 
awareness and to get users thinking about security issues. I believe most users think that with AV/Firewall and not 
clicking on links, they're safe.

I was planning on doing a live demo (crossing fingers) to make this point. I will set up a rogue AP ("FreeWIFI Connect 
to ME!"), connect a client machine and then demonstrate some MITM attacks. I'll also throw in some SET to have some 
meterpreter fun. Password stealing, key logging, sound recording etc... I know I cant get too technical and if I do, 
I'll loose the group. I think this demo would get their attention but was wondering if anyone has done this before and 
if so, what did you do?

Disclaimer: The email and files transmitted with it are confidential and are intended solely for the use of the 
individual or entity to whom they are addressed.  If you are not the original recipient or the person responsible for 
the delivering the email to the intended recipient, be advised that you have received this email in error, and that any 
use, dissemination, forwarding, printing or copying of this email is strictly prohibited.  If you received this email 
in error, please delete it from your system without copying it, and notify the sender by reply email so that our 
address record can be corrected.  Thank you. Symbion, Inc.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault