Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: Presentation Advice
From: Andrew Johnson <email () andrewcjohnson com>
Date: Wed, 8 Sep 2010 21:35:03 -0500

I'd make the demonstrations visual and limit the technical jargon as much as
possible. You'll definitely lose people if you start talking about things
like meterpreter and hashes. Honestly, I'd avoid a command-line if you can.
Use tools like Cain and Network Miner that clearly present information to an
untrained eye. You want to convey the ease with which these attacks can be
performed. If the demo is too far over their heads, it's not going to
register as a significant threat (i.e. the super hackers with that level of
skill are going to focus on governments, banks, celebrities, etc.). The
recent DLL hijacking
vulnerability<http://www.offensive-security.com/offsec/microsoft-dll-hijacking-exploit-in-action/>would
be another good demo if you could use a VNC payload (I haven't tested
it). "All you had to do was open a PowerPoint file, and now I can see your
desktop."

Make sure they realize why the average user is at risk. However, don't go
overboard. There's a fine line between making a point and terrifying
someone. We always quasi-joke about how the casual users we perform security
awareness training for don't touch their computers for a week or two
afterwords. I'm serious. Just explaining what a rootkit is often blows
people's minds. You really aren't going to have to do anything l33t to make
an impact; I'd focus much more on making it relatable.

-A

On Wed, Sep 8, 2010 at 3:59 PM, Craig Freyman <craigfreyman () gmail com>wrote:

I'm giving a security presentation to a room full of non IT folks in a few
weeks. The point I want to drive home is that simply having AV and a
Firewall doesn't make you bulletproof. There is a big gap between what the
bad guys can do and what modern security apps can stop or catch. I think one
way to help bridge this gap would be to raise user awareness and to get
users thinking about security issues. I believe most users think that with
AV/Firewall and not clicking on links, they're safe.

I was planning on doing a live demo (crossing fingers) to make this point.
I will set up a rogue AP ("FreeWIFI Connect to ME!"), connect a client
machine and then demonstrate some MITM attacks. I'll also throw in some SET
to have some meterpreter fun. Password stealing, key logging, sound
recording etc... I know I cant get too technical and if I do, I'll loose the
group. I think this demo would get their attention but was wondering if
anyone has done this before and if so, what did you do?

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]