Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Penetration Testing and Van Eck Scanning
From: shaun () 2600 CO ZA
Date: Mon, 13 Nov 2000 09:32:42 +0200

ISSO wrote:
I think TEMPEST eavesdropping has very limited value with today's low
rad monitors.

Short article in ZD's Smart Business Magazine of June 2000 (formerly PC
Computing) - page 72 - content as follows:

'Frank Jones, a former police officer who now develops TEMPEST scanners for
authorized government agencies, outlined the security threat of
electromagnetic radiation in his 1996 essay, "Nowhere to Run...Nowhere to

'During a day trip to downtown New York City with a portable TEMPEST
scanner, Jones found that "with the proper frequency tuning, antenna
manipulation,...and vehicle location, we could monitor just about anyone,
anywhere, anytime." Jones's successful targets included the New York Post,
City Hall, and several midtown banks at ranges of up to 300 yards.'

Further down the article it also mentions that Jones' latest TEMPEST
scanner - the DataScan TEMPEST Monitoring System, is capable of reaching
ranges of 1000 yards.

I would not be too quick to eliminate TEMPEST scanning as a very real
threat, both of external attack, and of government CANIVORE-esque behaviour.
One could include in their pen-test a physical audit which would check
things like the age of the monitors for the important servers, location of
the most important machines relative to the exterior of building, and their
height above the ground floor (or below).

Shaun Dewberry
2600 Computer Security

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]