Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Penetration Testing and Van Eck Scanning(Frank Jon es)
From: "Loschiavo, Dave" <DLoschiavo () FRCC CC CA US>
Date: Mon, 13 Nov 2000 12:05:54 -0800

A search on ("Frank Jones" tempest spyking) will turn up some less than
flattering results regarding this individual. I am not in a posistion to
judge their accuracy, but do believe that a person should research thier
sources. So, before you go too far down the path Mr. Jones points out, you
might want to do a little digging.

-----Original Message-----
From: shaun () 2600 CO ZA
Sent: 11/12/00 11:32 PM
Subject: Re: [PEN-TEST] Penetration Testing and Van Eck Scanning

ISSO wrote:
I think TEMPEST eavesdropping has very limited value with today's low
rad monitors.

Short article in ZD's Smart Business Magazine of June 2000 (formerly PC
Computing) - page 72 - content as follows:

'Frank Jones, a former police officer who now develops TEMPEST scanners
authorized government agencies, outlined the security threat of
electromagnetic radiation in his 1996 essay, "Nowhere to Run...Nowhere

'During a day trip to downtown New York City with a portable TEMPEST
scanner, Jones found that "with the proper frequency tuning, antenna
manipulation,...and vehicle location, we could monitor just about
anywhere, anytime." Jones's successful targets included the New York
City Hall, and several midtown banks at ranges of up to 300 yards.'

Further down the article it also mentions that Jones' latest TEMPEST
scanner - the DataScan TEMPEST Monitoring System, is capable of reaching
ranges of 1000 yards.

I would not be too quick to eliminate TEMPEST scanning as a very real
threat, both of external attack, and of government CANIVORE-esque
One could include in their pen-test a physical audit which would check
things like the age of the monitors for the important servers, location
the most important machines relative to the exterior of building, and
height above the ground floor (or below).

Shaun Dewberry
2600 Computer Security

  By Date           By Thread  

Current thread:
  • Re: [PEN-TEST] Penetration Testing and Van Eck Scanning(Frank Jon es) Loschiavo, Dave (Nov 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]