Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Pen - Test technique: Shred diving

Re: Pen - Test technique: Shred diving

From: William Knowles <erehwon_at_c4i.org>
Date: Fri, 4 Jan 2002 06:17:11 -0600 (CST)

Pre-shred bins are great, one that has worked a few times in small
office buildings is getting the staff to use color coordinated garbage
bags, a little memo from what looks to be from building management
gets pretty fast compliance from the renters and makes the dumpster
diving a little easier than raiding all the dark garbage bags at once.

Cheers!

William Knowles
erehwon_at_c4i.org

On Thu, 3 Jan 2002, R. DuFresne wrote:
 
> even better, saving lots of time the 'pre-shred' bins, those waste
> disposal bins where whole sheets are dummped for later shredding,
> seldom locked, and very exposed, especially at night, when staff
> is low in count.

 
> On Thu, 3 Jan 2002, Mike Shaw wrote:
>
> > Don't know if this will pass list muster, but I just had a great time in a
> > client company's shredder bin.
> >
> > This was a very inadequate shredder, very wide 'noodles' and no
> > cross-shredding. I've always disregarded the shredder bin because I
> > thought it'd be too much trouble, but this is definitely not the case.
> >
> > I was able to reconstruct a page of text in about 20 minutes. This
> > particular page was not very useful, but it proved the point.

*====================================================================*
"Communications are the nervous system of the entire SAC organization,
and their protection is therefore, of the greatest importance. I like
to say that without communications, all I control is my desk, and that
is not a very lethal weapon." --- General T.S. Power U.S.A.F
----------------------------------------------------------------------
erehwon@c4i.org PGP Key on request http://www.c4i.org/erehwon/
*====================================================================*

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Jan 04 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]