|
Penetration Testing
mailing list archives
RE: Testing the user community
From: Des Ward <security () senticom co uk>
Date: Tue, 30 Jan 2007 22:41:30 +0000
Buy ten thumb drives, put a piece of code on them to sent a net message to your server internally or something similar
(Basically you want the devices to phone home once placed in the users workstation) then you'll find how many people
are still dumb enough to put an unknown device in their corporate system.
-----Original Message-----
From: webmaster () absolutenetworks biz
To: pen-test () securityfocus com
Sent: 30/01/07 14:12
Subject: Testing the user community
We all know our weak link but how do you identify just how weak they are? I
think it's time to pen test my user community and have a couple ideas to gather
statistics on just how nonaware they really are. Maybe a simple phishing scam
and bogus email with a fake virus attachment that emails me when it's opened so
I can track how many folks actually opened it. Has anyone ever done this
before? I can't find any information about it on the web.. thoughts and ideas
anybody?
Many thanks
Kurt
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
