ebook img

Unauthorised Access: Physical Penetration Testing For IT Security Teams PDF

309 Pages·2009·2.62 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Unauthorised Access: Physical Penetration Testing For IT Security Teams

Unauthorised Access Unauthorised Access Physical Penetration Testing For IT Security Teams Wil Allsopp A John Wiley and Sons, Ltd., Publication Thiseditionfirstpublished2009 2009,JohnWiley&Sons,Ltd Registeredoffice JohnWiley&SonsLtd,TheAtrium,SouthernGate,Chichester,WestSussex,PO198SQ,UnitedKingdom Fordetailsofourglobaleditorialoffices,forcustomerservicesandforinformationabouthowtoapplyforpermissionto reusethecopyrightmaterialinthisbookpleaseseeourwebsiteatwww.wiley.com. TherightoftheauthortobeidentifiedastheauthorofthisworkhasbeenassertedinaccordancewiththeCopyright, DesignsandPatentsAct1988. Allrightsreserved.Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmitted,inanyform orbyanymeans,electronic,mechanical,photocopying,recordingorotherwise,exceptaspermittedbytheUK Copyright,DesignsandPatentsAct1988,withoutthepriorpermissionofthepublisher. Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsinprintmaynotbeavailable inelectronicbooks. Designationsusedbycompaniestodistinguishtheirproductsareoftenclaimedastrademarks.Allbrandnamesand productnamesusedinthisbookaretradenames,servicemarks,trademarksorregisteredtrademarksoftheirrespective owners.Thepublisherisnotassociatedwithanyproductorvendormentionedinthisbook.Thispublicationisdesigned toprovideaccurateandauthoritativeinformationinregardtothesubjectmattercovered.Itissoldontheunderstanding thatthepublisherisnotengagedinrenderingprofessionalservices.Ifprofessionaladviceorotherexpertassistanceis required,theservicesofacompetentprofessionalshouldbesought. ISBN978-0-470-74761-2 Typesetin10/12OptimabyLaserwordsPrivateLimited,Chennai,India PrintedandboundinGreatBritainbyBell&BainLtd,Glasgow To Nique for being herself and to my family for supporting and inspiring me. Contents Preface xi Acknowledgements xv Foreword xvii 1 The Basics of Physical Penetration Testing 1 WhatDoPenetrationTestersDo? 2 SecurityTestingintheRealWorld 2 LegalandProceduralIssues 4 KnowtheEnemy 8 EngagingaPenetrationTestingTeam 9 Summary 10 2 Planning Your Physical Penetration Tests 11 BuildingtheOperatingTeam 12 ProjectPlanningandWorkflow 15 Codes,CallSignsandCommunication 26 Summary 28 3 Executing Tests 29 CommonParadigmsforConductingTests 30 ConductingSiteExploration 31 ExampleTacticalApproaches 34 MechanismsofPhysicalSecurity 36 Summary 50 viii CONTENTS 4 An Introduction to Social Engineering Techniques 51 IntroductiontoGuerillaPsychology 53 TacticalApproachestoSocialEngineering 61 Summary 66 5 Lock Picking 67 LockPickingasaHobby 68 IntroductiontoLockPicking 72 AdvancedTechniques 80 AttackingOtherMechanisms 82 Summary 86 6 Information Gathering 89 DumpsterDiving 90 ShoulderSurfing 99 CollectingPhotographicIntelligence 102 FindingInformationFromPublicSourcesandthe Internet 107 ElectronicSurveillance 115 CovertSurveillance 117 Summary 119 7 Hacking Wireless Equipment 121 WirelessNetworkingConcepts 122 IntroductiontoWirelessCryptography 125 CrackingEncryption 131 AttackingaWirelessClient 144 MountingaBluetoothAttack 150 Summary 153 8 Gathering the Right Equipment 155 The‘‘GetofJailFree’’Card 155 PhotographyandSurveillanceEquipment 157 ComputerEquipment 159 WirelessEquipment 160 GlobalPositioningSystems 165 LockPickingTools 167 ForensicsEquipment 169 CommunicationsEquipment 170 Scanners 171 Summary 175

Description:
The first guide to planning and performing a physical penetration test on your computer's securityMost IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.