Index
Note: Page numbers followed by b indicate boxes, f indicate figures and t indicate tables.
0-9, and Symbols
802.1X
AP connection stages
89
crack attack
114
default password break-ins
127
legacy SSIDs
123
rogue-on-rogue attack
107
802.11
acronyms
120
ad hoc bridged interfaces
125–126
basic wireless technology
102
Doctor Reflecto
94
Farewell Attacks
106
IBSS
119
WiFi/WLAN EMR spectrum
89
wireless hacking
91
wireless network characteristics
89t
802.11a
96
802.11b/g/n
access point example
97f
Doctor Reflecto
96
11b, Queensland Attack
103
illegal channel beaconing
108
jammers
103
802.11w
106
802.15.1
89, 89t
see alsoBluetooth
802.15.4
89, 89t
802.16
89, 89t
802.20
89, 89t
A
Abilene Paradox
200–201
Access control lists (ACLs)
crack attack
114
guest wireless hacking
116
Access point (AP)
ad hoc bridged interfaces
126
ad hoc networks
119
aluminum foil enclosure
97f
antenna shorting
100f
basic wireless technology
102
Bogus Beacon attack
108
crack attacks
114
dead-end hijacking
110–111, 112
default password break-ins
127
Doctor Reflecto
95, 96
examples
92f, 97f
Fake AP project
109
Farewell Attacks
105
FCC regulations
101
flooding attacks
108
Google hacking
129
layer 1 denial of service attacks
91, 94
locking ceiling tile enclosure
95f
man-in-the-middle attack
111f
mirror/monitor attack
115
peer-to-peer-to-hack
117
rogue-on-rogue attacks
106
rogue SSID additions
122–123
virtual AP
119
whack-a-rogue
107
Ad hoc networks
bridged interface abuse
125–126
wireless hacking
119–120
Adobe, Inc., social engineering attack
24
Agency phone books, building security
37–38
Aireplay-ng, Farewell Attacks
105
AirJack, Farewell Attacks
105
Airplane safety, expert advice
185
AirTight Networks
120
Aluminum foil
access point enclosure
96, 97f, 98f
access point RF analysis
99f
Anti-virus software, wrappers
174
Anxiety, penetration tester approach
172
Anywho.com
140
Archetypal antennas
access point examples
92f
beamwidths samples
93t
examples
93f
layer 1 DoS attacks
91–93
ARP flooding, crack attack
113
Ask.com, for initial identification
141
ATM machines
expert advice
180
skimming
182
Auditors
Information Security Awareness Program
202, 218
Information Security Awareness standard
209
internal, physical security
47–48
Automated attacks
crack attack
112
penetration testing
173–174
Automated surveillance
155–156
AV, social engineering considerations
25
Azimuth
access point RF radiation pattern
92
omnidirectional antenna
93f
B
Backdoors, penetration testing automated attacks
173
Baker, Greg, expert advice
187–191
Bank account information, surveillance tactics
148–149
Basic Service Set (BSS), definition
120
Basic Service Set Identifier (BSSID), definition
120
Beamwidth
access point RF radiation pattern
92
antenna types
93t
Behavior, penetration testing
166
Bing, for initial identification
141
Biometrics, building security
38
Bittings
definition
76–77
depth keys
78
key creation
78–79, 80
mortise cylinder locks
81–83
mortise vs. rim cylinder locks
84
Black hats, social engineering effectiveness
2
Blippy.com
false login data
146
financial data mining
148–149
frequented locations
149
targeting prevention
161
Block, Matt
74–75
Blogs
financial data
148
initial identification
141
online exposure
151
signature phrases
154–155
social network/media disclosures
144, 145–146
third-party disclosures
152
Blogspot.com, false login data
146
Bluetooth
EMR spectrum
89
miniature surveillance equipment
158
wireless hacking
91
wireless network characteristics
89t
Body language, penetration testing approaches
172
Bogus Beacon attack
108
Bomb threats, Chicago example
40–42
Boolean strings, search terms
146
Booth, Evan
74–75
Bot herding, spear phishing
188–189
Bot net, spear phishing
188–189
Bridged interfaces, ad hoc networks
125–126
Bugmenot.com, false login data
146
Bug-sweeping, miniature surveillance equipment
158
Building security
see alsoPhysical security
basic considerations
35–40
corporate/agency phone books
37–38
employee badges
36
key control example
81b
lock checks
35–36
off-shift staff training
39–40
shredder technology
36–37, 37b
tailgating
38–39, 39b
tailgating countermeasures
39b
Bump keys
78
Burn bag, expert tip
37
Business plan, Information Security Awareness Program
196, 200–202, 213
C
Caller ID Spoofing, Paul Henry interview
23
Car alarm, EMR spectrum
88
Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
basic wireless technology
102
Queensland Attack
103
Cartoon character, Information Security Awareness Program
204
CDs, penetration testing
case study
176
overview
168–169
technology selection
173
Cellular technology, wireless network characteristics
89t
Certified Information Systems Security Professional (CISSP)
195
Chabris, Christopher
164–165
Chicago bomb threat, physical security example
40–42
Chief Executive Officer (CEO) support, Information Security Awareness Program
208, 221–222
Cialdini, Robert
166
Classification of Data Matrix
example
206f
Information Security Awareness Program
205–206
Clear channel assessment (CCA), Queensland Attack
103
Closed-circuit television (CCTV), EMR spectrum
89
Combination lock
bait and switch example
71–72
and commercial shim
72f
lock access
68
as popular lock
54
Communication methods
disruption concerns
193
expert advice
181
Communications Act (1934)
103
Communications Division, Information Security Awareness Program
219
Communications matrix, Information Security Awareness Program
216–217
Compliance Department, Information Security Awareness Program
218–219
Computer rooms, high security locks
42
Computer systems
crime perpetrator vs. victim
179
penetration testing case study
174
penetration testing permission considerations
175
Conkel, Hans
63
Cordless phones, EMR spectrum
89
Corporate Information Security Officer (CISO)
auditing issues
202
awareness program lessons
212–213
communications matrix
216
Information Security Awareness Program
208
Information Security Awareness Specialist
195
Internal Information Security Consultants
220
new-hire video
204
team benefits/drawbacks
201
Corporate Information Security Policy, Awareness Standard
209
Corporate security
expert advice
189
phone books
37–38
Cost risk benefit, information security awareness
197–198
Countermeasures
see alsoAwareness training
Chicago bomb threat example
40
forced entry
62
lock vulnerabilities
58
padlock shims
73–74
physical security risk assessment
34
social engineering
27–29
tailgating
39b
video security log review
43
Crack attack
overview
112–114
rainbow table
113
Craig's List, for initial identification
143
Credit card fraud
expert advice
182
financial checks
146–147
home document security
46
Credit card readers, social engineering
26–27, 27f
Critical infrastructures, definition
190
Critical to Quality (CTQ), Information Security Awareness Program effectivness
222
Cross cut shredders, expert tip
37b
Cuts
seeBittings
Cybercrime, law enforcement help
189–190
Cyber Crime Task Forces (CCTF), FBI-local law enforcement relationship
190
D
Data leakage prevention (DLP) tools, ad hoc attacks
119
Data theft, information security awareness
196–198
Deadbolt lock, semi-high-secure-room break-in example
63–64
Deadbolt retraction
basic tool
65f, 67f
semi-high-secure-room break-in
64–66
Dead-end hijacking
110–112
see alsoMan-in-the-middle attack
Deauthentication, Farewell Attacks
105
Decoy SSID
109–110
Default configuration wireless hacking
Google hacking
129–130, 130f
overview
126–130
passwords
127, 128f
WPA keys
127–129, 128f
Defcon Security Jam (2008)
110
Denial of service (DoS) attacks
see alsoLayer 1 denial of service (DoS) attacks; Layer 2 denial of service (DoS) attacks
802.11w standard
106
overview
91–112
rogue SSID additions
122
Depth keys
characteristics
78
example
79f
mortise vs. rim cylinder locks
84
Directional antennas, layer 1 DoS
94
Disassociation
Farewell Attacks
105
rogue-on-rogue attacks
106–107
Disclosures
social networks/media
144–146
surveillance and targeting
152–154
Disk drives, disposal
46b
Disk-type pin tumbler lock, example
57f
Distraction, penetration testing
165
Distributed denial of service (DDoS) attack, Queensland Attack
103–104
DocStoc.com
148
Doctor Reflecto
effectiveness
96–98
layer 1 DoS attack
94–98
Document retention/destruction policy, information security awareness
197
Domain Name Server (DNS), static IP hack
131
Door signs, physical security
42
Drake, Phil, expert advice
19–22
Drop ceilings, physical security
47
DVDs, penetration testing
168–169
Dynamic host configuration protocol (DHCP)
dead-end hijacking
110–111, 112
MAC address switching
133
mirror/monitor attack
115
static IP hack
131
E
Eavesdropping, third-party disclosures
153–154
Ebay, for initial identification
143
eDiscovery
197
Editor, Information Security Awareness Program
207
800 number, Information Security Awareness Program
212
Electromagnetic radiation (EMR)
definition
87–88
spectrum chart
88f
Electromagnetic spectrum
87–90
Electronic Crimes Taskforce
183
Elevation
access point RF radiation pattern
92
omnidirectional antenna
93f
Email addresses
awareness program information
205, 212
employment information
143
for initial identification
139–140, 143
penetration testing case study
174
PeopleFind sites
140
purchase habits
146–147
spoofing
154, 157
throwaway
140, 160
Email attachments
expert advice
187–188
spear phishing
188–189
Employee awareness, information security
196–198
Employee badges, building security
36
Employment information, targeting and surveillance
142–144
Energy companies, spear phishing attacks
24
Equipment “burial ground,” physical security
46
Executive protection, basic considerations
186
Executive Protection Institute
184
Extended Service Set (ESS), definition
120
F
Facebook
automated surveillance
156
data mining
23
disclosures
144, 145–146
false login data
146
with financial data
148–149
frequented location information
149
safety recommendations
161
social engineering
29
surveillance
144
third-party disclosures
152, 154
Fake AP project
109, 109f
FALE Association of Locksport Enthusiasts
74–75, 75f
Farewell Attacks
characteristics
104–106
and dead-end hijacking
110–111
Federal Bureau of Investigation (FBI)
contact by victim
189
Cyber Crime Task Forces
190
expert advice
187
InfraGard
190
spear phishing
188–189
Federal Communications Commission (FCC)
wireless hacking
101
wireless regulations
101–102
Federal law enforcement, CCTF
190
Federal Trade Commission (FTC)
credit card recommendations
183
identity theft
186
File cabinets, lock bypass example
54–55
Financial data, surveillance and targeting
146–149
Firefox, automated surveillance
155–156
Firewall
ad hoc attacks
119
social engineering considerations
25–26
Flickr
disclosures
144
surveillance
144, 145–146
travel patterns
150–151
Flooding attack
characteristics
108
crack attack
113
Forced entry
locks
60–63
method
61–63
Forced reflection, wireless hacking
94
Foreign spies, expert advice
181, 188
4-1-9 advance fee fraud, expert advice
181–182
411.com
140
FourSquare
149, 150
false login data
146
targeting prevention
161
target interaction
157
Frequency analyzer, WWII device example
90f
Frequented locations
case example
150
place as target
151–152
targeting and surveillance
149–152
target interaction
157
G
Gift cards, as targeting prevention
160
Global Positioning System (GPS)
with financial data
148–149
travel patterns
150–151
Google, Inc., social engineering attack
24
Google Advanced, for initial identification
141
Google Alerts, automated surveillance
155
Google Analytics, automated surveillance
156
Google Blog, for initial identification
141
Google Chrome, automated surveillance
155–156
Google Groups, for initial identification
141
Google hacking
default password break-ins
127
wireless device mgmt interface
129–130, 130f
Google Maps
for initial identification
142–143
targeting and surveillance
142–143
Google search
businessman surveillance case study
145
for initial identification
141, 143
surveillance and targeting
141
Google Street View, surveillance information
151–152
GoWalla
frequented locations
149
targeting prevention
161
target interaction
157
user information posting
150
“Graffiti-man,” place targets
151–152
Gramm-Leach-Biley Act (GLBA)
201
Gucci, social engineering attack
24
Guest attack
116–117
H
Half-duplex system, basic wireless technology
102
Handheld authentication device, building security
38
Hashes, rainbow table
113
HBGary, social engineering attack
24
Headless devices, ad hoc bridged interfaces
126
Henry, Paul, expert advice
22–26
Hole 196 attack
114
Homeinfomax.com
142
Home security
documents
46b
physical security tips
48
security cameras
48b
Hotel safety, expert advice
185
HP WESM, legitimate-looking rogue APs
124
Human factor, penetration testing
basic considerations
164–166
magic as distraction
165
selective attention
164–165
trust and behavior
166
Hypertext Markup Language (HTML), free Wi-Fi hack
134
I
Icerocket.com
145
ID badges
building security
36
Chicago bomb threat example
40–41
penetration testing case study
176
Identity theft
expert advice
186
home document security
46
IDS, social engineering considerations
25
Illegal channel beaconing
seeBogus Beacon attack
Impendance mismatch, access point antenna shorting
100, 100f
Independent basic service sets (IBSS)
definition
120
wireless hacking
119–120
Industrial-scientific-medical (ISM) band
wireless network uses
89t
Infomercials, Information Security Awareness Program
215
Information Security Awareness Program
accessibility
212
administration component
200
alliance building
217–220
Audit Department
218
Awareness Standard author
209–210
Awareness Standard requirements
209
business plan
201–202
Classification of Data Matrix
205–206, 206f
communications matrix
216–217
Compliance Department
218–219
components
204–205
creativity in
214–215
design
198–207
editor's importance
207
effectiveness measurement
221–223
funding
213–214
GLBA
201
group support
199
implementation
207–215
importance of repetition
199
improvements over time
223f
informercials
215
Internal Information Security Consultants
220
key components/cumulative effect
222–223
Legal Department
218
lessons from
212–213
manager's QRG
206–207
on-line program risks
211
perpetual program
210
Personnel Department
219
presentation components
202–204
presentation importance
203–204
presentation question anticipation
202–204
Privacy Division
218
product appearance
205
product/material content
207
program control
219
program materials
217f
program viability
220
progress graph
224f
QRG as initiator
211–212
resource alternatives
220
security as company mindset
216–220
“The String Analogy”
210
team benefits/drawbacks
200–201
touch points
199–200
trainees
211
Training and Communications Division
219
web site example
215f
win-win solutions
210
Information Security Awareness Specialist
195
Information Security Awareness Standard
author
209–210
Corporate Information Security Policy
209
requirement examples
209
Information security awareness training
business plan
196
characteristics
195
cost risk benefit
197–198
data theft
196–198
employee awareness
196–198
information security awareness specialist
195
intrapreneur
195–196
key control
71
non-compliance costs
197
overview
194–198
people involved
194–196
InfraGard
187, 189, 190
Initial identification
PeopleFind sites
140
surveillance
139–142
targeting example
141
Injection attacks, cracks
113
Inside threats, physical security
34–35
Instant Messaging
safety recommendations
161
target interaction
157
Intelius.com
140, 146
Internal auditors
lock auditing
68
physical security
47–48
Internal Information Security Consultants
220
Internet
for initial identification
139–140
on-line blackmarketing case
155
penetration testing automated attacks
173
penetration testing case study
175–176
personal information removal
142
safety recommendations
160–161
Internet Explorer, automated surveillance
155–156
Internet Service Provider (ISP), default PSK lookup
127, 128f
Intrapreneur
characteristics
195–196
team benefits/drawbacks
200–201
Investment information, surveillance
146–149
“The Invisible Gorilla”
164–165
iPad
information security awareness
196
MAC address switching
133
as scanning device
158
SSID issues
117
WiFi scanner app
159
IPS, social engineering considerations
25
IPSec tunnel, mirror/monitor attack
115
Iran's Nuclear Fuel Centrifuges, SCADA system attack
24
isearch.com
139–140
J
Jammers, layer 1 DoS attacks
102–103
“John attack,” wireless hacking
98–101
Juniper Networks, social engineering attack
24
K
Karma tool, dead-end hijacking
110–111
Key control
awareness training
71
basic considerations
70–71
building security example
81b
individuals with access
70–71
social engineering
70
system set-up
71b
Key covers, example
84f
Key gauge
example
79f, 84f
key creation
80
Key Ghost hardware loggers
13, 15f
Key-in-knob lock
lock access
68
lock removal
78–79
secure room break-in example
63–64
Key micrometers, key creation
79–80
Key retention
lock quality/effectiveness
57
padlock shims
74
Keys
creation
78–79
creation without machine
79–81
creation tools
79f
depth keys
78
examples
77–79, 77f
overview
76–79
pin tumbler/warded
56f
rim cylinder lock
60f
Keystroke logger
expert tip
15
social engineering
13–16
USB thumb drives
167
Kindles, SSID issues
117
Knowx.com
140–141
L
Laptop security, information security awareness
196
Law enforcement
CCTF
190
expert advice
180–191
overview
179
Layer 1 denial of service (DoS) attacks
access point antenna shorting
100f
archetypal antennas
91–93
directional antennas
94
Doctor Reflecto
94–98
electrical tampering
98–101
FCC regulations
101–102
jammers
102–103
overview
91–104
Queensland Attack
103–104
Layer 2 denial of service (DoS) attacks
Bogus Beacon
108
dead-end hijacking
110–112
decoy SSID
109–110
Farewell Attacks
104–106
flooding
108
man-in-the-middle attack
110
overview
104–112
rogue-on-rogue attack
106–107
whack-a-rogue
107–108
Learning Management System (LMS), Information Security Awareness Program
218–219
Legal Department, Information Security Awareness Program
218
LinkedIn
data mining
23
false login data
146
with financial data
148–149
safety recommendations
161
surveillance
144
third-party disclosures
152
Listening devices
example
17f
social engineering
16
Litigation, information security awareness
197
Local Area Networks (LANs)
characteristics
89t
decoy SSID
109
default PSK lookup
127
wireless hacking
91
Local law enforcement, CCTF
190
Lock examples
disk-type pin tumbler lock
57f
high-quality high-security lock
64f
mortise cylinder lock
81–85, 82f
mortise vs. rim cylinder locks
83–85
pin tumbler padlock
53f, 54–55, 55f, 56f, 57f, 68
rim cylinder lock
60f
warded padlock
54–55, 56f
Lock picking
FALE team example
75–76
learning
74–76
legal issues
53b
overview
51–59
penetration tester permission
52b
suggested reading
62b
Lock picking example
bait and switch
71–74
padlock shims
73–74
pin tumbler hack
68
secured office complex door
69f
semi-high-secure-room break-in
bolt hack tool
65f, 67f
bolt retraction
64–66
lock access
66–69
lock example
64f
overview
63–69
Locks
access point enclosures
95
advanced reference materials
59
building security
35–36
bypassing example
54–55
computer rooms/phone closets
42
forced entry
60–63
forced entry method
61–63
overview
51–59
popular types
54–56
quality vs. effectiveness
57–58
rack houseing
96f
suggested reading
62b
vulnerabilities
58–59, 59f
Login2.me
146
Long, Johnny
73, 129
“Looking the part,” penetration testing
170b
M
MAC address
ad hoc bridged interfaces
126
Farewell Attacks
105
free Wi-Fi hack
134
legitimate-looking rogue APs
125
peer-to-peer-to-hack
117
rogue access points
122
security tool bypasses
130
spoofing
132
static IP hack
131
switching for access
133
Magic tricks, distraction component
165
Manhole covers
example
45f
subterranean vulnerabilities
44
Man-in-the-middle attack
see alsoDead-end hijacking
example
110
peer-to-peer-to-hack
118
Marino, Tony, expert advice
180–187
Marlinspike, Moxie
113–114
Master keys
key control
71
key creation
79
mortise vs. rim cylinder locks
83
MD5 hash, rainbow tables
114
Medeco locks, key control
71
Metasploit, penetration testing automated attacks
173
Metro Area Network (MAN)
characteristics
89t
EMR spectrum
89
Micrometer
example
79f
key creation
79–80
mortise vs. rim cylinder locks
84
MicroSD USB storage device
penetration testing
168, 168f
usage
168
Microsoft, social engineering flaw remediation
26
Microwave oven, EMR spectrum
88
Military.com, for initial identification
141–142
Miniature surveillance equipment
158–159
Mirror/monitor attack
115–116
Mobile Broadband Wireless Access (MBWA), EMR spectrum
89
Mogull, Rich
110, 118
Morse, Samuel
193
Mortise cylinder lock
characteristics
81–85
example
82f
vs. rim cylinder lock
83–85
Motion-sensing cameras, home security
48
Motion-sensing lights, as physical security
43–44
Mounting plate, lock forced entry
61
Murdoch, Rupert, social engineering attack
24
Mushroom pins, lock quality/effectiveness
57
MySpace
disclosures
144
false login data
146
safety recommendations
161
surveillance
144
third-party disclosures
153
travel location information
151
N
Neighborhood routes, targeting and surveillance
142–144
Nemesis, Farewell Attacks
105
Netronline.com
142
Network access control (NAC)
ad hoc bridged interfaces
126
MAC address switching
133
mirror/monitor attack
115
rogue access points
122
security tool bypasses
130
static IP hack
131
Network Interface Controller (NIC)
ad hoc bridged interfaces
125
Bogus Beacon attack
108
dead-end hijacking
110–111
Farewell Attacks
105
Queensland Attack
103
rogue-on-rogue attacks
106
signal extender
93f
New-hire video, Information Security Awareness Program
204
News Corp., social engineering attack
24
“Night Dragon” malware, energy company spear phishing
24
Nine Lives
184
NMAP
ad hoc bridged interfaces
126
guest wireless hacking
116
O
Office complex, secured door example
69f
Off-shift staff, building security training
39–40
Ollam, Deviant
59, 62, 73
Omnidirectional antennas
azimuth and elevation radiation charts
93f
beamwidth sample
93t
characteristics
92
123people.com
140
Online directories, building security
38
On-line Information Security Awareness Program
GLBA
201
program control
219
risks
211
team concept
201
Operating systems
CD/DVD-based penetration testing
168
malicious attacks
187–188
Operation Aurora, social engineering attack
24
Organizational culture, penetration testing
170
Organizational Unique Identifier (OUI), MAC address switching
133
Orthogonal frequency-division multiplexing (OFDM), 802.11a/g/n
104
Outside threats, physical security
34–35
P
Padlock shim
countermeasures
73–74
example
72f, 76f
key creation
78–79
mortise cylinder lock
81
mortise vs. rim cylinder locks
83
types
76
usage considerations
73
Parabolic dish antennas, beamwidth sample
93t
Passive intelligence collection, and target interaction
156
Passports, protection
185–186
Passwords, default configuration wireless hacking
127, 128f
Patch antennas
beamwidth sample
93t
characteristics
92
example
93f
PATRIOT Act
183
Payload introduction, penetration testing
172b
Payment Card Industry Data Security Standard (PCI DSS)
legitimate-looking rogue APs
125
rogue access points
120
PayPal, for safe transactions
140
Peer-to-Peer (P2P) network searches
dangers
147
safety recommendations
160
targeting and surveillance
147–148
Penetration testing
approach
172b
automated attacks
173–174
case study
approaching conference staff
176
approaching hotel staff
175
overview
174–176
permission considerations
175
CDs/DVDs
168–169
compromising locks
81–83
drop ceilings
47
equipment “burial ground”
46
human factor
basic considerations
164–166
magic as distraction
165
selective attention
164–165
trust and behavior influence
166
key creation
79–80
location decisions
171
lock picking legal issues
53b
lock picking permission
52b
“looking the part”
170b
MicroSD USB storage device
168f
motion-sensing light security
43–44
non-functioning lock issues
68
organizational culture
170
overview
163
project organization
170–174
staging effort
169–170
strategy decisions
171–172
subterranean vulnerabilities
44–45
target location considerations
169–170
target organization
169–170
technology basics
166–169
technology selection
172–174
tester body language
172
USB device usage
168
USB thumb drives
166–168, 167f
Peoplefinders.com
140
PeopleFind sites
financial/background checks
146–147
free vs. fee-based
140
initial identification
139–140
personal information removal
142
safety recommendations
160
Peoplelookup.com
140
People.yahoo.com
140
Permission considerations, penetration testing
175
Personal Area Network (PAN)
characteristics
89t
EMR spectrum
89
wireless hacking
91
Personal identifiable information (PII), targeting prevention
160
Personal information
Information Security Awareness training
211
initial identification
139–142
PeopleFind sites
140
removal from Internet
142
safety recommendations
160, 185
shredders
37
spear phishing
188–189
third-party disclosures
153
vehicle registration
80–81
Personal protection, expert advice
184
Personal Protection Specialists (PPS)
184
Personnel Department, Information Security Awareness Program
219
Phillips, Bill
62
Phishing, vs. spear phishing
187–188
Phone books, corporate building security
37–38
Phone closets
high security locks
42
physical security
42
Phonenumber.com
140
Photobucket
surveillance
145–146
travel patterns
150–151
Photograph data, travel patterns
150–151
Physical security
access point enclosure
95f
antennas
95
buildings
basic considerations
35–40
corporate/agency phone books
37–38
employee badges
36
key control example
81b
lock checks
35–36
off-shift staff training
39–40
shredder technology
36–37, 37b
tailgating
38–39, 39b
tailgating countermeasures
39b
Chicago bomb threat example
40–42
disk drive disposal
46b
door signs
42
drop ceilings
47
equipment “burial ground”
46
expert advice
185–186
home documents
46
home security cameras
48b
home security tips
48
internal auditors
47–48
lockable rack housing
96f
manhole cover
45f
motion sensing lights
43–44
outside threats
34–35
overview
31
phone closets
42
risk assessment example
basic considerations
32–34
basic risks
32–33
countermeasures
34
vulnerabilities
33
subterranean vulnerabilities
44–45, 45f
video security log review
43
Piggybacking
seeTailgating
Pin tumbler locks
characteristics
54–55
as common type
70
disk-type
57f
example
53f, 55f
FALE team picking example
75–76
mortise cylinder lock
81
pin removal hack
68
Pipl.com
139–140
Pippin file, key creation
80
Place targeting, basic considerations
151–152
Plaintext hash, rainbow tables
114
Pleaserobme.com
150
Presentations
infomercials
215
information Security Awareness Program
202–204
question anticipation
204
Pre-shared key (PSK)
crack attack
112
default configuration hacking
127
legacy SSIDs
123
rainbow tables
114
Printers, ad hoc bridged interfaces
125–126
Prism Test Utility, Queensland Attack
103
Privacy Division, Information Security Awareness Program
218
Private Branch Exchange, phone closet security
42
Project organization, penetration testing
approach considerations
172b
basic considerations
170–174
body language
172
location decisions
171
strategy decisions
171–172
technology selection
172–174
Property records
self-research tips
143
targeting and surveillance
142–144
Protect Information Properly (PIP)
212–213
Proxy servers, penetration testing automated attacks
173
Public Branch Exchange (PBX)
phone closet security
42
physical security outsider/insider threats
34
social engineering example
21
Public Secure Packet Forwarding (PSPF), peer-to-peer-to-hack
118
Pulford, Graham W
62
Purchase habits, surveillance
146–149
Putty tool, Google hacking
129
Q
Queensland Attack
802.11b networks
104
characteristics
103–104
Quick Reference Guide (QRG)
awareness program effectiveness
221
Classification of Data Matrix
205–206
Information Security Awareness Program
199–200, 204, 208, 211–212
for managers
206–207
Personnel Department coordination
219
security as company mindset
216
R
Rackspace, social engineering attack
24
Radio control (RC) equipment, EMR spectrum
89
Radio frequency (RF)
access point in foiled enclosure
99f
access point in foil-less enclosure
99f
access point radiation pattern
92
basic wireless technology
102
Bogus Beacon attack
108
directional antennas
94
Doctor Reflecto
94, 96
EMR spectrum
88–89
forced reflection
94
layer 1 denial of service attacks
91–92
Queensland Attack
103, 104
rogue access points
122
rogue SSID additions
123
wave canceling
102f
RADIUS, default password break-ins
127
Rainbow table, basic concept
113
Real estate search engines, examples
142
Realestate.yahoo.com/Homevalues
142
Rebate check scam, bank account targeting
148–149
Reference books, social engineering countermeasures
28–29
Rim cylinder lock
example
60f
forced entry
60
vs. mortise cylinder lock
81, 83–85
Risk assessment, physical security example
basic considerations
32–34
basic risks
32–33
countermeasures
34
threats
33
vulnerabilities
33
Risk management
evaluation process
33b
Information Security Awareness Program
224
Robmenow.com
150
Rogue access points
bridged interface abuse
125–126
introduction on network
121–122
legacy SSIDs
123
legitimate-looking APs
124–125
overview
120–126
SSID additions
122–123
Rogue detection, definition
106
Rogue mitigation
challenges
122
definition
106
Rogue-on-rogue attack
characteristics
106–107
vs. whack-a-rogue
107
Rootkit, peer-to-peer-to-hack
118
Routers
ad hoc attacks
119
Google hacking
129
RSA, social engineering attack
24
RSS feeds, automated surveillance
155
S
Safari, automated surveillance
155–156
SCADA systems
data mining
23
Iran's Nuclear Fuel Centrifuges
24
Scanners, surveillance
158–159
Screwdriver
compromising locks
81–83
forced entry
60, 61–62
lock removal
78–79
“Script Kiddy”
187–188
Sector antennas, beamwidth sample
93t
Security cameras
EMR spectrum
89
home security
48b
Security tool bypasses
free Wi-Fi hack
134
MAC address switching
133
MAC spoofing
132
static IP hack
131–132
wireless hacking
130–134
Selective attention, definition
164–165
Self-disclosures, social networks/media
144–146
Self-loading Trojan, USB thumb drives
167
Semi-high-secure-room break-in, lock picking example
bolt hack tool
65f, 67f
bolt retraction
64–66
lock access
66–69
lock example
64f
overview
63–69
Sensitive compartmented information facility (SCIF), scanner/miniature equipment checks
158
September 11 attacks, Electronic Crimes Task Force
183
Service Set Identifier (SSID)
Bogus Beacon attack
108
cloaking
117
crack attack
114
dead-end hijacking
110–111, 112
decoy SSID
109–110
default WPA key hacking
127
definition
120
layer 1 DoS attack
98
legacy SSIDs
123
legitimate-looking rogue APs
124
peer-to-peer-to-hack
117
rogue access points
122–123
Sheesley, Adam
74–75
Shoulder surfing, definition
183
Shredder technology
building security
36–37
cross cut shredders
37b
Signature phrases, surveillance and targeting
154–155
Simons, Daniel
164–165
Site survey, RF signal documentation
96
Skimming, expert advice
182
Slide hammer
example
61f
forced lock entry
61–62
Slideshare.com
148
Slogans, Information Security Awareness Program
204
Smartphone
automated surveillance
155
frequented location tracking
150–151
as listening device
158
neighborhood route mapping
143
WiFi scanner app
159
YouTube videos
151–152
Smishing, target interaction
156
Sneakers (1992)
44–45
Sniffers, crack attack
112
SNMP
Google hacking
129
mirror/monitor attack
115
rogue-on-rogue attack
107
rogue SSID additions
122
Social engineering
AV, IDS, IPS considerations
25
compromising locks
81–83
conversation eavesdropping
16–18
countermeasures
27–29
credit card readers
26–27, 27f
effectiveness
2–3
email attachments
187–188
engineer's point of view
3
expert advice
180
firewall considerations
25–26
flaw remediation
26
having fun with
29
key access
70
key creation
78–80
keystroke logger
13–16
lock bait and switch
72
mortise vs. rim cylinder locks
83
motion-sensing light security
43–44
neighborhood scam
157
overview
1
Paul Henry interview
22–26
Phil Drake interview
19–22
phone book security
37–38
suspicious phone technicians
19b
target interaction
156
victims
3–4
Social engineering example
analysis of scam
9–10
follow-up questions
8–9
initial question
7–8
key information
8
Social Engineering: The Art of Human Hacking (Hadnagy)
28
Social engineering tools
examples
4–5, 6f
favorite examples
5–7
hat
10f
listening devices
17f
overview
10–18
penetration team bag
4f, 5f
telephone butt-in set
18, 18f, 19
tool belt
11f, 12
Social media surveillance
144–146
Social networks
identity theft
186–187
safety recommendations
160–161
surveillance
139, 144–146
SPAM mail approach, spear phishing
188–189
Spear phishing
definition
188–189
energy company attacks
24
expert advice
187–188
target interaction
156
Spokeo.com
140
Spoofing
Caller ID
23
ease of learning
157
Farewell Attacks
105
identity theft
186–187
MAC addresses
132
target interaction
156–157
Spy gear, surveillance
158
Staging efforts, penetration testing
169–170
State law enforcement, CCTF
190
Static IP address, wireless hacking
131–132
Stickers, Information Security Awareness Program
205
Strategy decisions, penetration testing
171–172
“The String Analogy”
210
Subject Matter Experts (SMEs), Information Security Awareness Program
207
Subterranean vulnerabilities
manhole cover
45f
physical security
44–45, 45f
Surveillance
automated
155–156
businessman case study
145
employment information
142–144
financials, investments, purchase habits
146–149
free vs. fee-based PeopleFind sites
140
frequented locations
149–152
historical overview
137
initial identification
139–142
military personnel addresses example
159
miniature equipment examples
158
neighborhood routes
142–144
on-line blackmarketing case
155
P2P dangers
147
personal bank accounts
148–149
place as target
151–152
planning stage
138
property records
142–144
safety recommendations
160–161
scanner and miniature equipment
158–159
self-research on property records
143
signature phrases
154–155
social network/media disclosures
144–146
targeting example
141
target interaction
156–157
third-party disclosures
152–154
travel location example
151
travel patterns
149–152
Surveys
access points and antennas
94, 101, 124
Information Security Awareness Program
administration
200
effectiveness
221–222
implementation
207
Personnel Department participation
219
progress measurement
222, 224f
RF signal site survey
96
social network/media disclosures
144
Suspiciousness, as social engineering countermeasure
28
Swartz, Aaron
132
Switches
ad hoc attacks
119
ad hoc bridged interfaces
126
Google hacking
129
Symantec, social engineering attack
24
T
Tailgating
building security
38–39
countermeasures
39b
definition
39b
“Take Charge” publication (FTC), credit card recommendations
183
Tamper test, access point enclosures
96, 97f, 98f
Targeting
automated surveillance
155–156
businessman case study
145
employment information
142–144
example case
141
financials, investments, purchase habits
146–149
free vs. fee-based PeopleFind sites
140
frequented locations
149–152
historical overview
137
initial identification
139–142
military personnel addresses example
159
miniature equipment examples
158
neighborhood routes
142–144
neighborhood scam
157
on-line blackmarketing case
155
P2P dangers
147
personal bank accounts
148–149
place as target
151–152
planning stage
138
property records
142–144
safety recommendations
160–161
scanner and miniature equipment
158–159
self-research on property records
143
signature phrases
154–155
social network/media disclosures
144–146
targeting example
141
target interaction
156–157
third-party disclosures
152–154
travel location example
151
travel patterns
149–152
Target organization
location considerations
169–170
location decisions
171
organizational culture
170
penetration testing
169–170
Task Force Officer (TFO)
191
TaskForces, USSS
184
Team concept
Information Security Program
200–201
manager's QRG
206
Technology basics, penetration testing
automated attacks
173–174
CDs/DVDs
168–169
MicroSD USB storage device
168f
overview
166–169
selection
172–174
USB devices
168
USB thumb drives
166–168, 167f
Teflon plumbers tape, compromising locks
81–83
Telephone butt-in set
expert opinion
19
social engineering
18, 18f
Terrorism, expert advice
181, 188
Texting, third-party disclosures
154
Third-party disclosures
example
153
surveillance and targeting
152–154
Tobias, Mark Weber
62–63
Tools
see alsoSecurity tool bypasses; Social engineering tools
data leakage prevention
119
dead-end hijacking
110–111
Google hacking
129
Touch point, Information Security Awareness Program
199–200
Training
see alsoInformation security awareness training
key control awareness
71
lock picking
74–76
off-shift staff for security
39–40
Training and Communications Division, Information Security Awareness Program
219
Travel patterns
example case
151
targeting and surveillance
149–152
Trojan Horse
man-in-the-middle attack
110–111
penetration testing
automated attacks
173
case study
175–176
permission considerations
175
self-loading, USB thumb drives
167
physical security outsider/insider threats
34–35
target interaction
156–157
Trust, penetration testing
166
Tweeting, third-party disclosures
152
Tweetscan.com
145
Twitter
automated surveillance
155
businessman surveillance case study
145
disclosures
144, 145–146
false login data
146
with financial data
148–149
frequented location information
149, 150
surveillance
144
target interaction
157
third-party disclosures
154
Two-part authentication, building security
38
U
USB thumb drives
penetration testing
166–168
penetration testing case study
175
penetration testing technology selection
173
standard size
167f
usage
168
U.S. Secret Service (USSS)
Electronic Crimes Taskforce
183
expert advice
180–187
TaskForces
184
U.S. State Department, stolen passports
185–186
V
Victims
computers as
179
law enforcement help
189
social engineering
3–4
Videoronk, automated surveillance
155–156
Video security logs, review
43
Virtual access point (AP)
119
Virtual local area networks (VLANs)
crack attack
114
Google hacking
129
guest wireless hacking
116
legitimate-looking rogue APs
124
mirror/monitor attack
115
peer-to-peer-to-hack
117
rogue access points
121
rogue SSID additions
123
SSID cloaking
117
static IP hack
131
Virtual machine (VM) software
automated surveillance
156
targeting prevention
161
Virtual Private Network (VPN), InfraGard
189, 190
Viruses, peer-to-peer-to-hack
118
Vishing, target interaction
156
Visual survey, access points and antennas
94, 101, 124
VLAN 2100, legitimate-looking rogue APs
124
Voice over IP (VoIP), social engineering example
21
Voice over Wireless (VoWiFi)
peer-to-peer-to-hack
118
wireless hacking
98
Vulnerabilities
Chicago bomb threat example
40
expert advice
181
forced entry
60
locks
58–59, 59f
mortise vs. rim cylinder locks
83
padlock shims
73–74
physical security risk assessment
33
subterranean
44–45, 45f
W
Warded padlock
characteristics
54–55
example
56f
keys
56f
Web browser add-ons, automated surveillance
155–156
Welborn, Jon
74–75
WEP
crack attack
112
default configuration hacking
127
legacy SSIDs
123
Whack-a-rogue attacks
107–108
Whaling
see alsoSpear phishing
target interaction
156
Whitepages.com
140
Whostalkin.com
144–145
WiFi scanners, surveillance
159
Winsock Packet Editor, Farewell Attacks
105
Wireless hacking
802.11 acronyms
120
802.11 and Bluetooth
91
802.11w standard
106
access point examples
92f
ad hoc networks
119–120
antenna beamwidths
93t
antenna types
93f
basic wireless technology
102
bypassing security tools
130–134
crack attack
112–114
default configurations
Google hacking
129–130, 130f
overview
126–130
passwords
127, 128f
WPA keys
127–129, 128f
DoS overview
91–112
electromagnetic spectrum
87–90
EMR spectrum chart
88f
Fake AP project
109f
FCC
101
forced reflection
94
free Wi-Fi
134
guest attack
116–117
layer 1 DoS
access point antenna shorting
100f
archetypal antennas
91–93
directional antennas
94
Doctor Reflecto
94–98
electrical tampering
98–101
FCC regulations
101–102
jammers
102–103
overview
91–104
Queensland Attack
103–104
RF wave canceling
102f
layer 2 DoS
Bogus Beacon
108
dead-end hijacking
110–112
decoy SSID
109–110
Farewell Attacks
104–106
flooding
108
man-in-the-middle attack
110
overview
104–112
rogue-on-rogue attack
106–107
whack-a-rogue
107–108
lockable rack housing
96f
MAC address switching
133
MAC spoofing
132
mirror/monitor attack
115–116
network uses and ISM band
89t
omnidirectional antenna characteristics
93f
peer-to-peer-to-hack
117–119
rainbow table
113
rogue access points
bridged interface abuse
125–126
introduction on network
121–122
legacy SSIDs
123
legitimate-looking APs
124–125
overview
120–126
SSID additions
122–123
safety recommendations
160
security challenges
90
SSID cloaking
117
static IP
131–132
virtual AP
119
WWII frequency analyzer
90f
Wireless IPS (WIPS)
default password break-ins
127
directional antennas
94
Farewell Attacks
106
IBSS traffic
120
Queensland Attack
104
rogue access points
122
rogue-on-rogue attacks
106
whack-a-rogue
107
Wireless Local Area Network (WLAN)
characteristics
89t
decoy SSID
109
default PSK lookup
127
wireless hacking
91
Wireless Metro Area Network (WMAN)
characteristics
89t
EMR spectrum
89
Wireless Personal Area Network (WPAN)
characteristics
89t
EMR spectrum
89
wireless hacking
91
Wireless Sensor Networks, EMR spectrum
89
Wireless Wide Area Network (WWAN)
89t
Withers, Don
184
WPA2
crack attack
114
default configuration hacking
127
legacy SSIDs
123
WPA Cracker
113–114
WPA keys, default configuration hacking
127–129, 128f
Wrappers
characteristics
174
penetration testing automated attacks
173–174
X
Xanga.com, false login data
146
Y
Yagi antennas
beamwidth sample
93t
characteristics
92
example
93f
Yahoo!
for initial identification
141
social engineering attack
24
YahooFinance, financial checks
148
Yale, Linus
70
Yelp, frequented location information
150
Yoname.com
144
Youropenbook.com
145
YouTube
forced entry example
61–62
key creation
79
padlock shims
73
place as target
151–152
public discussions
52
spoofing tutorials
157
surveillance information
145–146, 151–152
Z
Zabasearch.com
140
ZigBee
89, 89t
Zillow.com
142–143
ZoomInfo.com
140
Zuula.com
144
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset