A
Access control lists (ACLs)
guest wireless hacking
116Access point (AP)
ad hoc bridged interfaces
126aluminum foil enclosure
97fbasic wireless technology
102default password break-ins
127layer 1 denial of service attacks
91,
94locking ceiling tile enclosure
95fman-in-the-middle attack
111frogue-on-rogue attacks
106Adobe, Inc., social engineering attack
24Agency phone books, building security
37–38Aireplay-ng, Farewell Attacks
105AirJack, Farewell Attacks
105Airplane safety, expert advice
185Aluminum foil
access point RF analysis
99fAnti-virus software, wrappers
174Anxiety, penetration tester approach
172ARP flooding, crack attack
113Ask.com, for initial identification
141Auditors
Information Security Awareness Program
202,
218Information Security Awareness standard
209internal, physical security
47–48AV, social engineering considerations
25Azimuth
access point RF radiation pattern
92omnidirectional antenna
93fB
Backdoors, penetration testing automated attacks
173Bank account information, surveillance tactics
148–149Basic Service Set (BSS), definition
120Basic Service Set Identifier (BSSID), definition
120Beamwidth
access point RF radiation pattern
92Behavior, penetration testing
166Bing, for initial identification
141Biometrics, building security
38Bittings
mortise cylinder locks
81–83mortise vs. rim cylinder locks
84Black hats, social engineering effectiveness
Blogs
initial identification
141third-party disclosures
152Blogspot.com, false login data
146Bluetooth
miniature surveillance equipment
158wireless network characteristics
89tBody language, penetration testing approaches
172Bomb threats, Chicago example
40–42Boolean strings, search terms
146Bridged interfaces, ad hoc networks
125–126Bugmenot.com, false login data
146Bug-sweeping, miniature surveillance equipment
158Building security
basic considerations
35–40corporate/agency phone books
37–38off-shift staff training
39–40tailgating countermeasures
39bBusiness plan, Information Security Awareness Program
196,
200–202,
213C
Caller ID Spoofing, Paul Henry interview
23Car alarm, EMR spectrum
88Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
basic wireless technology
102Cartoon character, Information Security Awareness Program
204Cellular technology, wireless network characteristics
89tCertified Information Systems Security Professional (CISSP)
195Chicago bomb threat, physical security example
40–42Chief Executive Officer (CEO) support, Information Security Awareness Program
208,
221–222Classification of Data Matrix
Information Security Awareness Program
205–206Clear channel assessment (CCA), Queensland Attack
103Closed-circuit television (CCTV), EMR spectrum
89Combination lock
bait and switch example
71–72Communications Act (1934)
103Communications Division, Information Security Awareness Program
219Communications matrix, Information Security Awareness Program
216–217Compliance Department, Information Security Awareness Program
218–219Computer rooms, high security locks
42Computer systems
crime perpetrator vs. victim
179penetration testing case study
174penetration testing permission considerations
175Cordless phones, EMR spectrum
89Corporate Information Security Officer (CISO)
Information Security Awareness Program
208Information Security Awareness Specialist
195Internal Information Security Consultants
220team benefits/drawbacks
201Corporate Information Security Policy, Awareness Standard
209Cost risk benefit, information security awareness
197–198Countermeasures
Chicago bomb threat example
40physical security risk assessment
34video security log review
43Craig's List, for initial identification
143Credit card readers, social engineering
26–27,
27fCritical infrastructures, definition
190Critical to Quality (CTQ), Information Security Awareness Program effectivness
222Cross cut shredders, expert tip
37bCybercrime, law enforcement help
189–190Cyber Crime Task Forces (CCTF), FBI-local law enforcement relationship
190D
Data leakage prevention (DLP) tools, ad hoc attacks
119Data theft, information security awareness
196–198Deadbolt lock, semi-high-secure-room break-in example
63–64Deadbolt retraction
semi-high-secure-room break-in
64–66Deauthentication, Farewell Attacks
105Default configuration wireless hacking
Defcon Security Jam (2008)
110Denial of service (DoS) attacks
Depth keys
mortise vs. rim cylinder locks
84Directional antennas, layer 1 DoS
94Disk-type pin tumbler lock, example
57fDistraction, penetration testing
165Distributed denial of service (DDoS) attack, Queensland Attack
103–104Document retention/destruction policy, information security awareness
197Domain Name Server (DNS), static IP hack
131Door signs, physical security
42Drake, Phil, expert advice
19–22Drop ceilings, physical security
47Dynamic host configuration protocol (DHCP)
E
Eavesdropping, third-party disclosures
153–154Ebay, for initial identification
143Editor, Information Security Awareness Program
207800 number, Information Security Awareness Program
212Electromagnetic radiation (EMR)
Electromagnetic spectrum
87–90Electronic Crimes Taskforce
183Elevation
access point RF radiation pattern
92omnidirectional antenna
93fEmail addresses
awareness program information
205,
212employment information
143penetration testing case study
174Employee awareness, information security
196–198Employee badges, building security
36Employment information, targeting and surveillance
142–144Energy companies, spear phishing attacks
24Equipment “burial ground,” physical security
46Executive protection, basic considerations
186Executive Protection Institute
184Extended Service Set (ESS), definition
120F
Facebook
automated surveillance
156frequented location information
149safety recommendations
161third-party disclosures
152,
154FALE Association of Locksport Enthusiasts
74–75,
75fFederal Bureau of Investigation (FBI)
Cyber Crime Task Forces
190Federal Communications Commission (FCC)
Federal law enforcement, CCTF
190Federal Trade Commission (FTC)
credit card recommendations
183File cabinets, lock bypass example
54–55Financial data, surveillance and targeting
146–149Firefox, automated surveillance
155–156Firewall
social engineering considerations
25–26Forced reflection, wireless hacking
94Foreign spies, expert advice
181,
1884-1-9 advance fee fraud, expert advice
181–182Frequency analyzer, WWII device example
90fG
Gift cards, as targeting prevention
160Global Positioning System (GPS)
Google, Inc., social engineering attack
24Google Advanced, for initial identification
141Google Alerts, automated surveillance
155Google Analytics, automated surveillance
156Google Blog, for initial identification
141Google Chrome, automated surveillance
155–156Google Groups, for initial identification
141Google hacking
default password break-ins
127Google search
businessman surveillance case study
145for initial identification
141,
143surveillance and targeting
141Google Street View, surveillance information
151–152GoWalla
user information posting
150“Graffiti-man,” place targets
151–152Gramm-Leach-Biley Act (GLBA)
201Gucci, social engineering attack
24H
Half-duplex system, basic wireless technology
102Handheld authentication device, building security
38HBGary, social engineering attack
24Headless devices, ad hoc bridged interfaces
126Henry, Paul, expert advice
22–26Hotel safety, expert advice
185HP WESM, legitimate-looking rogue APs
124Human factor, penetration testing
Hypertext Markup Language (HTML), free Wi-Fi hack
134I
ID badges
Chicago bomb threat example
40–41penetration testing case study
176IDS, social engineering considerations
25Illegal channel beaconing
Impendance mismatch, access point antenna shorting
100,
100fIndependent basic service sets (IBSS)
Industrial-scientific-medical (ISM) band
Infomercials, Information Security Awareness Program
215Information Security Awareness Program
administration component
200Awareness Standard requirements
209importance of repetition
199improvements over time
223fInternal Information Security Consultants
220key components/cumulative effect
222–223presentation question anticipation
202–204product/material content
207Training and Communications Division
219Information Security Awareness Specialist
195Information Security Awareness Standard
Corporate Information Security Policy
209Information security awareness training
information security awareness specialist
195Injection attacks, cracks
113Inside threats, physical security
34–35Instant Messaging
safety recommendations
161Internal Information Security Consultants
220Internet
on-line blackmarketing case
155penetration testing automated attacks
173penetration testing case study
175–176personal information removal
142Internet Explorer, automated surveillance
155–156Internet Service Provider (ISP), default PSK lookup
127,
128fInvestment information, surveillance
146–149iPad
information security awareness
196IPS, social engineering considerations
25IPSec tunnel, mirror/monitor attack
115Iran's Nuclear Fuel Centrifuges, SCADA system attack
24L
Laptop security, information security awareness
196Layer 1 denial of service (DoS) attacks
access point antenna shorting
100fLayer 2 denial of service (DoS) attacks
man-in-the-middle attack
110Learning Management System (LMS), Information Security Awareness Program
218–219Legal Department, Information Security Awareness Program
218LinkedIn
safety recommendations
161third-party disclosures
152Litigation, information security awareness
197Local Area Networks (LANs)
Local law enforcement, CCTF
190Lock examples
disk-type pin tumbler lock
57fhigh-quality high-security lock
64fmortise vs. rim cylinder locks
83–85Lock picking
penetration tester permission
52bLock picking example
secured office complex door
69fsemi-high-secure-room break-in
Locks
access point enclosures
95advanced reference materials
59computer rooms/phone closets
42quality vs. effectiveness
57–58“Looking the part,” penetration testing
170bM
MAC address
ad hoc bridged interfaces
126legitimate-looking rogue APs
125security tool bypasses
130Magic tricks, distraction component
165Manhole covers
subterranean vulnerabilities
44Master keys
mortise vs. rim cylinder locks
83MD5 hash, rainbow tables
114Medeco locks, key control
71Metasploit, penetration testing automated attacks
173Micrometer
mortise vs. rim cylinder locks
84MicroSD USB storage device
Microsoft, social engineering flaw remediation
26Microwave oven, EMR spectrum
88Military.com, for initial identification
141–142Miniature surveillance equipment
158–159Mobile Broadband Wireless Access (MBWA), EMR spectrum
89Mortise cylinder lock
vs. rim cylinder lock
83–85Motion-sensing cameras, home security
48Motion-sensing lights, as physical security
43–44Mounting plate, lock forced entry
61Murdoch, Rupert, social engineering attack
24Mushroom pins, lock quality/effectiveness
57MySpace
safety recommendations
161third-party disclosures
153travel location information
151N
Neighborhood routes, targeting and surveillance
142–144Nemesis, Farewell Attacks
105Network access control (NAC)
ad hoc bridged interfaces
126security tool bypasses
130Network Interface Controller (NIC)
ad hoc bridged interfaces
125rogue-on-rogue attacks
106New-hire video, Information Security Awareness Program
204News Corp., social engineering attack
24“Night Dragon” malware, energy company spear phishing
24NMAP
ad hoc bridged interfaces
126guest wireless hacking
116O
Office complex, secured door example
69fOff-shift staff, building security training
39–40Omnidirectional antennas
azimuth and elevation radiation charts
93fOnline directories, building security
38On-line Information Security Awareness Program
Operating systems
CD/DVD-based penetration testing
168Operation Aurora, social engineering attack
24Organizational culture, penetration testing
170Organizational Unique Identifier (OUI), MAC address switching
133Orthogonal frequency-division multiplexing (OFDM), 802.11a/g/n
104Outside threats, physical security
34–35P
Padlock shim
mortise vs. rim cylinder locks
83Parabolic dish antennas, beamwidth sample
93tPassive intelligence collection, and target interaction
156Passwords, default configuration wireless hacking
127,
128fPayload introduction, penetration testing
172bPayment Card Industry Data Security Standard (PCI DSS)
legitimate-looking rogue APs
125PayPal, for safe transactions
140Peer-to-Peer (P2P) network searches
safety recommendations
160Penetration testing
case study
approaching conference staff
176approaching hotel staff
175permission considerations
175equipment “burial ground”
46human factor
trust and behavior influence
166lock picking legal issues
53block picking permission
52bMicroSD USB storage device
168fmotion-sensing light security
43–44non-functioning lock issues
68organizational culture
170subterranean vulnerabilities
44–45target location considerations
169–170PeopleFind sites
personal information removal
142safety recommendations
160Permission considerations, penetration testing
175Personal Area Network (PAN)
Personal identifiable information (PII), targeting prevention
160Personal information
Information Security Awareness training
211safety recommendations
160,
185third-party disclosures
153vehicle registration
80–81Personal protection, expert advice
184Personal Protection Specialists (PPS)
184Personnel Department, Information Security Awareness Program
219Phishing, vs. spear phishing
187–188Phone books, corporate building security
37–38Photograph data, travel patterns
150–151Physical security
access point enclosure
95fbuildings
basic considerations
35–40corporate/agency phone books
37–38off-shift staff training
39–40tailgating countermeasures
39bChicago bomb threat example
40–42equipment “burial ground”
46motion sensing lights
43–44risk assessment example
basic considerations
32–34video security log review
43Pin tumbler locks
FALE team picking example
75–76Pippin file, key creation
80Place targeting, basic considerations
151–152Plaintext hash, rainbow tables
114Presentations
information Security Awareness Program
202–204Pre-shared key (PSK)
default configuration hacking
127Printers, ad hoc bridged interfaces
125–126Prism Test Utility, Queensland Attack
103Privacy Division, Information Security Awareness Program
218Private Branch Exchange, phone closet security
42Project organization, penetration testing
approach considerations
172bProtect Information Properly (PIP)
212–213Proxy servers, penetration testing automated attacks
173Public Branch Exchange (PBX)
physical security outsider/insider threats
34social engineering example
21Public Secure Packet Forwarding (PSPF), peer-to-peer-to-hack
118Purchase habits, surveillance
146–149Putty tool, Google hacking
129R
Rackspace, social engineering attack
24Radio control (RC) equipment, EMR spectrum
89Radio frequency (RF)
access point in foiled enclosure
99faccess point in foil-less enclosure
99faccess point radiation pattern
92basic wireless technology
102layer 1 denial of service attacks
91–92RADIUS, default password break-ins
127Rainbow table, basic concept
113Real estate search engines, examples
142Realestate.yahoo.com/Homevalues
142Rebate check scam, bank account targeting
148–149Reference books, social engineering countermeasures
28–29Risk assessment, physical security example
basic considerations
32–34Risk management
Information Security Awareness Program
224Rogue detection, definition
106Rootkit, peer-to-peer-to-hack
118RSA, social engineering attack
24RSS feeds, automated surveillance
155S
Safari, automated surveillance
155–156SCADA systems
Iran's Nuclear Fuel Centrifuges
24Sector antennas, beamwidth sample
93tSelective attention, definition
164–165Self-disclosures, social networks/media
144–146Self-loading Trojan, USB thumb drives
167Semi-high-secure-room break-in, lock picking example
Sensitive compartmented information facility (SCIF), scanner/miniature equipment checks
158September 11 attacks, Electronic Crimes Task Force
183Service Set Identifier (SSID)
default WPA key hacking
127legitimate-looking rogue APs
124Shoulder surfing, definition
183Signature phrases, surveillance and targeting
154–155Site survey, RF signal documentation
96Skimming, expert advice
182Slogans, Information Security Awareness Program
204Smartphone
automated surveillance
155frequented location tracking
150–151neighborhood route mapping
143Smishing, target interaction
156Sniffers, crack attack
112Social engineering
AV, IDS, IPS considerations
25conversation eavesdropping
16–18firewall considerations
25–26mortise vs. rim cylinder locks
83motion-sensing light security
43–44Paul Henry interview
22–26Phil Drake interview
19–22suspicious phone technicians
19bSocial engineering example
Social Engineering: The Art of Human Hacking (Hadnagy)
28Social engineering tools
penetration team bag
4f,
5fSPAM mail approach, spear phishing
188–189Spy gear, surveillance
158Staging efforts, penetration testing
169–170State law enforcement, CCTF
190Static IP address, wireless hacking
131–132Stickers, Information Security Awareness Program
205Strategy decisions, penetration testing
171–172Subject Matter Experts (SMEs), Information Security Awareness Program
207Subterranean vulnerabilities
Surveillance
businessman case study
145financials, investments, purchase habits
146–149free vs. fee-based PeopleFind sites
140military personnel addresses example
159miniature equipment examples
158on-line blackmarketing case
155scanner and miniature equipment
158–159self-research on property records
143social network/media disclosures
144–146travel location example
151Surveys
Information Security Awareness Program
Personnel Department participation
219social network/media disclosures
144Suspiciousness, as social engineering countermeasure
28Switches
ad hoc bridged interfaces
126Symantec, social engineering attack
24T
“Take Charge” publication (FTC), credit card recommendations
183Tamper test, access point enclosures
96,
97f,
98fTargeting
businessman case study
145financials, investments, purchase habits
146–149free vs. fee-based PeopleFind sites
140military personnel addresses example
159miniature equipment examples
158on-line blackmarketing case
155scanner and miniature equipment
158–159self-research on property records
143social network/media disclosures
144–146travel location example
151Target organization
organizational culture
170Task Force Officer (TFO)
191Team concept
Information Security Program
200–201Technology basics, penetration testing
MicroSD USB storage device
168fTeflon plumbers tape, compromising locks
81–83Telephone butt-in set
social engineering
18,
18fTerrorism, expert advice
181,
188Texting, third-party disclosures
154Tools
data leakage prevention
119Touch point, Information Security Awareness Program
199–200Training
off-shift staff for security
39–40Training and Communications Division, Information Security Awareness Program
219Trojan Horse
penetration testing
permission considerations
175self-loading, USB thumb drives
167physical security outsider/insider threats
34–35Trust, penetration testing
166Tweeting, third-party disclosures
152Twitter
automated surveillance
155businessman surveillance case study
145frequented location information
149,
150third-party disclosures
154Two-part authentication, building security
38V
Videoronk, automated surveillance
155–156Video security logs, review
43Virtual access point (AP)
119Virtual local area networks (VLANs)
guest wireless hacking
116legitimate-looking rogue APs
124Virtual machine (VM) software
automated surveillance
156Virtual Private Network (VPN), InfraGard
189,
190Viruses, peer-to-peer-to-hack
118Vishing, target interaction
156Visual survey, access points and antennas
94,
101,
124VLAN 2100, legitimate-looking rogue APs
124Voice over IP (VoIP), social engineering example
21Voice over Wireless (VoWiFi)
Vulnerabilities
Chicago bomb threat example
40mortise vs. rim cylinder locks
83physical security risk assessment
33W
Web browser add-ons, automated surveillance
155–156WEP
default configuration hacking
127WiFi scanners, surveillance
159Winsock Packet Editor, Farewell Attacks
105Wireless hacking
basic wireless technology
102electromagnetic spectrum
87–90layer 1 DoS
access point antenna shorting
100flayer 2 DoS
man-in-the-middle attack
110network uses and ISM band
89tomnidirectional antenna characteristics
93fsafety recommendations
160WWII frequency analyzer
90fWireless IPS (WIPS)
default password break-ins
127rogue-on-rogue attacks
106Wireless Local Area Network (WLAN)
Wireless Metro Area Network (WMAN)
Wireless Personal Area Network (WPAN)
Wireless Sensor Networks, EMR spectrum
89Wireless Wide Area Network (WWAN)
89tWPA2
default configuration hacking
127Wrappers
penetration testing automated attacks
173–174