I've seen this section before but I don't know a lot about it. I mostly hear about people trying to get through a certain application/ system or writing the final report..nothing about physical security. Do any of you try to pick locks or ... (i dont know what else to ask because I'm that much in the dark)?

Have any stories regarding physical security?

I do have lock picking sets but never done it in my job. Most physical seems to be tested with Social engineer these days. 

I pick locks sometimes but not as a pentester. I'm in a situation where maintenance departments keep changing the locks and sometimes they can't find the key.

There's a pretty good book called "No Tech Hacking" which explains quite a bit about physical security.  Examples would be dumpster diving and social engineering or even just walking right into your target's building (pretending to be an employee or janitor) and stealing any documents or whatever you need.

YuckTheFankees, I got a small lockpicking set at a local flea market, years ago, and I think I found some PDF called the MIT Guide to Lockpicking (or something similar). No idea if it was legit or not, it was just a PDF that someone had passed along to me. It got me where I needed to be, though I haven't practiced nearly enough to say I'm an expert, or even good at it. I just get lucky sometimes.

Nice reply. I was thinking about mostly picking locks but you definitely opened my eye to others things (thinking about the walls was a good one). I think Im going to pick up a book pretty soon, the more people talk about it..the more I want to learn. And I'll definitely check out some groups in my area.

Do a search here for lockpicking to see the discussion on cutaway locks to learn lockpicking. You don't need a book. Lockpicking is 95% experience/ 5% knowledge.

================

I hesitate to bring this up due to the obvious security considerations but I guess terrorists don't spend much time on ethicalhacker.

www.securitytube.net/video/2199

www.securitytube.net/video/2249

Lock picking?  Love it!@  I used to fiddle with locks years ago, with no knowledge with what I was doing... was pretty successful at it too.  Recently fell back in love with it.  I don't see them as locks, I see them as little puzzles.

While books are always good, I think the best thing to kickstart the skill of lock picking is attending some sort of hands-on seminar.  A lockpick village at a con would be a great place to start.  You can of course start by yourself, and hit one of those later, but just like most anything, you can learn wrong, then you have to unlearn your bad habits and relearn the skill all over again.

"Practical Lock Picking" (here: http://www.amazon.com/Practical-Lock-Picking-Physical-Penetration/dp/1597496111) seems to be the go-to book, and I wouldn't disagree.  The author, Deviant Ollam, also gave a great talk at DefCon 13 (here: http://www.youtube.com/watch?v=JupQ3BpKGYg).  It doesn't get deep in to the mechanics of picking, but is a great overview of what it's all about, how to approach it, even talks about the legal aspect of the activity.

Tools and Locks: Get going with an inexpensive starter kit... I'm still using my 8-piece pick set (6 picks, 2 tensioners), might dive in to a bigger kit later.  If you're going to spend a lot of time picking, I really really really recommend a vice.  There's a really swell universal practice lock stand on lockpickersmall.com.  As for locks themselves, I'd start with a nice cut-away lock.  You can get a set with 2-5 (or 6) pins, and work your way up, or get a single 5 or 6 pin.  The sets are nice to learn with, but once you get the hang of it, the 2, 3 and probably 4 pin practice locks will be useless.  The big goal here is to observe the mechanics of the lock, and learn what you feel when something happens in the pin stack, properly setting a pin for example.  This is a "by feel" skill, but being able to correlate seeing the action and feeling it will certainly help!

After that, it's getting your hands on as many locks as possible.  I keep a watch on ebay, search for "practice locks" and you'll see stuff pop up.  I bought a box of used, misc locks a while back.  I think it was like $18, shipped, and once I threw out the useless ones, I came away with 15 or so useable cores to practice on.

You will get frustrated, but practice certainly does make perfect.  I recently went back to a lock that was kicking my butt, and had been for months.  Didn't touch it of a few months, worked on other locks, etc, finally picked up that butt kicker, and popped it in two minutes.

Practice, practice, practice... and have fun!