.

No Tech Hacking

<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Sun Sep 05, 2010 5:54 am

No Tech Hacking

I am currently reading the book "No Tech Hacking" by Johnny Long, Scott Pinzon and Kevin Mitnick.  I would certaintly recommend it when it comes to physical security :)
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Sun Sep 05, 2010 11:08 am

Re: No Tech Hacking

T_Bone wrote:I am currently reading the book "No Tech Hacking" by Johnny Long, Scott Pinzon and Kevin Mitnick.  I would certaintly recommend it when it comes to physical security :)


And this is why an account on Safari pays off: "Unauthorised Access: Physical Penetration Testing For IT Security Teams[/b]

  Code:
Gathering the Right Equipment 155
The ‘‘Get of Jail Free’’ Card 155
Photography and Surveillance Equipment 157
Computer Equipment 159
Wireless Equipment 160
Global Positioning Systems 165
Lock Picking Tools 167
Forensics Equipment 169
Communications Equipment 170
Scanners 171
Summary 175


http://my.safaribooksonline.com/9780470747612

Another must have (pokes dynamik go and buy this one too): "Tales from the Front Line" and Counter Intelligence are worth reading as are the methodology/framework they lay out. E.g., without posting TMI:

1. Receiving the assignment – At this stage, contracts have been signed and certain legal formalities observed.

2. Negotiating the Rules of Engagement – These define what you can and can’t do during testing and their purpose is usually to limit testers to a certain scope.

3. Performing Preliminary Research – You are now ready to pursue the initial information-gathering phase. This will take many forms:
• Determining Risk – It’s important to accurately gauge the risk a project poses both to the company and to the team members executing it.
• Writing a Test Plan – A formal (but flexible) test plan is a good idea from both project management and legal perspectives.
• Gathering Equipment – Equipment is discussed in Chapter 8 but it’s important for the team to take gear that’s appropriate to the test without being over encumbered.

4. Providing documentation and legal requirements – Once the planning stage is complete you will have a not insignificant amount of documentation. We discuss what you should have and who should have access to it.


For a book like this, I'd watch Chris Nickerson's (hola) Tiger Team as well:
http://en.wikipedia.org/wiki/Tiger_Team_%28TV_series%29

Return to Physical Security

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software