Social Engineering and the USB - A new approach



User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Sun Nov 12, 2006 1:28 pm

Social Engineering and the USB - A new approach

Hi All,

A wonderful article, a must-read for all Security Professional.


Sorry if it is a re-post.

Also if we get a USB as a gift, how to make sure that it is not infected apart from our normal virus scanning methods?


Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n


User avatar

Jr. Member
Jr. Member

Posts: 58

Joined: Tue Sep 19, 2006 1:59 pm

Location: Mankato, MN

Post Mon Nov 13, 2006 10:46 am

Re: Social Engineering and the USB - A new approach

That was a really good read.  There is software out there that claims to control USB ports on client machines, and the amount of software is growing as the concern over USB drives grows. 

I've heard about devicelock, and I found a link for devicewall.  It seems that they will control which USB devices will be allowed on the computer, and in some cases will encrypt whatever is put on the USB drive.  The usual complaint I hear about encrypting the contents is that the receiving computer has to be able to unencrypt the drive.  I usually tell people that if you're legitimately transferring files to an authorized recipient, then find a better way to do it...like over a VPN tunnel. 

please pay me two cents now.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software