• Complain

Kevin D Mitnick - The art of deception : controlling the human element of security

Here you can read online Kevin D Mitnick - The art of deception : controlling the human element of security full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Indianapolis, Ind, year: 2002, publisher: Wiley Pub, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Kevin D Mitnick The art of deception : controlling the human element of security
  • Book:
    The art of deception : controlling the human element of security
  • Author:
  • Publisher:
    Wiley Pub
  • Genre:
  • Year:
    2002
  • City:
    Indianapolis, Ind
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

The art of deception : controlling the human element of security: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "The art of deception : controlling the human element of security" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Kevin D Mitnick: author's other books


Who wrote The art of deception : controlling the human element of security? Find out the surname, the name of the author of the book and a list of all author's works by series.

The art of deception : controlling the human element of security — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "The art of deception : controlling the human element of security" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Scanned by kineticstomp THE ART OF DECEPTION Controlling the Human Element of - photo 1

Scanned by kineticstomp

THE ART OF DECEPTION

Controlling the Human Element of Security

KEVIN D. MITNICK

& William L. Simon

Foreword by Steve Wozniak

For Reba Vartanian, Shelly Jaffe, Chickie Leventhal, and Mitchell Mitnick, and for the late Alan Mitnick, Adam Mitnick,

and Jack Biello

For Arynne, Victoria, and David, Sheldon,Vincent, and Elena. Social Engineering

Social Engineering uses influence and persuasion to deceive people by convincing them that the social engineer is someone he is not, or by manipulation. As a result, the social engineer is able to take advantage of people to obtain information with or without the use of technology.

Contents

Foreword

Preface

Introduction

Part 1 Behind the Scenes

Chapter 1 Security's Weakest Link

Part 2 The Art of the Attacker

Chapter 2 When Innocuous Information Isn't

Chapter 3 The Direct Attack: Just Asking for it

Chapter 4 Building Trust

Chapter 5 "Let Me Help You"

Chapter 6 "Can You Help Me?"

Chapter 7 Phony Sites and Dangerous Attachments

Chapter 8 Using Sympathy, Guilt and Intimidation

Chapter 9 The Reverse Sting

Part 3 Intruder Alert

Chapter 10 Entering the Premises

Chapter 11 Combining Technology and Social Engineering

Chapter 12 Attacks on the Entry-Level Employee

Chapter 13 Clever Cons

Chapter 14 Industrial Espionage

Part 4 Raising the Bar

Chapter 15 Information Security Awareness and Training

Chapter 16 Recommended Corporate Information Security Policies Security at a Glance

Sources

Acknowledgments

Foreword

We humans are born with an inner drive to explore the nature of our surroundings. As young men, both Kevin Mitnick and I were intensely curious about the world and eager to prove ourselves. We were rewarded often in our attempts to learn new things, solve puzzles, and win at games. But at the same time, the world around us taught us rules of behavior that constrained our inner urge toward free exploration. For our boldest scientists and technological entrepreneurs, as well as for people like Kevin Mitnick, following this inner urge offers the greatest thrills, letting us accomplish things that others believe cannot be done.

Kevin Mitnick is one of the finest people I know. Ask him, and he will say forthrightly that what he used to do - social engineering - involes conning people. But Kevin is no longer a social engineer. And even when he was, his motive never was to enrich himself or damage others. That's not to say that there aren't dangerous and destructive criminals out there who use social engineering to cause real harm. In fact, that's exactly why Kevin wrote this book - to warn you about them.

The Art of Deception shows how vulnerable we all are - government, business, and each of us personally - to the intrusions of the social engineer. In this security-conscious era, we spend huge sums on technology

to protect our computer networks and data. This book points out how easy it is to trick insiders and circumvent all this technological protection. Whether you work in business or government, this book provides a powerful road map to help you understand how social engineers work and what you can do to foil them. Using fictionalized stories that are both entertaining and eye-opening, Kevin and co-author Bill Simon bring to life

the techniques of the social engineering underworld. After each story, they offer practical guidelines to help you guard against the breaches and threats they're described.

Technological security leaves major gaps that people like Kevin can help us close. Read this book and you may finally realize that we all need to turn to the Mitnick's among us for guidance.

-Steve Wozniak

PREFACE

Some hackers destroy people's files or entire hard drives; they're called crackers or vandals. Some novice hackers don't bother learning the technology, but simply download hacker tools to break into computer systems; they're called script kiddies. More experienced hackers with programming skills develop hacker programs and post them to the Web and to bulletin board systems. And then there are individuals who have no interest in the technology, but use the computer merely as a tool to aid them in stealing money, goods, or services.

Despite the media-created myth of Kevin Mitnick, I am not a malicious hacker.

But I'm getting ahead of myself.

STARTING OUT

My path was probably set early in life. I was a happy-go-lucky kid, but bored. After my father split when I was three, my mother worked as a waitress to support us. To see me then - an only child being raised by a mother who put in long, harried days on a sometimes-erratic schedule would have been to see a youngster on his own almost all his waking hours. I was my own babysitter.

Growing up in a San Fernando Valley community gave me the whole of Los Angeles to explore, and by the age of twelve I had discovered a way to travel free throughout the whole greater L.A. area. I realized one day while riding the bus that the security of the bus transfer I had purchased relied on the unusual pattern of the paper-punch, that the drivers used to mark day; time, and route on the transfer slips. A friendly driver, answering my carefully planted question, told me where to buy that special type of punch.

The transfers are meant to let you change buses and continue a journey to your destination, but I worked out how to use them to travel anywhere I wanted to go for free. Obtaining blank transfers was a walk in the park.

The trash bins at the bus terminals were always filled with only-partly used books of transfers that the drivers tossed away at the end of the shifts. With a pad of blanks and the punch, I could mark my own transfers and travel anywhere that L.A. buses went. Before long, I had all but memorized the bus schedules of the entire system. (This was an early example of my surprising memory for certain types of information; I can still, today, remember phone numbers, passwords, and other seemingly trivial details as far back as my childhood.)

Another personal interest that surfaced at an early age was my fascination with performing magic. Once I learned how a new trick worked, would practice, practice, and practice some more until I mastered it. To an extent, it was through magic that I discovered the enjoyment in gaining secret knowledge.

From Phone Phreak to Hacker

My first encounter with what I would eventually learn to call social engineering came about during my high school years when I met another student who was caught up in a hobby called phone phreakin. Phone phreaking is a type of hacking that allows you to explore the telephone network by exploiting the phone systems and phone company employees. He showed me neat tricks he could do with a telephone, like obtaining any information the phone company had on any customer, and using a secret test number to make long-distance calls for free. (Actually it was free only to us. I found out much later that it wasn't a secret test number at all. The calls were, in fact, being billed to some poor company's MCI account.) That was my introduction to social engineering-my kindergarten, so to speak. My friend and another phone phreaker I met shortly thereafter let me listen in as they each made pretext calls to the phone company. I heard the things they said that made them sound believable; I learned about different phone company offices, lingo, and procedures. But that

"training" didn't last long; it didn't have to. Soon I was doing it all on my own, learning as I went, doing it even better than my first teachers. The course my life would follow for the next fifteen years had been set. In high school, one of my all-time favorite pranks was gaining unauthorized access to the telephone switch and changing the class of service of a fellow phone phreak. When he'd attempt to make a call from home, he'd get a message telling him to deposit a dime because the telephone company switch had received input that indicated he was calling from a pay phone.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «The art of deception : controlling the human element of security»

Look at similar books to The art of deception : controlling the human element of security. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «The art of deception : controlling the human element of security»

Discussion, reviews of the book The art of deception : controlling the human element of security and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.