LitArk » Books » Romance novel

Wil Allsopp - Unauthorised Access: Physical Penetration Testing For IT Security Teams

Here you can read online Wil Allsopp - Unauthorised Access: Physical Penetration Testing For IT Security Teams full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2009, publisher: Wiley, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Book:
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Author:
Wil Allsopp / Kevin Mitnick
Publisher:
Wiley
Genre:
Books / Romance novel
Year:
2009
Rating:
5 / 5
Favourites:
Add to favourites
Your mark:
- 100
- 1
- 2
- 3
- 4
- 5

Description
Author's other books
Similar books

Unauthorised Access: Physical Penetration Testing For IT Security Teams: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Unauthorised Access: Physical Penetration Testing For IT Security Teams" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

The first guide to planning and performing a physical penetration test on your computers security

Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security.

Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.

Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance
Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels
Includes safeguards for consultants paid to probe facilities unbeknown to staff
Covers preparing the report and presenting it to management

In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.

Wil Allsopp: author's other books

Who wrote Unauthorised Access: Physical Penetration Testing For IT Security Teams? Find out the surname, the name of the author of the book and a list of all author's works by series.

Unauthorised Access: Physical Penetration Testing For IT Security Teams — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Unauthorised Access: Physical Penetration Testing For IT Security Teams" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Table of Contents

To Nique for being herself and to my family for supporting
and inspiring me.

Preface

This is a book about penetration testing. There is nothing innately new about that - there are dozens of books on the subject but this one is unique. It covers in as much detail as is possible the oft overlooked art of physical penetration testing rather than, say, ethical hacking. We wont teach you how to use port scanners or analyze source code. There are plenty of places you can learn about that and, to a certain degree, if youre reading this book then Im going to assume you have grounding in the subject matter anyway. The purpose of this book is twofold: to provide auditing teams with the skills and the methodology they need to conduct successful physical penetration testing and to educate those responsible for keeping attackers out of their facilities.

My personal experience in physical penetration testing began about seven years ago when, following a scoping meeting to arrange an ethical hacking engagement at a data centre in London, the client asked almost as an aside, By the way, do you guys do social engineering, that sort of thing - you know try and break in and stuff?. I responded (like any junior consultant sitting next to a senior salesman) that of course we did! As it turned out we thought about it, decided to give it a shot and ... failed. Miserably. Not surprisingly.

My team and I were hackers, lab rats. In effect, we didnt know the first thing about breaking into buildings or conning our way past security guards. This is a situation now facing an increasing number of ethical hacking teams who are being asked to perform physical testing. We know it needs to be done and the value is obvious, but where to begin? There are no books on the subject, at least none available to the general public (other than the dodgy ones on picking locks published by Loompanics

Unlimited). So I decided to fill the void and write one. It has a special emphasis on combining physical testing with information security testing simply because ethical hacking teams are most likely to be employed for this kind of work (at least in the private sector) and because ultimately its your information systems that are the most likely target for any attacker. However, anyone with a need to understand how physical security can fail will benefit from this book - the culmination of a number of years of experience performing all manner of penetration testing in all kinds of environments.

Who this Book Is For

Anyone who has an interest in penetration testing and what that entails will benefit from this book. You might have an interest in becoming a penetration tester or you might work in the industry already with an aim to learn about physical penetration testing. You might want to learn how attackers gain access to facilities and how this can be prevented or perhaps youre considering commissioning a physical penetration test and want to learn what this involves.

This book is written for you.

What this Book Covers

Unauthorized Access discusses the lifecycle of a physical penetration test from start to finish. This starts with planning and project management and progresses through the various stages of execution. Along the way, youll learn the skills that are invaluable to the tester including social engineering, wireless hacking, and lock picking.

The core subjects discuss what takes place during a physical penetration test, what you can expect and how to deal with problems. Equipment necessary to carrying out a test is given its own chapter.

Chapter 9 includes case studies that draw on my own personal testing experience, which I hope will inspire you. Chapters 10 and 11 focus on protecting against intruders and corporate spies and how this relates to the cornerstone of information security; the security policy.

The appendices deal with miscellaneous subjects such as law, accreditations and security clearance.

How this Book Is Structured

The two most important chapters in this book are Chapter 2 and Chapter 3. These contain the core theory and practice of physical penetration testing. The chapters that follow it discuss in depth the skill sets you will be required to master:

Chapter 4 - This chapter discusses how to manipulate human nature. Social engineering is the art of the con man and probably the single most crucial set of skills you will learn. The practice of these skills is at the core of any successful operating team.

Chapter 5 - Generally this concerns defeating locks. This chapter assumes no previous knowledge and these skills are not difficult to master. This is a crash course.

Chapter 6 - Knowledge is power; the more you have the more powerful you become. This chapter covers the basics of how and where to gather information, from how to successfully leverage Internet search technologies and databases through to the physical surveillance of target staff and facilities.

Chapter 7 - Despite the security shortcomings of wireless networks (both 802.11x and Bluetooth) being well documented, many companies continue to deploy them. I discuss equipment, how to crack encryption and bypass other security mechanisms. I provide you short-cuts to get you up and running quickly and introduce some newer techniques for compromising wireless networks that will guarantee that if youre using wireless in your business now, you wont be when you finish this chapter.

Chapter 8 - This chapter offers an in-depth discussion of the equipment you need, where to get it and how to use it.

Chapter 9 - This chapter offers a few historical scenarios taken from my case history. Names have been changed to protect those who should have known better.

Chapter 10 - This chapter provides basic information about what a security policy should cover. If youve read this far and still dont have a security policy, this chapter helps you write one.

Chapter 11 - This chapter covers how to minimize your exposure to information leakage, social engineering and electronic surveillance.

Appendix A - This provides a legal reference useful to UK testers.

Appendix B - This provides a legal reference useful to US testers.

Appendix C - This provides a legal reference useful when conducting testing in the European Union.

Appendix D - This clarifies the differing terms used in the United States and United Kingdom.

Appendix E - This tells you about the various tests you can take or the tests you want to be sure a tester has taken before hiring.

What You Need to Use this Book

Ive written Unauthorized Access to be as accessible as possible. Its not an overly technical read and although grounding in security principles is desirable, its not a requirement. Chapter 7 (in which the discussion focuses on compromising the security of wireless technologies) is technical from start to finish but it does not assume any previous knowledge and provides references to the requisite software and hardware as well as step by step instructions. If you have a grounding in penetration testing (or at least know what it is) so much the better but again this is not necessary.

What you need to use this book and what you need to carry out a physical penetration test are two different things (for that you should refer to Chapter 8). However, I strongly recommend you have the following:

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «Unauthorised Access: Physical Penetration Testing For IT Security Teams»

Look at similar books to Unauthorised Access: Physical Penetration Testing For IT Security Teams. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Kim

The Hacker Playbook 3: Practical Guide to Penetration Testing

Messier

Learning Kali Linux: security testing, penetration testing, and ethical hacking

Henry

Penetration testing protecting networks and systems

Cardwell Kevin

Building virtual pentesting labs for advanced penetration testing: build intricate virtual architecture to practice any penetration testing technique virtually

Eltrinos

Kali Linux: Testing Your Network: How to Test Infrastructure Security with Security Testing and Penetration Testing

Christian Martorella

Learning Python Web Penetration Testing: Automate web penetration testing activities using Python

Peter Kim

The Hacker Playbook 3: Practical Guide To Penetration Testing

Gerard Johansen

Kali Linux 2 Assuring Security by Penetration Testing

Kevin Cardwell

Building Virtual Pentesting Labs for Advanced Penetration Testing

Aaron Johns

Mastering Wireless Penetration Testing for Highly-Secured Environments

Thomas Wilhelm

Professional Penetration Testing, Second Edition: Creating and Learning in a Hacking Lab

Lee Allen

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Reviews about «Unauthorised Access: Physical Penetration Testing For IT Security Teams»

Discussion, reviews of the book Unauthorised Access: Physical Penetration Testing For IT Security Teams and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.