Generating awareness amongst IT staff

To:	pen-test@securityfocus.com
Subject:	Generating awareness amongst IT staff
From:	Faheem SIDDIQUI <fahimdxb@gmail.com>
Date:	Sat, 25 Nov 2006 20:14:05 +0400
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=r+fnaQs0SysAv8qGbQiyfnj3qafIKf3r7mM3ox/JofiP7cdHxsj60KHlhqKo+hXkVtcXQQYJUUW9x3n9MqYUUois6PXGHFL/WvFHLQ0KuF9cxOuxpI4ky0TOkEzsVbR+JIvXUL/Z4VdU6x74Lb6hb8KaqIMUTOfZQrs3ilu5mxc=
In-reply-to:	<456562C8.2010700@caramiel.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<4562F423.000003.06080@CAILAP> <456562C8.2010700@caramiel.com>
Resent-date:	Sat, 25 Nov 2006 17:28:55 -0700 (MST)
Resent-from:	pen-test-return-1078483044@securityfocus.com
Resent-message-id:	<20061126002855.717D814BBF5@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
User-agent:	Thunderbird 1.5.0.8 (Windows/20061025)

I am in the middle od preparing slides for security awarenesspresentation amongst IT staff (network admins/system/DBAs) etc.

Security awareness is quite low amongst these guys and they seem tobelieve that the way have done it all these years, can continue all theremaining years too.

Plan is, to create password hack using Ophcrack and run it duringpresentation. What else can I do to create real time engagingpresentation so that these guys might sit up and take notice. How aboutdoing a pen test on databases?

Anyone has any ideas to make this presentation to largely IT technicalstaff...as engaging as possible?



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Default passwords dictionary, Mohamed Abdel Kader Re: Default passwords dictionary, Jerome Athias RE: Default passwords dictionary, Yeh, Ivan I.C. Re: Default passwords dictionary, Mark Foster Re: Default passwords dictionary, Ron Re: Default passwords dictionary, Jeremy Saintot Generating awareness amongst IT staff, Faheem SIDDIQUI <= Re: Generating awareness amongst IT staff, pand0ra RE: Default passwords dictionary, hugh_fraser RE: Default passwords dictionary, Joxean Koret Re: Default passwords dictionary, carlos . spera

Previous by Date:	AttackAPI 2.0 alpha, pdp (architect)
Next by Date:	Voip security, Mike Klingler
Previous by Thread:	Re: Default passwords dictionary, Jeremy Saintot
Next by Thread:	Re: Generating awareness amongst IT staff, pand0ra
Indexes:	[Date] [Thread] [Top] [All Lists]