Results 1 to 7 of 7

Thread: becoming aware of Social Engineering

  1. #1

    Post becoming aware of Social Engineering

    Hello. I am a small-time systems admin at my highschool. I have spend the past year or so trying to teach the other admins (kids and teachers alike) as well as the administration about security. it's been a rather uphill battle.

    I was wondering if anyone could suggest a good source of material to help explain SOCIAL ENGINEERING. I've gotten the hardware and software parts explained and well worked out, but the HUMAN ELEMENT is still a large risk. Any suggestions? (website, quotes, ANYTHING?)...

    Thanks

  2. #2

  3. #3
    I am a cracker
    Guest
    I always use social engineering in my cracks works very good!


    I am not exactly sure of what your looking for? I have been smoking 420 so I AM a pretty wooee (I used one similar to this.)

    Lets say you find a Mickpalmer@powerplant.net this is a top salesmen who in the company has high level access to the network...

    You send this e-mail to mick
    "Hello Mr. Palmer,
    The computer department has decided thats it's neccessary to issue new passwords today. Please take a moment now to enter the following command:
    SetPassword U22L5
    Then press the enter key. Please do not write this password down. For security reasons, we must ask that you memorize it. Thank you for your cooperation.
    Andy Johnson, System Administrator

    Then you try the password later in the night. You get onto the system and now have powerful system privileges.

    Social Engineering is the single most effective security penetration technique of all. You can put a computer inside a sealed room with 10 foot thick concrete walls, but if an student, or and employee who knows the logon sequence is chatty, lonely, or pliable, 50 foot walls won't secure thye system. Security is made up of a chain of connected elements: firewalls passwords shredders alarm systems secure rooms etc... But the old adage applies: The security chain is only as strong as it's weakest link. And all too often that weak link is a person.

  4. #4
    I know HOW to social engineer people, I've used it aswell on needed occasion.

    what I'm trying to find out is how I can explain and help prevent it with people whom are NOT security-minded. those lonely students or administrators whom kow noting about hacking, or SE, or anything of the such.

  5. #5
    WOW talk about Irony I just put somthing up on my website.

    www.bonfire.0catch.com

    anyway I read this when I first started to learn how to hack maybe it will help you in your quest. http://www.happyhacker.org/uberhacker/se.shtml

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    452
    Well, if you can social engineer, then do it. Without telling them, try to social engineer them to get passwords, etc. Tell them what you managed to achieve, talk to them a bit about the dangers, and you shouldn't have a problem with it.
    Elen alcarin ar gwath halla nĂ¡ engwar.

  7. #7
    Senior Member
    Join Date
    Sep 2001
    Posts
    138
    A good reference to send them to is the audio from Beyond Hope, (they had a social engineering panel at this one). The person doing it calls a computer shop and finds out the password to the machines in the building, if I remember correctly ends up on the PA system at K-Mart...and a few other fun things that will get the point by to ANYONE that it is easier to exploit a human being than a computer.

    http://beyond.hope.net/

    Hope this is more of what you are looking for....
    Cheeseball
    http://www25.brinkster.com/cheeseball

    -- Do not dwell in the past, do not dream of the future, concentrate the mind on the present moment--

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •