|
-
January 26th, 2006, 09:23 PM
#10
Yeah, I'm gonna have to agree with zencoder on that one.
I do Pen Testing here and everyone tells me that Social Engineering is a critical part of the process. I just dont include that in most of my pen testing. That comes down to security awareness for your employees. Any smooth talking individual can social engineer into anything. I know a few women that I have social engineer myself into their... well, you get my point.
The bigger concern in most cases (like what bAgZ started with) is "network controls, including firewalls, routers, IDS and servers". I prefer the good ol fashion computer based attack there! If you want to social engineer, I believe that is more of a test of your security awareness program, not your network controls.
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War 
http://tazforum.**********.com/
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote