We want you to take what you have learned and convert it from basic to guru, so that when you encounter those odd cases, you still have a few more tricks up your sleeve.Īlthough this book focuses mostly on personal computers (PCs), they are only a small part of the entire cyber-realm. One major thrust of this chapter is to improve and build upon some of the techniques discussed earlier in this book. To be as prepared as possible for these non-ideal conditions, you need to develop skills that will expand your knowledge base and make you as versatile as possible. Of course, one of the most important rules of cyber-spying (all spying, in fact) is that there are no ideal situations. We have given you a few basic tricks and scenarios, which will work most of the time, especially in ideal situations. You may be feeling computer savvy, and even a little dangerous. By now you should have a basic understanding of the spy process and quite a few tricks to help you pry into people's online lives. Technical Editor, in Cyber Spying, 2005 IntroductionĬongratulations, you have made it through the first part of cyber-spy school. An attacker can also be an insider (e.g., co-workers, a disgruntled employee, or someone on the cleaning crew). One disadvantage is that the attacker has to return to retrieve the hardware keystroke logger. Some advantages of hardware keystroke loggers are that they are completely undetectable by software, can record all keystrokes, and can record keystrokes before the operating system is loaded (such as the Basic Input Output System boot password). There are two types of keystroke loggers: hardware and software. Keystroke loggers record passwords and capture the information before encryption is used on the password. Keystroke loggers (also known as keyloggers) record the keystrokes typed on a computer’s keyboard. The attacker can even install a hardware keystroke logger. He or she can steal manuals, storage media, and documents (e.g., the company directory). Once unauthorized entry is achieved, the attacker can take photographs of computer screens and any other materials. If the PIN has to be used in combination with a badge, a combination of attacks is needed. If a door requires a Personal Identification Number (PIN) for entry, shoulder surfing (i.e., observing someone else enter their PIN on the keypad) can be used to learn a valid PIN. Alternatively, materials for making fake IDs are available on the Internet at A more brazen approach is to talk his or her way inside. If an attacker has to display a badge, they have to steal one. Another way is blending in with a group of people. Once open, the attacker follows the person inside, thus, piggybacking on that person’s authorization (also known as tailgating). ![]() One way is for the attacker to loiter by the company entrance and wait for an authorized person to unlock the door. How attackers gain illicit entry to a corporation’s premises depends on the company’s security posture. ![]() In Hack the Stack, 2006 Unauthorized Entry
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |