Re: physical security pentesting procedures, tips, audit programs?
Date: Sat, 11 Dec 2004 15:03:13 +0100 (CET) To: firstname.lastname@example.org
On Thu, 2004-09-12 at 21.18, Frank Knobbe wrote:
> Sure, but you show it to management/sponsor. You don't show it to the
> people affected unless they are involved in a test (like branch managers
> having you detained in their office).
> Penetration Testing is all about showing flaws, but to the sponsor, not
> the folks who commit the violations. It's the responsibility of the
> sponsors to take action in a way they see fit.
> Discretion is paramount in these engagements. You just don't leave stuff
I'm agree with Frank...in a physical security test, discretion is very
important..then, what about using the so called "password pen"?
With this pen you can write on any surface with invisible to the naked eye
ink; when you point an UV light on the area you wrote, your tag will
Imho discreet and effective.