Factbites
Where results make sense
About us   |   Why use us?   |   Reviews   |   PR   |   Contact us  

Topic: Social engineering (computer security)


Related Topics
Social engineering
Computer insecurity
Trojan horse (computing)
Captain Crunch
Password cracking
Kevin rose
Phreaking
Black box
Systm
Hacker
Root kit
Weather forecasting
Hacktivism
Confidence trick

  
  Social engineering (computer security) - Wikipedia, the free encyclopedia
By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes.
A contemporary example of a social engineering attack is the use of e-mail attachments that contain malicious payloads (that, for instance, use the victim's machine to send massive quantities of spam).
In the film Hackers, the protagonist used a form of social engineering, where the main character accessed a TV networks control system by phoning the security guard for a modem number, posing as an important executive.
en.wikipedia.org /wiki/Social_engineering_(computer_security)   (599 words)

  
 Computer security - Wikipedia, the free encyclopedia
Computer security is a field of computer science concerned with the control of risks related to computer use.
Computer security can be seen as a subfield of security engineering, which looks at broader security issues in addition to computer security.
Computer security is a highly complex field, and it is relatively immature, except on certain very secure systems that never make it into the news media because nothing ever goes wrong that can be publicized, and for which there is not much literature because the security details are proprietary.
en.wikipedia.org /wiki/Computer_security   (2082 words)

  
 Social Engineering
Social Engineering attacks may also involve going through trash dumpsters The term for going through trash dumpsters is "dumpster diving." Again, the tactic may seem to be almost comical, however it does provide very valuable information.
A Social Engineering attack may be composed of several small attacks, which in and of themselves might be inconsequential.
Social Engineering is the only conceivable method for testing security policies and their effectiveness.
www.utdallas.edu /ir/security/sectips/soceng.html   (3547 words)

  
 Define social engineering - a definition from Whatis.com
In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.
For example, a person using social engineering to break into a computer network would try to gain the confidence of someone who is authorized to access the network in order to get them to reveal information that compromises the network's security.
Social engineers rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it.
searchsecurity.techtarget.com /sDefinition/0,,sid14_gci531120,00.html   (376 words)

  
 Social Engineering Fundamentals, Part I: Hacker Tactics
The one thing that everyone seems to agree upon is that social engineering is generally a hacker’s clever manipulation of the natural human tendency to trust.
The basic goals of social engineering are the same as hacking in general: to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network.
According to Methods of Hacking: Social Engineering, a paper by Rick Nelson, the three parts of reverse social engineering attacks are sabotage, advertising, and assisting.
www.securityfocus.com /infocus/1527   (2667 words)

  
 Social Engineering: Security Basics | WatchGuard Technologies, Inc.
In the world of computer security, the term "social engineering" refers to tricking someone into revealing information, such as a password, useful for an attack.
Social engineering can be used to collect any information an attacker might be interested in, such as the layout of your network, names and/or IP addresses of important servers, version numbers of operating systems and software, and security products in use internally.
In reality, social engineering is probably as old as speech, and goes back to the first lie.
www.watchguard.com /infocenter/editorial/1302.asp   (677 words)

  
 Security Forums :: View topic - What is Social Engineering?
Social Engineering is focusing on the weakest chain of the IT security.
Social engineering is a form of security attack in which the attacker tries to acquire information about the computer systems.
Thus, a social engineering attack may occur over the phone, via chat rooms, message boards, talking etc. The main purpose is to get access related information which can be later on used to gain access to confidential and critical organizational information systems.
www.security-forums.com /viewtopic.php?p=167273   (3652 words)

  
 The human side of computer security - SunWorld - July 1999
Social engineering is still the most effective method for circumventing obstacles.
Social engineering is the art of manipulating people into actions they would not normally take.
Kevin Mitnick is certainly not the only person to have used social engineering techniques to get into computer systems, but he is probably the most famous and was apparently very good at it.
sunsite.uakom.sk /sunworldonline/swol-07-1999/swol-07-security.html   (3131 words)

  
 Social Engineering - The Weakest Link in Information Security
In computer security, social engineering is the practice of obtaining confidential information by manipulation (social skills) of legitimate users.
Social Engineering is a non-technical kind of intrusion relying heavily on human interaction which often involves tricking other people into breaking normal security procedures, the attacker uses social skills and human interaction to obtain information about an organization or their computer systems.
A person using social engineering to break into a computer network generally gains the confidence of someone who is authorized access to the network, in order to help reveal information that compromises that networks security.
www.windowsecurity.com /whitepaper/Network_Security/Social-Engineering-The-Weakest-Link.html   (2050 words)

  
 Reference.com/Encyclopedia/Social engineering (computer security)
In the field of computer security, social engineering is the practice of obtaining confidential information by manipulation of legitimate users.
After earlier malicious e-mails led software vendors to disable automatic execution of attachments, users now have to explicitly activate attachments for this to occur.
However, even this might not be necessary — in an Infosecurity survey, 90% of office workers gave away their password in exchange for a cheap pen.
www.reference.com /browse/wiki/Social_engineering_(computer_security)   (418 words)

  
 Social engineering attacks: What we can learn from Kevin Mitnick   (Site not responding. Last check: 2007-10-20)
As a result, the social engineer is able to take advantage of people to obtain information with or without the use of technology." While the ILOVEYOU attack was a virus attack, it also used social engineering -- exploiting the weakness that curious people that would click on an e-mail attachment.
A social engineer would call the person on the phone and pretend to work for the bank or company that issued the card.
For the social engineer, this is much safer, much faster and can be done without leaving their house.
searchsecurity.techtarget.com /tip/1,289483,sid14_gci865450,00.html   (903 words)

  
 Fred Cohen 'Computer Security Encyclopedia. Computer Viruses.' (VX heavens)   (Site not responding. Last check: 2007-10-20)
Throughout the 1960s and 1970s, there were a few experiments with computer viruses and similar phenomena in a piecemeal fashion, but the first scientific work to concentrate on the protection aspects of viruses and the difficulties in defending against them was a paper in 1984 [1].
Computer virus researchers have a very hard time finding environments where legitimate experiments are allowed, and several early feasibility studies were shut down without a reason being given [1][70].
Gleissner, "A Mathematical Theory for the Spread of Computer Viruses", "Computers and Security", IFIP TC-11, V8#1, Jan. 1989 pp35-41.
vx.netlux.org /lib/afc04.html   (9819 words)

  
 Amazon.com: The Art of Deception: Controlling the Human Element of Security: Books: Kevin D. Mitnick,William L. ...   (Site not responding. Last check: 2007-10-20)
As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's descriptions of how he actually hacked into systems.
Social engineering is a method of gaining someone's trust by lying to them and then abusing that trust for malicious purposes - primarily gaining access to systems.
Too many security consultants and businesses focus time and money in hardware and software solutions, when the reality is that social engineering is the tool that can make all of that worthless and for naught.
www.amazon.com /exec/obidos/tg/detail/-/0471237124?v=glance   (3052 words)

  
 Berkeley Lab Computer Protection Program
The Computer Protection Program (CPP) administers the Laboratory's computer security program and provides the Laboratory community with technical expertise, and up-to-date information and resources for improving computer security and cybersecurity awareness.
Employees who process protected information, such as social security numbers, personal health information, contract-sensitive information (such as procurement information) or information protected by certain other agreements (such as certain Non Disclosure Agreements), must not enable "Search Across Computers" because this information requires a higher degree of assurance than can be provided on this free service.
Computer systems connected to the LBNL network must meet minimum security requirements or they will not be allowed on the network.
www.lbl.gov /ICSD/Security   (536 words)

  
 Home Computer Security
Instead, it goes from your computer to another computer to still another computer and so on, eventually reaching his or her computer.
Some of this mail uses social engineering to tell you of a contest that you may have won or the details of a product that you might like.
Just like the security guard who learns that anybody with a company photo ID is allowed to pass, you too can create firewall rules that allow traffic to pass without reviewing each packet each time.
www.cert.org /homeusers/HomeComputerSecurity   (12023 words)

  
 Schneier on Security: Social Engineering Via Voicemail
While spam is a social engineering attack in the sense that it tries to get you to buy something, the same could be said for regular advertising, which a lot of people wouldn't classify as an SE attack.
However, the part that really makes this an "social engineering attack" is the fact that the caller deliberately makes it sound like they are giving a hot tip to a personal friend.
All spam is definitely not a social engineering attack; but of course a lot of it is. It is definitely an attack since it tries to subvert the system through social engineering.
www.schneier.com /blog/archives/2005/05/social_engineer_2.html   (2225 words)

  
 Schneier on Security: Weird Computer-Worm Social Engineering Story
A child porn offender in Germany turned himself in to the police after mistaking an email he received from a computer worm for an official warning that he was under investigation....
Social engineering is so pervasive, people even do it to themselves...
So, yes, social engineering (such as this worm, or other less nefarious types, such as horoscopes, cold-reading, etc) works in part because people share a lot in common with one another, that they each believe is theirs alone.
www.schneier.com /blog/archives/2005/12/weird_computerw.html   (1097 words)

  
 Security Forums :: View topic - Poor Effort at Social Engineering
Here is an example of an attempt at social engineering that is currently being attempted in Australia.
The objective of this broad survey is to gain an understanding of Australian Commonwealth service attitudes towards the use of computers.
Simply reply to this email and answer the questions in relation to the computer you are answering them from.
www.security-forums.com /viewtopic.php?t=1712   (854 words)

  
 Dark Reading - Host security - Social Engineering, the USB Way - Security
In the past we had used a variety of social engineering tactics to compromise a network.
We heard that employees were talking within the credit union and were telling each other that somebody was going to test the security of the network, including the people element.
Of all the social engineering efforts we have performed over the years, I always had to worry about being caught, getting detained by the police, or not getting anything of value.
www.darkreading.com /document.asp?doc_id=95556&WT.svl=column1_1   (1099 words)

  
 Personal Computer Security, howtos and tutorials :: Social engineering reloaded   (Site not responding. Last check: 2007-10-20)
Currently working as a System Security Engineer with the DoD and as an independent publisher.
The purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years.
A case study of a typical Fortune 1000 company will be discussed, putting emphasis on the importance of education about social engineering for every corporate security program.
www.elamb.org /blog/_archives/2006/3/22/1834615.html   (246 words)

  
 SANS InfoSec Reading Room - Social Engineering
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large.
The Threat of Social Engineering and Your Defense Against It
The Use of Social Engineering as a Means of Violating Computer Systems
www.sans.org /rr/catindex.php?cat_id=51   (162 words)

  
 US-CERT Cyber Security Tip ST04-014 -- Avoiding Social Engineering and Phishing Attacks
Do not give sensitive information to anyone unless you are sure that they are indeed who they claim to be and that they should have access to the information.
To launch a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems.
An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity.
www.us-cert.gov /cas/tips/ST04-014.html   (510 words)

  
 Computer Security Products: Social Engineering Testing   (Site not responding. Last check: 2007-10-20)
As corporate network security becomes more stringent, the quest for vital information to break through network defences becomes harder.
By deploying social engineering techniques, malefactors are able to exploit weaknesses, not in software or hardware but in the people that work with the Information System.
HarrierZeuros Social Engineering Testing is split into three areas - Trusted Person Testing, Request Testing and Guided Suggestion Testing.
www.itsecurity.com /archive/products/prod1020.htm   (92 words)

  
 Computer Engineering Security So...   (Site not responding. Last check: 2007-10-20)
But more important, during the last year the company has made measurable progress in improving the quality of its software code, according to many computer security specialists and customers.
In the next several decades, another country from the East will take over the mantle, and America will be consigned to mediocrity and irrelevance.
One might have a vague understanding of what it's used for, and a general sense of security around some vague concept that it's read-only information.
www.elevatedcomputing.ca /index.php?C=computer-engineering-security-so...   (327 words)

  
 The human side of computer security
What is the weakest link of your computer system security?
No warranties, implied or actual, are granted for any use of the information and software in this article and neither author nor publisher is responsible for any damages, either consequential or incidental, with respect to use of the information and software contained herein.
Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and
www.wkeys.com /articles/swol/Jul_99.html   (2903 words)

  
 Social engineering (computer security)
Networking Security / Firewall / IDS / VPN / Routers
However, even this might not be necessary - in an Infosecurity survey, 90% of office workers gave away their password in exchange for a cheap pen.
Perhaps the largest-scale social engineering attack in recent years surrounds Messenger Plus!
www.datastronghold.com /articles/Socialengineeringcomputersecurity.html   (462 words)

  
 About Computer Security Encyclopedia   (Site not responding. Last check: 2007-10-20)
All kinds of weirdos can now readily learn the skills once possessed only by those with an intense love of computers.
You need to get informed and get equipped, and you need to do it now.
There are a lot of "Hacker" CDs out there that will tell you what Hackers do and how they do it, but the Computer Security Encyclopedia is the only one aimed at detecting and preventing hacker attacks!
www.artofhacking.com /cse-info.htm   (172 words)

Try your search on: Qwika (all wikis)

Factbites
  About us   |   Why use us?   |   Reviews   |   Press   |   Contact us  
Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.