Friday 1 February 2013

The Art of Deception

The Art of Deception


ArtofDeception.JPGThe Art of Deception is a book by Kevin Mitnick that covers the art of social engineering. Part of the book is composed of real stories, and examples of how social engineering can be combined with hacking.
All, or nearly all, of the examples are fictional, but quite plausible. They expose the ease with which a skilled social engineer can subvert many rules most people take for granted. A few examples:
  • A person gets out of a speeding ticket by fooling the police into revealing a time when the arresting officer will be out of town, and then requesting a court date coinciding with that time.
  • A person gains access to a company's internal computer system, guarded by a password that changes daily, by waiting for a snowstorm and then calling the network center posing as a snowed-in employee who wants to work from home, tricking the operator into revealing today's password and access through duplicity
  • A person gains lots of proprietary information about a start-up company by waiting until the CEO is out of town, and then showing up at the company headquarters pretending to be a close friend and business associate of the CEO.
  • A person gains access to a restricted area by approaching the door carrying a large box of books, and relying on people's propensity to hold the door open for others in that situation.
This book also, after giving an example, will tell what tricked/conned the victims of the scam, and how to prevent it in real life or business.
The book ends with Mitnick's strategy and business plans to prevent most if not all of the scams in the book



Seni penipuan 




.    Seni penipuan adalah sebuah buku oleh Kevin Mitnick yang mencakup seni rekayasa sosial. Bagian dari buku ini terdiri dari kisah nyata, dan contoh bagaimana rekayasa sosial dapat dikombinasikan dengan hacking. Semua, atau hampir semua, contoh adalah fiksi, tapi cukup masuk akal. Mereka mengekspos kemudahan dengan mana seorang insinyur sosial yang terampil dapat menumbangkan banyak aturan yang kebanyakan orang mengambil untuk diberikan. Beberapa contoh: * seseorang keluar tilang oleh membodohi polisi ke mengungkapkan waktu ketika petugas menangkap akan keluar kota, dan kemudian meminta pengadilan tanggal yang bertepatan dengan saat itu. * Orang memperoleh akses ke sistem internal komputer perusahaan, yang dijaga oleh password yang berganti setiap hari, dengan menunggu badai salju dan kemudian memanggil pusat jaringan yang menyamar sebagai salju turun di karyawan yang ingin bekerja dari rumah, menipu operator agar mengungkapkan hari sandi dan akses melalui kepalsuan * seseorang mendapatkan banyak informasi tentang perusahaan start-up dengan menunggu PBB

 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)