The Student's Opinion

The Student teaches.

Tuesday, July 25, 2006

Interests

On the Web these days, as I mentioned previously, there is always buzz going on about Web 2.0 in the background, making it the biggest thing. However, with the HOPE conference that was on last week, a lot of focus on the web has shifted to hacking.

A lot of stories about Social Engineering have been floating around lately.
Firstly, I love these kinds of stories. Social Engineering greatly interests me, because while I think it takes skill to break a network, it takes more skill to make legitimate users inadvertently break the network.

So for those who don't know what Social Engineering is;
Social engineering is the practice of obtaining confidential information by manipulation of legitimate users.

The best social engineering story that I've ever read however, was this one:
http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1

It's about a man who is approached by a firm to test the security of the company by employing social engineering tactics to gain access to their network.
As the author says in the article, usually they would sweet talk a receptionist, or just walk into an empty room and "jack in" to their network. However he took it one step further, by using compromised USB flash drives, and human nature.
Read it, interesting stuff. I think its amazing how these people can manipulate the beliefs of people that everybody is innocent.


So like I said, a lot of focus is about hacking now because of HOPE (Hackers on Planet Earth conference) just passing. In fact one story I heard from HOPE contained the FBI, and a speaker who claimed he could show the audience how to find over 500 pages of personal information of people, from the internet.

This guy claimed he could show these people how to find lots of personal information using basic tools available for free on the internet in 30 minutes, however about five minutes before he began his talk, some FBI officials turned up and lead him away in handcuffs. Nobody knows why.
If you're thinking "Well its obvious, its because he was showing people how to hack". You could say that, however what you don't realise is that HOPE is held every two years to make people aware of various ways to compromise security virtually, so that people can go away from the conference and come up with ways to stop these before the techniques displayed become mainstream. This conference is held with knowledge of the US Government, and as such isn't illegal (it's been running for 10 years now and hasn't been shut down).


With the combination made by this flow of news and the factor of career-choice being forced upon us at school, I've sussed out a possible career, and that is Network Analyst.
When I went on Work Experience a while ago, I got a little bit of experience with network analysis, and I found it pretty interesting. If not Network Analyst, I'd like to be involved with networking because of the sheer interest.

http://www.twit.tv/
http://www.grc.com/securitynow.htm

0 Comments:

Post a Comment

<< Home