Monday, February 21, 2005

Social Engineering

What is Social Engineering.

The Art of Deception by Kevin Mitnick


Here’s the example scene.

Kutimang just met Kulari somewhere on the net. Kutimang is an ordinary end user and Kulari is an expert.

Note that ‘<-’ is a cornering question use by Kulari to gather as much information about Kutimang system for future attack.

Kutimang : Kenapa aku tak boleh masuk account webmail aku ha?

Kulari : Ohh. Mungkin sebab antivirus kau yang block kot. Kau pakai antivirus aper?<-

Kutimang: Ooo..ye ke..aku pakai antivirus KABELUPUKOM (kasi bersih lu punya komputer).

Kulari: Eh, aku pun pakai antivirus tu jugak. Ok je. Kau ada letak apa-apa lagi ni. Mesti kau ada pakai firewall lain kan.<-

Kutimang: Takde pun. Aku pakai standard firewall windows XP tu je.

Kulari: Kadang-kadang web browser pun memainkan peranan penting. Still pakai Internet Explorer lagi eh?<-

Kutimang: Ha’aa..aku malas nak tukar. Still dengan IE 5.0.


Do not give away your system information to someone you don’t know.

1 comment:

AuRuM said...

oh... begitu yer???