The Art of Deception

A couple of days ago I decided to go through all of the security forums on techexams.net to get the best links and see what else I have missed.
I found some very interesting posts and some were talking about Kevin Mitnick.
I had never heard of Kevin Mitnick before and the books got good reviews from a lot of people on here so I decided to order both:
The Art of Deception and The Art of Intrusion
I have read The Art of Deception and I am impressed. I would have never in my dreams thought about Social Engineering being such a big thing. I have only started looking into the security field a couple month ago and have finally found what I want to do. As soon as I am done writing this post I am going to start The Art of Intrusion. If it is only half as interesting as The Art of Deception than it was worth buying those two books. After I was done reading the book and thought about all the different places I have worked and how much information we have given out I am really intereseted if we have ever given out information to a Social Engineer.
Thank you for receommending the books! I think people should recommend books like that more often on here (Oprah, no punt intended)!
Here I guess comes the question that I have actually had. Who has ever been in a situation where a user actually had been confronted by a Social Engineer? (if it was discovered). All of you that worked in the security field for a while. How many instances have you had reports about attempts to get information?
Thanks,
Mike
I found some very interesting posts and some were talking about Kevin Mitnick.
I had never heard of Kevin Mitnick before and the books got good reviews from a lot of people on here so I decided to order both:
The Art of Deception and The Art of Intrusion
I have read The Art of Deception and I am impressed. I would have never in my dreams thought about Social Engineering being such a big thing. I have only started looking into the security field a couple month ago and have finally found what I want to do. As soon as I am done writing this post I am going to start The Art of Intrusion. If it is only half as interesting as The Art of Deception than it was worth buying those two books. After I was done reading the book and thought about all the different places I have worked and how much information we have given out I am really intereseted if we have ever given out information to a Social Engineer.
Thank you for receommending the books! I think people should recommend books like that more often on here (Oprah, no punt intended)!
Here I guess comes the question that I have actually had. Who has ever been in a situation where a user actually had been confronted by a Social Engineer? (if it was discovered). All of you that worked in the security field for a while. How many instances have you had reports about attempts to get information?
Thanks,
Mike
Comments
Mitnick and his buddy Steve Wozniak are guests in the current TWiT (This Week in Tech) podcast with Leo Laporte. http://thisweekintech.com/
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Stealing the Network: How To Own the Box
Stealing the Network: How To Own a Continent
Stealing the Network: How To Own an Identity
I could not stop reading these books once I started on the first one. You can read them seperately, but it is very interesting to read them in the order I have listed.
It can be bothersome at times.
I was at lockheed the other day and you could tell that most of the people there were highly trained individuals who knew what they were doing. Being behind those walls felt like a prison...security can be a scary thing.
KG
Greetz
Well worth reading for security concious admins
I agree, The Art of Deception, is a really good book.
Kenny
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA