A job well done

So, two penetration tests done for my client and this time around I've kept a 20 year security pen tester out of their domain after making changes based on the original recommendations and he can't do 95% of the things he was able to do before! At their DR site across the city where they have safeboot installed on all machines he couldn't do anything at all (not even get local admin passwords from the SAM) and wanted to go home at 3 in the afternoon

He tried a bit of social engineering on my clients site as well. He borrowed a British Telecom workmans jacket and went to downstairs reception asking for riser access in the basement to do work for the customer. The police were called after some checks were made about his identity. Classic!

The IT manager there thanked me for my work this year on getting the majority of the issues ironed out!

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

RussS

Good stuff Pash

Ahriakin

Excellent work

bertieb

Excellent work Pash.

It's always good to 'stop' a seasoned pen/security tester and get a glowing report , though I haven't yet had someone call the police about them

sprkymrk

Very nice, have a Caramel Mocha Latte on me! You just have to come to Charleston, SC, USA to get it.

KGhaleon

Awesome work.

arwes

Awesome work man! We had a pen test done at the hospital I used to work for. I was doing night shift backup work and the guy was ping flooding our patient accounting servers! That was fun explaining to the ER why the servers were so slow.

Our nurses didn't react quite the same as your employees to social engineering.

The guy threw on a suit, told them he was from the IT department and needed their computer for a second. He then printed out a few pages of patient info and gave it to our IT director. That was a wee bit embarrassing.

Shortly before we got bought out (and downsized), we were looking at proximity based authentication for our volunteers at the welcome area. They would go to the restroom and come back to find a visitor using their workstation. Not good.

gojericho0

great job...the only thing that would top that is if the guy was TAZED once the police arrived

dynamik

That sounds like it was fun and exciting as well as being quite an accomplishment. Nice going!

I can't let Mark's generosity go unmatched, so I'm willing to donate $4 towards a plane ticket to SC

vCole

Awesome!

Pash

Thanks very much guys

This site is like a rock for me when I need to refresh my brain, ask or answer a question and have good laugh sometimes. Thanks.

snadam

that sounds like fun! AND you get praise! Congrats!